urlscan.io logo urlscan.io
SecurityTrails logo

www.blueleaf.com Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blueleafassistance.digital/
Effective URL: https://www.blueleaf.com/
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 3 countries across 36 domains to perform 139 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is www.blueleaf.com.
TLS certificate: Issued by E5 on November 21st 2024. Valid for: 3 months.
This is the only time www.blueleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
52 141.193.213.10 209242 (CLOUDFLAR...)
1 2a04:4e42::644 54113 (FASTLY)
6 2600:1408:c40... 20940 (AKAMAI-AS...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
7 104.19.148.8 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 172.253.122.95 15169 (GOOGLE)
3 18.160.18.33 16509 (AMAZON-02)
1 18.160.41.58 16509 (AMAZON-02)
3 194.145.183.49 24971 (MASTER-AS...)
2 172.67.72.173 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2400:52e0:1a0... 200325 (BunnyCDN ...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.167.56.49 16509 (AMAZON-02)
6 3.16.105.22 16509 (AMAZON-02)
1 18.165.98.104 16509 (AMAZON-02)
1 18.67.65.33 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 6 2600:9000:26c... 16509 (AMAZON-02)
13 16 2600:1f18:61c... 14618 (AMAZON-AES)
2 2600:1f18:61c... 14618 (AMAZON-AES)
1 18.210.207.129 14618 (AMAZON-AES)
1 2 35.211.202.130 15169 (GOOGLE)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 172.253.63.154 15169 (GOOGLE)
1 2 104.18.27.193 13335 (CLOUDFLAR...)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 70.42.32.127 22075 (AS-OUTBRAIN)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 2 2001:4998:14:... 14777 (YAHOO)
1 141.226.224.48 200478 (TABOOLA-A...)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2 68.67.161.208 29990 (ASN-APPNEX)
2 142.251.163.138 15169 (GOOGLE)
139 42
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
blueleafassistance.digital
52    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
www.blueleaf.com
1    2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
6    2600:1408:c400:29::17da:da44 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
use.typekit.net
p.typekit.net
3    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c21::5f (Washington, United States)

ASN15169 (GOOGLE, US)
maps.googleapis.com
7    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
js-na1.hs-scripts.com
3    172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net
maps.googleapis.com
3    18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net
js.driftt.com
1    18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net
static.hotjar.com
3    194.145.183.49 (Czech Republic)

ASN24971 (MASTER-AS Master Internet s.r.o., CZ)
PTR: chewie.imper.cz
t.leady.com
2    172.67.72.173 (United States)

ASN13335 (CLOUDFLARENET, US)
tracker.metricool.com
1    2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)
a.omappapi.com
3    2607:f8b0:4004:c1f::66 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c21::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    3.167.56.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-49.iad61.r.cloudfront.net
script.hotjar.com
6    3.16.105.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-105-22.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
1    18.165.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-104.iad55.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.67.65.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-33.iad89.r.cloudfront.net
assets-tracking.crazyegg.com
2    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
track.hubspot.com
6    2600:9000:26c1:4400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
16    2600:1f18:61c0:2205:88c9:6a56:c096:6fde (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
2    2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
x.adroll.com
1    18.210.207.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-207-129.compute-1.amazonaws.com
ipv4.d.adroll.com
2    35.211.202.130 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 130.202.211.35.bc.googleusercontent.com
x.bidswitch.net
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
2    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
ups.analytics.yahoo.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.161.208 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    142.251.163.138 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f138.1e100.net
analytics.google.com
Apex Domain
Subdomains		 Transfer
52 blueleaf.com
www.blueleaf.com
47 MB
25 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
x.adroll.com — Cisco Umbrella Rank: 3549
ipv4.d.adroll.com — Cisco Umbrella Rank: 12775
54 KB
15 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2604
tracking.crazyegg.com — Cisco Umbrella Rank: 4586
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5885
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5780
82 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
p.typekit.net — Cisco Umbrella Rank: 571
70 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
1 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 142
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 466
194 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 470
1 KB
3 leady.com
t.leady.com — Cisco Umbrella Rank: 267021
4 KB
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 7118
62 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
381 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
982 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
596 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 525
530 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
830 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 607
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
837 B
2 hubspot.com
forms.hubspot.com — Cisco Umbrella Rank: 6196
track.hubspot.com — Cisco Umbrella Rank: 2477
3 KB
2 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6331
20 KB
2 metricool.com
tracker.metricool.com — Cisco Umbrella Rank: 22820
4 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
62 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
js-na1.hs-scripts.com — Cisco Umbrella Rank: 6680
2 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1304
365 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 886
587 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 897
360 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
1 KB
1 pippio.com
pippio.com — Cisco Umbrella Rank: 805
633 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
26 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5955
92 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
26 KB
1 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4773
144 KB
1 blueleafassistance.digital
blueleafassistance.digital
302 B
0 oribi.io Failed
cdn.oribi.io Failed
139 36
Domain Requested by
52 www.blueleaf.com www.blueleaf.com
script.crazyegg.com
16 d.adroll.com 13 redirects s.adroll.com
7 script.crazyegg.com www.blueleaf.com
script.crazyegg.com
6 s.adroll.com 1 redirects www.blueleaf.com
s.adroll.com
6 tracking.crazyegg.com script.crazyegg.com
5 analytics.google.com www.googletagmanager.com
5 use.typekit.net www.blueleaf.com
use.typekit.net
4 maps.googleapis.com www.blueleaf.com
maps.googleapis.com
3 pixel.tapad.com 2 redirects
3 t.leady.com www.blueleaf.com
t.leady.com
3 js.driftt.com www.blueleaf.com
js.driftt.com
3 www.googletagmanager.com www.blueleaf.com
www.googletagmanager.com
2 ib.adnxs.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 us-u.openx.net 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 match.adsrvr.org 2 redirects
2 x.bidswitch.net 1 redirects
2 x.adroll.com s.adroll.com
2 td.doubleclick.net www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 a.omappapi.com www.blueleaf.com
a.omappapi.com
2 tracker.metricool.com www.blueleaf.com
1 sync.taboola.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 pippio.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 ipv4.d.adroll.com
1 track.hubspot.com
1 js-na1.hs-scripts.com js.hs-analytics.net
1 forms.hubspot.com js.hsleadflows.net
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 script.hotjar.com static.hotjar.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 static.hotjar.com www.blueleaf.com
1 p.typekit.net use.typekit.net
1 js.hs-scripts.com www.blueleaf.com
1 fast.wistia.com www.blueleaf.com
1 blueleafassistance.digital 1 redirects
0 cdn.oribi.io Failed www.blueleaf.com
139 48

This site contains links to these domains. Also see Links.

Domain
blog.blueleaf.com
pages.blueleaf.com
secure.blueleaf.com
support.blueleaf.com
Subject Issuer Validity Valid
www.blueleaf.com
E5		 2024-11-21 -
2025-02-19		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-17 -
2025-11-17		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
script.crazyegg.com
E5		 2024-11-27 -
2025-02-25		 3 months crt.sh
hs-scripts.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
drift.com
Amazon RSA 2048 M03		 2024-07-30 -
2025-08-27		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
t.leady.com
R10		 2024-11-22 -
2025-02-20		 3 months crt.sh
metricool.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
hs-banner.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
hsleadflows.net
WE1		 2024-11-27 -
2025-02-25		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
a.omappapi.com
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2024-06-30 -
2025-07-30		 a year crt.sh
hubspot.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M02		 2024-07-03 -
2025-07-31		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.blueleaf.com/
Frame ID: 030235279C11CBE1A1E205E66661CFC8
Requests: 127 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-EH2GV8F2Q1&gacid=1851404981.1733238782&gtm=45je4bk0v890332678za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=160622797
Frame ID: 3708849A5BE92C83690DD309F3B0D223
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-R1K4RHNMHL&gacid=1851404981.1733238782&gtm=45je4bk0v890332313za200zb890332678&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1416488374
Frame ID: 6CC235118699A910F5DAAD8CFFDCD48D
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=pp44gfupkihz&eId=pp44gfupkihz&region=US&forceShow=false&skipCampaigns=false&sessionId=8fc11f95-3d17-4f17-b1ba-cd797919bdd1&sessionStarted=1733238793.66&campaignRefreshToken=42731cdf-c6c6-4c58-aa41-52d06ea54f85&hideController=false&pageLoadStartTime=1733238780805&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.blueleaf.com%2F
Frame ID: 82B0696B64C45CADD77970C53E021118
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1733238780805
Frame ID: CEC1C70C23CB8AECFAD3287732948662
Requests: 1 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
Frame ID: 9ADD10AC90AE944A17CDD6498006A59D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blueleaf

Page URL History Show full URLs

  1. https://blueleafassistance.digital/ HTTP 301
    https://www.blueleaf.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

85 %
HTTPS

39 %
IPv6

36
Domains

48
Subdomains

42
IPs

3
Countries

49042 kB
Transfer

74664 kB
Size

66
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blueleafassistance.digital/ HTTP 301
    https://www.blueleaf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://s.adroll.com/j/pre/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 113
  • https://d.adroll.com/cm/b/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
Request Chain 114
  • https://d.adroll.com/cm/experian/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=420dc9e3-26c7-4571-baa0-46d5a22053aa&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%2C%2C
Request Chain 115
  • https://d.adroll.com/cm/g/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=ZylmQUMxHDhl99xgOJGhsw HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 116
  • https://d.adroll.com/cm/index/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795&C=1
Request Chain 117
  • https://d.adroll.com/cm/l/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=6729664143311c3865f7dc603891a1b3 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjMQABoNCIzAvLoGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040&expected_cookie=603417c7-188e-421a-8758-1bcd9ab12680
Request Chain 118
  • https://d.adroll.com/cm/n/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expires=365
Request Chain 119
  • https://d.adroll.com/cm/o/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent=&cc=1
Request Chain 120
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 121
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 122
  • https://d.adroll.com/cm/r/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 123
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
Request Chain 124
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 125
  • https://d.adroll.com/cm/x/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7 HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.blueleaf.com/
Redirect Chain
  • https://blueleafassistance.digital/
  • https://www.blueleaf.com/
485 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
76baed3ff846e739333ed4248bf0a17ac4e930a32f699cc9d94ce6ecc61ee4e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
3954
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10800, must-revalidate
cf-cache-status
HIT
cf-ray
8ec47f8b0decdaf9-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 15:13:00 GMT
last-modified
Tue, 03 Dec 2024 12:33:04 GMT
link
<https://www.blueleaf.com/wp-json/>; rel="https://api.w.org/" <https://www.blueleaf.com/wp-json/wp/v2/pages/4223>; rel="alternate"; title="JSON"; type="application/json" <https://www.blueleaf.com/>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
MISS
x-cache-group
bot
x-cacheable
bot
x-powered-by
WP Engine

Redirect headers

Connection
close
Content-Length
60
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Dec 2024 15:13:00 GMT
Location
https://www.blueleaf.com/
Server
ip-10-123-125-129.ec2.internal
Vary
Accept-Encoding
X-Request-Id
cea345e0-6a8d-4e06-9b19-eaf7dc71ae30
iphone.svg
www.blueleaf.com/wp-content/uploads/2019/04/ 		71 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2019/04/iphone.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed497e20396e23084be19923227db1063adb93cedede62bdba85f6cfa6170b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f21-11acf"
age
7528476
cf-ray
8ec47f8bcebbdaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:45 GMT
logo-blue.svg
www.blueleaf.com/wp-content/themes/blueleaf/resources/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/resources/images/logo-blue.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3863591a4e6bc67e007ec2f346d1dda7df47080638b46a5375074803913974b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f26-fc4"
age
10178212
cf-ray
8ec47f8bcebcdaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:50 GMT
logo.svg
www.blueleaf.com/wp-content/themes/blueleaf/resources/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/resources/images/logo.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb11a2e56c988d286727f0a652725b289a2ebabb8950aad986f75de0e652894

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f26-fac"
age
10178213
cf-ray
8ec47f8eda54daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:50 GMT
E-v1.js
fast.wistia.com/assets/external/ 		843 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bde8c262105b0b4001279d19d0aeab2915799d7869b34e2a07bfe6834aeefe3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
etag
"cfd47b28ccfe165b0a5c5a018a4ea672"
age
1773
x-cache
HIT, HIT
date
Tue, 03 Dec 2024 15:13:01 GMT
last-modified
Mon, 02 Dec 2024 19:42:50 GMT
x-served-by
cache-iad-kjyo7100144-IAD, cache-mia-kmia1760092-MIA
x-cache-hits
10, 584
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1733238781.388090,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
146816
asset-version
2650dc5bf327da38f4cca153240b15a522bb85c0
server
AmazonS3
x-amz-server-side-encryption
AES256
fss6xql.css
use.typekit.net/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/fss6xql.css
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
bdfceadb20fa502959872ed224f8d53dd84cd0bd61eb82c2aeb31b1d0e263ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1149
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
js
www.googletagmanager.com/gtag/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b903a5108b6008ea2b11e3dccba788a324aa9a412d0553f760aa210f6c632e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 15:13:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
123259
x-xss-protection
0
server
Google Tag Manager
frontend-gtag.min.js
www.blueleaf.com/wp-content/plugins/google-analytics-premium/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7790882b18f7b3e10750f4474dc1a13150a2ef8510ef4c2e3e52c5d5f776db87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"674b2892-2e76"
age
256607
cf-ray
8ec47f8febaadaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Sat, 30 Nov 2024 15:00:34 GMT
jquery.min.js
www.blueleaf.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"64ecd5ef-15601"
age
6323436
cf-ray
8ec47f8c4f3edaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
jquery-migrate.min.js
www.blueleaf.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6482bd64-3509"
age
10178212
cf-ray
8ec47f8c4f42daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
js
maps.googleapis.com/maps/api/ 		236 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCr172r1vfBXC8hgWjRIWH0ctHxXpV90xY&ver=6.6.1
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
b580efd0155568420094f37f187e054eda5ea43bc9662b4b5f94c8585cb559ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
a71c73d4
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81478
date
Tue, 03 Dec 2024 15:13:01 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/ 		399 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R1K4RHNMHL
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcd0419945a0bcc90a4de1523be2b544810ea4bebc00e333239aa2a295fe12cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 15:13:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132873
x-xss-protection
0
server
Google Tag Manager
1864.js
script.crazyegg.com/pages/scripts/0082/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0082/1864.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5e7e7cbbfbef903e33d65a7534c896df34bfcf1241827ad2ae4227662fe91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
2552
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
text/javascript
last-modified
Tue, 03 Dec 2024 14:17:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8ec47f907877746b-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2481
ce-version
11.5.324
server
cloudflare
white-charles-schwab.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-charles-schwab.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bfb36861303972a1f852dcae969a88e0d736d02bd2b48e1beb746ff6e16db2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-29f9"
age
10178212
cf-ray
8ec47f8c4f45daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-fidelity.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-fidelity.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff4de441699f754af67e95ca98f50c300dd9b9307e944af33a05b0b9fbe5511

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-2697"
age
1608380
cf-ray
8ec47f8c4f48daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-interactive-brokes.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-interactive-brokes.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e0031e28ecaf84ed1684d2ed488cdbe8b985bf2034d5614454262c71c445da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-311d"
age
10178212
cf-ray
8ec47f8cbfbddaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-national-financial.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		29 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-national-financial.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba4e88cf406b0c6307bf83de00b8f91eed255e0586bc1cc39cbe0ccc0b13130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-735b"
age
2278503
cf-ray
8ec47f8cbfc8daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-bny-mellon-pershing.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-bny-mellon-pershing.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1314b65523c55a93b4dfd438a8e91c80ec370ae3d2750a3b45930e01c1ccb538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-1e9f"
age
10178212
cf-ray
8ec47f8d0821daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-raymond-james.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-raymond-james.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708fce6a1c0c91cb0c5af05846215fabfb7006418146786ca16b8a5a34ca52b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-1faf"
age
10178213
cf-ray
8ec47f8febb1daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
bl-advantage.png
www.blueleaf.com/wp-content/uploads/2023/12/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/12/bl-advantage.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b0548a25b293419dcba74ad5d8f83fa153d0386f7feb3feaf4ac00fca0b4ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"657111d2-17905"
age
347190
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=96517
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/webp
content-disposition
inline; filename="bl-advantage.webp"
vary
Accept
last-modified
Thu, 07 Dec 2023 00:29:06 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f8c4f49daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29400
server
cloudflare
elise-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/elise-logo-138x44-cropped.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7f9acbdff38db833c6d582719d327a1866d43ddd74204f18f8b02d224eb05a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb5-2625"
age
1655912
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=9765
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="elise-logo-138x44-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f8febb5daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6846
server
cloudflare
fairway-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/fairway-logo-138x44-cropped.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980c74cedd0725b72b22fddb82ce513eb343e984b4850dd6bf8bf0f143339dd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-76e"
age
10178213
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1902
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="fairway-logo-138x44-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f8febb8daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1576
server
cloudflare
CFP-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/CFP-logo-138x44-cropped.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec65fb4ee2300769a0bc7871dcca2a98806daf009c25bb8db2d9c4f365e6eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-578"
age
10178213
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1400
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="CFP-logo-138x44-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f8febbadaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
server
cloudflare
114468.js
js.hs-scripts.com/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/114468.js?integration=WordPress&ver=11.1.75
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc3790e39f46c2027c85a78447f8e91c6eddd9f480a9623cc14530ce2571f02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 15:14:31 GMT
date
Tue, 03 Dec 2024 15:13:01 GMT
x-hubspot-correlation-id
52a2ec70-9a4e-423f-8c39-a01c189b3906
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Tue, 03 Dec 2024 15:12:00 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8ec47f8e3a7b743a-MIA
accept-ranges
bytes
access-control-allow-origin
https://www.blueleaf.com
content-length
598
server
cloudflare
gtm4wp-form-move-tracker.js
www.blueleaf.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/ 		1 KB
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/plugins/duracelltomi-google-tag-manager/dist/js/gtm4wp-form-move-tracker.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"660eb1bf-472"
age
4396617
cf-ray
8ec47f8d78a2daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Thu, 04 Apr 2024 13:57:19 GMT
bundle-f2e853addd.js
www.blueleaf.com/wp-content/themes/blueleaf/dist/js/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/js/bundle-f2e853addd.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82aac15ff108b0688c710f986f12d0670e33fe6fc31b4b9eb3594684c9b69a62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-21bdd"
age
4923231
cf-ray
8ec47f8e096bdaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
lazyload.min.js
www.blueleaf.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"6669afe3-22bc"
age
10178213
cf-ray
8ec47f8febbddaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 12 Jun 2024 14:25:39 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=fss6xql&ht=tk&f=2003.2004.2005.2006.2007.2008.2009.2010.2011.2012.17398.17399.17400.17401&a=86990552&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fss6xql.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"665c70ef-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
text/css
last-modified
Sun, 02 Jun 2024 13:17:35 GMT
server
nginx
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCr172r1vfBXC8hgWjRIWH0ctHxXpV90xY&ver=6.6.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.blueleaf.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Tue, 03 Dec 2024 15:13:01 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
pp44gfupkihz.js
js.driftt.com/include/1733238900000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1733238900000/pp44gfupkihz.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a2db06993a81eb3ebd33897015d64c8ab5c9fcad5c3f8c4ad9329bce36440c4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
gzip
x-amz-version-id
yminFcCyQz19.9XIAb.JMjcjgNFzNrOJ
etag
W/"82011e1dd9ff7667aafa4871fd8b5ffe"
access-control-allow-methods
GET, POST, OPTIONS
x-cache
RefreshHit from cloudfront
x-amz-cf-id
YhhFVFgMwsjS51uyly92-24P9RdrBZeX3Ct_2o-9oPm6nKnNz_9hhQ==
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 19:25:25 GMT
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
x-envoy-upstream-service-time
44
access-control-allow-credentials
true
via
1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD12-P4
server
istio-envoy
x-amz-server-side-encryption
AES256
oribi.js
cdn.oribi.io/Xy0xODM5NTQwOTM4/ 		0
0
hotjar-469594.js
static.hotjar.com/c/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-469594.js?sv=5
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-58.iad55.r.cloudfront.net
Software
/
Resource Hash
9b918f10f013872fedaedf9b8cb09609bf87bfccf3ac96ea9802bd9910ff7967
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/7452c22a0c6ef4c6f077d997b4d255b9
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 6e44ac4753bea102fe3aae286f68acfe.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Ez9o113uPwud984yf77i9VIlPpivHFqBDoszM5R7vM2sWq21ohPO4A==
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
IAD55-P1
L.js
t.leady.com/STvag2oDJLHh7otx/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.leady.com/STvag2oDJLHh7otx/L.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Master Internet s.r.o., CZ),
Reverse DNS
chewie.imper.cz
Software
nginx /
Resource Hash
c58bf95e44cf97febc14f796577c93650940630354a7f9a6da0c93450e00154d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=21600
Content-Encoding
gzip
ETag
W/"6629333f-22e6"
Connection
keep-alive
Expires
Tue, 03 Dec 2024 21:13:02 GMT
Date
Tue, 03 Dec 2024 15:13:02 GMT
Content-Type
application/javascript
Last-Modified
Wed, 24 Apr 2024 16:28:47 GMT
Server
nginx
gtm.js
www.googletagmanager.com/ 		0
0
1864.js
script.crazyegg.com/pages/scripts/0082/ 		7 KB
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0082/1864.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c5e7e7cbbfbef903e33d65a7534c896df34bfcf1241827ad2ae4227662fe91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
2552
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
last-modified
Tue, 03 Dec 2024 14:17:30 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8ec47f90c908746b-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2481
ce-version
11.5.324
server
cloudflare
be.js
tracker.metricool.com/app/resources/ 		379 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.metricool.com/app/resources/be.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
28204
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1h1wnrhKCsPBXt2UzQt4Eu5oJ%2BFfI1taZtCoGjS0ORkbKWz0Do4pT7Bd%2B%2BeUrhK%2BBqElTn8%2F5pZoTMM3oqACWePFgHixbI1dIcISPxdIIPBO4iiY6USCpCXuHfH91TGIgb8wO169gA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 07:22:56 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29882&min_rtt=29769&rtt_var=11244&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4241&delivery_rate=109803&cwnd=12000&unsent_bytes=0&cid=7c52a0e268a88b94&ts=62&x=1", cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 15:20:06 GMT
vary
Accept-Encoding
content-security-policy
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ec47f909d538dd0-MIA
server
cloudflare
banner.js
js.hs-banner.com/v2/114468/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/114468/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/114468.js?integration=WordPress&ver=11.1.75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab6f78be141dd82a38b4a538cd993758cd41b36c75207a56536c6efe38af711

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
29eec57c-05b1-4777-acc5-f4cd704fb26f
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"e72ef1837ac33388ae953481e3a32b5b"
x-amz-version-id
cDob5Qn9nFlQOvVuIdeBwZ_TgXMdnu5K
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Tue, 03 Dec 2024 15:14:02 GMT
x-evy-trace-listener
listener_https
date
Tue, 03 Dec 2024 15:13:02 GMT
x-hubspot-correlation-id
29eec57c-05b1-4777-acc5-f4cd704fb26f
content-type
text/javascript; charset=UTF-8
last-modified
Sat, 20 Apr 2024 16:17:39 GMT
vary
origin, Accept-Encoding
x-amz-id-2
oJvkErbiwuz1Kd7kwLY3IUxjpC7FegIRRMivQR+/ZVXZYXWxfNKN897WCAxhvyQkeaWMsLCjTGCJOK2q4c7aPbnV32cwr23y9wtt6npCxC0=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-vhl7w
x-envoy-upstream-service-time
48
access-control-allow-credentials
true
x-amz-request-id
8B8H95HWT73C4N0W
cf-ray
8ec47f933c6ba52e-MIA
access-control-allow-origin
https://www.blueleaf.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
leadflows.js
js.hsleadflows.net/ 		550 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/114468.js?integration=WordPress&ver=11.1.75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.blueleaf.com
Referer
https://www.blueleaf.com/

Response headers

x-request-id
11f86bae-d804-4de6-a742-b44a5619ef53
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag
W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age
83896
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
V-iJEgALXZbrH0n6eoGzT9hopklANy4MTzPASoWPx3kKc_ns29THxg==
x-hubspot-correlation-id
11f86bae-d804-4de6-a742-b44a5619ef53
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 16:54:39 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=86400, max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-qg7nx
x-envoy-upstream-service-time
40
x-hs-target-asset
lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Tue, 03 Dec 2024 15:13:02 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8ebc7f52bb677496-MIA
via
1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
cf-ray
8ec47f933913dae1-MIA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
114468.js
js.hs-analytics.net/analytics/1733238600000/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1733238600000/114468.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/114468.js?integration=WordPress&ver=11.1.75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3819e96a1583a93dace929b1c600d67ef08a97e3459b806a9e0750e8c437dbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
938aa963-cff2-4a10-a546-b60b1fca54d3
content-encoding
gzip
cf-cache-status
HIT
etag
W/"18ed8cecbec8252a28787fd873a1e57a"
x-amz-version-id
null
expires
Tue, 03 Dec 2024 15:14:54 GMT
x-evy-trace-listener
listener_https
date
Tue, 03 Dec 2024 15:13:02 GMT
x-hubspot-correlation-id
938aa963-cff2-4a10-a546-b60b1fca54d3
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 20:38:01 GMT
vary
origin, Accept-Encoding
x-amz-id-2
01bNmAZDd+mXwFkwblH82KCplFYsgRrE6Bt0lIq1+whY/YEdxHOb2rQ4WJl+y0rFsPjSZOKjrW2ywrypKIyh6rX1l0GbKZ/B
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ng79d
x-envoy-upstream-service-time
37
access-control-allow-credentials
false
x-amz-request-id
TJQ2XJWR5ATJNTY7
cf-ray
8ec47f933ed921c1-MIA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
hero-video.mp4
www.blueleaf.com/wp-content/uploads/2023/11/ 		46 MB
46 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/hero-video.mp4
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.blueleaf.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"65709f22-2e68f9a"
age
10181551
Content-Range
bytes 0-48664473/48664474
cf-ray
8ec47f8ffbbedaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
Content-Length
48664474
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
video/mp4
last-modified
Wed, 06 Dec 2023 16:19:46 GMT
vary
Accept-Encoding
server
cloudflare
Elise-3-203x203-cropped.jpg
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/Elise-3-203x203-cropped.jpg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab76322122bb842bf9db8503b65045d73077fee296b98de51b03db5a8dc2b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb5-193d"
age
8520874
cf-cache-status
HIT
cf-polished
origSize=6461
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8ec47f900bdbdaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6440
server
cloudflare
Bob_4215-2-203x203-cropped.jpg
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/Bob_4215-2-203x203-cropped.jpg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf58f50585ff3c830d7881a41b97b6463053a5d25a10c8554f3d066ecd584dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-2037"
age
70384
cf-cache-status
HIT
cf-polished
origSize=8247
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8ec47f900bdfdaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8158
server
cloudflare
tim-smith-203x203-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/tim-smith-203x203-cropped.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff618c4c0bc06b97ce3d193f972f12bd58280339a9802b8f034522f9b3273512

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-342f"
age
904982
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=13359
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="tim-smith-203x203-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f900be2daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11480
server
cloudflare
rob-203x203-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/rob-203x203-cropped.png
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e826c0f05fba93b4e3b1ca5b3070bdec3b0154b88843196a3606e1bec3e98b58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-3e11"
age
1831703
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=15889
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="rob-203x203-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f900be3daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13388
server
cloudflare
ico-arrow-right-gray.svg
www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ 		287 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ico-arrow-right-gray.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e90955dc7703df738f980cd8d37c613863be3be5730e38e0deaa40d1c67442b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-11f"
age
10178213
cf-ray
8ec47f900be5daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
ico-arrow-left-gray.svg
www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ 		292 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ico-arrow-left-gray.svg
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8a8dd4d15decdf3a7bb09e849b49896ce9d970eae5edefd732897f197fb932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-124"
age
10178213
cf-ray
8ec47f900be7daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
l
use.typekit.net/af/a28b50/00000000000000000000e803/27/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a28b50/00000000000000000000e803/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fss6xql.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.blueleaf.com
Referer
https://use.typekit.net/fss6xql.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"a6c1fa20004e862da7c922781204c8a0ef8794a4"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
16808
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fss6xql.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.blueleaf.com
Referer
https://use.typekit.net/fss6xql.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"4577a8003f294766a3a783ec5fba19dc646ecf7c"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
17116
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/635674/00000000000000000000e800/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/635674/00000000000000000000e800/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fss6xql.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.blueleaf.com
Referer
https://use.typekit.net/fss6xql.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"aba4b344d0cef3fdee56ee0775c652fa5c0cf812"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
17944
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fss6xql.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.blueleaf.com
Referer
https://use.typekit.net/fss6xql.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"b5e7c2e377d10b344b022d96a04daef295e61ac1"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
17052
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/font-woff2
server
nginx
api.min.js
a.omappapi.com/app/js/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"673cdc01-bb7b"
cdn-fileserver
388
date
Tue, 03 Dec 2024 15:13:01 GMT
cdn-storageserver
NY-427
last-modified
Tue, 19 Nov 2024 18:42:09 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/19/2024 18:43:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
f555a01b9b52edafecd66bdfae0d1c4c
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
941
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
US
www.blueleaf.com.json
script.crazyegg.com/pages/data-scripts/0082/1864/site/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0082/1864/site/www.blueleaf.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/1864.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bfe4db954929d352e4de43aecb78294c7638b2cf382b3f40d49d7b34f490f07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
3174
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/json
last-modified
Tue, 03 Dec 2024 14:20:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8ec47f917e3a8e03-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1896
ce-version
11.5.324
server
cloudflare
c3po.jpg
tracker.metricool.com/ 		70 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.metricool.com/c3po.jpg?hash=b59177baf17cf8c87ba22046de88019e&u=https%3A%2F%2Fwww.blueleaf.com%2F&bw=1600&bh=1200
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-security-policy
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' https://metricool.com https://*.metricool.com https://client.crisp.chat https://*.paypal.com https://*.cardinalcommerce.com https://www.paypalobjects.com https://*.stripe.com https://b.stripecdn.com https://hcaptcha.com https://newassets.hcaptcha.com https://*.braintree-api.com https://*.braintreegateway.com https://*.googleapis.com https://*.google-analytics.com https://*.googlesyndication.com https://*.analytics.google.com https://*.profitwell.com https://*.userpilot.io wss://*.userpilot.io https://sessions.bugsnag.com https://api.rudderstack.com wss://client.relay.crisp.chat https://storage.crisp.chat https://analytics.tiktok.com https://www.gstatic.com https://cdn.rudderlabs.com https://static.ads-twitter.com https://www.google.com https://www.googletagmanager.com https://3ds.redsys.es https://stats.g.doubleclick.net https://www.facebook.com https://connect.facebook.net https://business.facebook.com https://api.twitter.com https://platform.twitter.com https://*.pexels.com https://dna8twue3dlxq.cloudfront.net https://d2wy8f7a9ursnm.cloudfront.net https://*.google.com https://jimmywarting.github.io https://*.cdninstagram.com https://*.fbcdn.net https://i.ytimg.com https://cc-embed.adobe.com https://new.express.adobe.com https://cc-api-data.adobe.io https://assets.adobedtm.com https://cdn.cookielaw.org https://www.adobe.com https://app.link;img-src https: data: blob:; media-src https: data: blob:; form-action https://tracker.metricool.com https://app.facebook.com https://www.facebook.com https://api.twitter.com https://www.x.com; font-src 'self' https://*.metricool.com https://fonts.gstatic.com https://client.crisp.chat data:; frame-ancestors https://*.metricool.com https://ads.tiktok.com https://new.express.adobe.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FwNc5YQB4RfD2Xa9mLNt8inqeKACSbbXtuyM28Hfvta0xk2Y2W2Rc8ckIhEcbJcgePAt6s3446FRM6FYN%2BQNpr44YGV%2FAHvwNI7F9mEfoGSYyc5ijLCq55GR4Ke467hHVEeNz%2FowA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ec47f914e498dd0-MIA
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31414&min_rtt=29769&rtt_var=6109&sent=14&recv=12&lost=0&retrans=0&sent_bytes=6550&recv_bytes=4821&delivery_rate=40707&cwnd=12000&unsent_bytes=0&cid=7c52a0e268a88b94&ts=346&x=1", cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EH2GV8F2Q1&gtm=45je4bk0v890332678za200&_p=1733238781238&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGIzZG&cid=1851404981.1733238782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733238781&sct=1&seg=0&dl=https%3A%2F%2Fwww.blueleaf.com%2F&dt=Blueleaf&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=1833
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EH2GV8F2Q1&cid=1851404981.1733238782&gtm=45je4bk0v890332678za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 3708 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-EH2GV8F2Q1&gacid=1851404981.1733238782&gtm=45je4bk0v890332678za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=160622797
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blueleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 15:13:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		399 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R1K4RHNMHL&l=dataLayer&cx=c&gtm=45je4bk0v890332678za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
088c95671c2121602fe451c5732353bd1836998369ecd47685a6880c69bf418d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 15:13:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
132855
x-xss-protection
0
server
Google Tag Manager
1db8eb7ffc8594e42c0729400701d1a8.js
script.crazyegg.com/pages/versioned/common-scripts/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/1864.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fff107db5298724b3acc76f374ab35db4ce90067347613a2ebbcbafd28caa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
HIT
age
3329
cf-ray
8ec47f932c1a746b-MIA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
36609
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 14:37:57 GMT
vary
Accept-Encoding
server
cloudflare
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-R1K4RHNMHL&gtm=45je4bk0v890332313za200zb890332678&_p=1733238781238&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGIzZG&cid=1851404981.1733238782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733238781&sct=1&seg=0&dl=https%3A%2F%2Fwww.blueleaf.com%2F&dt=Blueleaf&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1962
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R1K4RHNMHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R1K4RHNMHL&cid=1851404981.1733238782&gtm=45je4bk0v890332313za200zb890332678&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R1K4RHNMHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6CC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-R1K4RHNMHL&gacid=1851404981.1733238782&gtm=45je4bk0v890332313za200zb890332678&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1416488374
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R1K4RHNMHL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blueleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 15:13:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
www.blueleaf.com.json
script.crazyegg.com/pages/data-scripts/0082/1864/sampling/ 		156 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0082/1864/sampling/www.blueleaf.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d1b7d7fd8ec1d4e3db31e030a1499ad452f90683dd2fa485924c2f48be59e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-expose-headers
CE-Version
content-encoding
gzip
cf-cache-status
HIT
age
1145
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
application/json
last-modified
Tue, 03 Dec 2024 14:20:07 GMT
vary
Accept-Encoding
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8ec47f9429bf8e03-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
147
ce-version
11.5.324
server
cloudflare
modules.86621fa4aeada5bcf025.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-469594.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-49.iad61.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
1126855
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
vQyuGT9Efo72vIlDDdFZSywsYT9kkedN-_d2NhmJQrBNi2MZ40ju-w==
date
Wed, 20 Nov 2024 14:12:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 32a86417f344d7ce72f29ebf299d3192.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
IAD61-P5
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),
Reverse DNS
Software
BunnyCDN-IL1-1207 /
Resource Hash
bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"673cdbf7-2644"
cdn-fileserver
749
date
Tue, 03 Dec 2024 15:13:02 GMT
cdn-storageserver
NY-268
last-modified
Tue, 19 Nov 2024 18:41:59 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/19/2024 18:42:44
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
668285abf8b4e9473640a0982f508127
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
845
server
BunnyCDN-IL1-1207
cdn-requestcountrycode
US
clock
tracking.crazyegg.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?u=821864&st=319192&t=1733238782171&tk=a9cb421264f8872d8d11cb7d1ff5e375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blueleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
date
Tue, 03 Dec 2024 15:13:02 GMT
server
awselb/2.0
vary
Access-Control-Request-Headers, Origin, Access-Control-Request-Method
2035e167-6ad7-4e2d-b861-67e3475f3d35
https://www.blueleaf.com/ Frame 		0
0
clock
tracking.crazyegg.com/ 		39 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?u=821864&st=319192&t=1733238782171&tk=a9cb421264f8872d8d11cb7d1ff5e375
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
572d5bca95113b880357de2f9d2949e2cc5c1e008400fc630bb5d5177de6dd2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store
access-control-allow-origin
*
content-length
39
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/plain
server
awselb/2.0
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-104.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
10322340
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
FsRaOXZqX1idV3CBq40-zAUktKUKz8HngJePB6FCq3QZFS73wRJh9g==
date
Tue, 06 Aug 2024 03:54:03 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 2b7c8ceb84f453714fcea5cf4f7202c8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
IAD55-P4
server
AmazonS3
healthcheck
assets-tracking.crazyegg.com/ 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-33.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-max-age
31536000
access-control-expose-headers
Access-Control-Allow-Origin
etag
"d06f04fccf68d0b228a5923187ce1afd"
age
4274082
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
3YK-J67XWD_5dOYJJl75XmNnYhsxzUiqDbneqM2OYl63FVCgIUL9vg==
date
Tue, 15 Oct 2024 03:58:21 GMT
content-type
application/json
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
via
1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
x-amz-cf-pop
IAD89-P1
server
AmazonS3
L
t.leady.com/ 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.leady.com/L?k=STvag2oDJLHh7otx&d=i&s=58c9978d-297a-4759-b5d7-e25e84af3779&l=https%3A%2F%2Fwww.blueleaf.com%2F&r=&g=4741312e312e313835313430343938312e31373333323338373832&nc=0&12068
Requested by
Host: t.leady.com
URL: https://t.leady.com/STvag2oDJLHh7otx/L.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Master Internet s.r.o., CZ),
Reverse DNS
chewie.imper.cz
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Date
Tue, 03 Dec 2024 15:13:02 GMT
Server
nginx
Connection
keep-alive
78f69a16-849b-4db9-878e-67556822c863
https://www.blueleaf.com/ Frame 		0
0
cdc746c62076757bb4e3133b83f84f01.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/cdc746c62076757bb4e3133b83f84f01.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/1864.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2371b74e57f4690cc3ea0847772618a505fc224fcbada874b4f181dcc8c00a9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
HIT
age
3334
cf-ray
8ec47f972914746b-MIA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
8064
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/javascript
last-modified
Tue, 03 Dec 2024 13:51:28 GMT
vary
Accept-Encoding
server
cloudflare
12ea412648d1035437916ed41b2a74c7.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/12ea412648d1035437916ed41b2a74c7.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0082/1864.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b834587661f12a32b0f9b6bf0fe1b2895e7c62e8b2b28fa76e91605afd5ea4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
content-encoding
gzip
cf-cache-status
HIT
age
3330
cf-ray
8ec47f977962746b-MIA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
31395
date
Tue, 03 Dec 2024 15:13:02 GMT
content-type
text/javascript
last-modified
Thu, 21 Nov 2024 14:38:08 GMT
vary
Accept-Encoding
server
cloudflare
c563dbbd-283e-4601-8e64-28b3349e2dee
https://www.blueleaf.com/ Frame 		0
0
42cf26f1-0cf5-4660-b65a-68b7c13c4bb3
https://www.blueleaf.com/ Frame 		0
0
3630668d-75be-46d1-acc8-9ee4ab1cf248
https://www.blueleaf.com/ Frame 		0
0
v11
tracking.crazyegg.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=821864&st=319192&s=&ss=16f6be80-b189-11ef-a24a-bdc1ebf3e46f&p=7714ecbd87c3862adda959ad22203438&tk=a9cb421264f8872d8d11cb7d1ff5e375
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blueleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Authorization,Content-Type,Access-Control-Allow-Origin,Access-Control-Allow-Methods
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=86400
date
Tue, 03 Dec 2024 15:13:02 GMT
server
awselb/2.0
vary
Access-Control-Request-Headers, Origin, Access-Control-Request-Method
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=821864&st=319192&s=&ss=16f6be80-b189-11ef-a24a-bdc1ebf3e46f&p=7714ecbd87c3862adda959ad22203438&tk=a9cb421264f8872d8d11cb7d1ff5e375
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/gzip
Referer
https://www.blueleaf.com/

Response headers

access-control-allow-origin
*
content-length
0
date
Tue, 03 Dec 2024 15:13:03 GMT
content-type
text/plain
server
awselb/2.0
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=821864&st=319192&s=&ss=16f6be80-b189-11ef-a24a-bdc1ebf3e46f&p=7714ecbd87c3862adda959ad22203438&tk=a9cb421264f8872d8d11cb7d1ff5e375
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/gzip
Referer
https://www.blueleaf.com/

Response headers

access-control-allow-origin
*
content-length
0
date
Tue, 03 Dec 2024 15:13:04 GMT
content-type
text/plain
server
awselb/2.0
common.js
maps.googleapis.com/maps-api-v3/api/js/59/1/ 		268 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/1/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCr172r1vfBXC8hgWjRIWH0ctHxXpV90xY&ver=6.6.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
sffe /
Resource Hash
0061a2d076d7e51d46d0f48ecb18f343e53fbb63fc93b7851073fe1fe5c78bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
age
447
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 15:05:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:05:39 GMT
last-modified
Tue, 19 Nov 2024 01:42:57 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56787
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/59/1/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/59/1/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCr172r1vfBXC8hgWjRIWH0ctHxXpV90xY&ver=6.6.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f95.1e100.net
Software
sffe /
Resource Hash
7b367e5b3a94a7704b66f17adc9d8f44d1f19af96e59e8e528745b9dadc303d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-encoding
br
age
2838
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 14:25:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 14:25:48 GMT
last-modified
Tue, 19 Nov 2024 01:42:57 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59449
x-xss-protection
0
server
sffe
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=114468&currentUrl=https%3A%2F%2Fwww.blueleaf.com%2F
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4eb39933f746f6f2b7b81f0f91b22c9a6c76b088c7ae96ae7d773a48a13410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
b6ec6a02-52c5-4b3e-b024-32a55e256ef5
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d1qWz2PspQR5eRzjZYAAkwCL9%2BbkyLZg8y7jzTvvpw25XPScIi0hdtLJ%2BcjvjfrDEIgVx83hsaaxcV2kByObGMOo1PT2UHUZSVAyrtOfQ0cZMx8cHsfosDPaqSId8Ujgv9pgL86ZEgiqtJDnTlm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener
listener_https
date
Tue, 03 Dec 2024 15:13:12 GMT
x-hubspot-correlation-id
b6ec6a02-52c5-4b3e-b024-32a55e256ef5
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-f68sx
x-envoy-upstream-service-time
35
access-control-allow-credentials
false
cf-ray
8ec47fd4190d8d9a-MIA
access-control-allow-origin
https://www.blueleaf.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
iphone.svg
www.blueleaf.com/wp-content/uploads/2019/04/ 		71 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2019/04/iphone.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed497e20396e23084be19923227db1063adb93cedede62bdba85f6cfa6170b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f21-11acf"
age
7528476
cf-ray
8ec47f8bcebbdaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:45 GMT
logo-blue.svg
www.blueleaf.com/wp-content/themes/blueleaf/resources/images/ 		4 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/resources/images/logo-blue.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3863591a4e6bc67e007ec2f346d1dda7df47080638b46a5375074803913974b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f26-fc4"
age
10178212
cf-ray
8ec47f8bcebcdaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:50 GMT
logo.svg
www.blueleaf.com/wp-content/themes/blueleaf/resources/images/ 		4 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/resources/images/logo.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb11a2e56c988d286727f0a652725b289a2ebabb8950aad986f75de0e652894

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f26-fac"
age
10178213
cf-ray
8ec47f8eda54daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:50 GMT
white-charles-schwab.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		10 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-charles-schwab.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bfb36861303972a1f852dcae969a88e0d736d02bd2b48e1beb746ff6e16db2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-29f9"
age
10178212
cf-ray
8ec47f8c4f45daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-fidelity.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		10 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-fidelity.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff4de441699f754af67e95ca98f50c300dd9b9307e944af33a05b0b9fbe5511

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-2697"
age
1608380
cf-ray
8ec47f8c4f48daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-interactive-brokes.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		12 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-interactive-brokes.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e0031e28ecaf84ed1684d2ed488cdbe8b985bf2034d5614454262c71c445da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-311d"
age
10178212
cf-ray
8ec47f8cbfbddaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-national-financial.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		29 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-national-financial.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba4e88cf406b0c6307bf83de00b8f91eed255e0586bc1cc39cbe0ccc0b13130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-735b"
age
2278503
cf-ray
8ec47f8cbfc8daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-bny-mellon-pershing.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		8 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-bny-mellon-pershing.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1314b65523c55a93b4dfd438a8e91c80ec370ae3d2750a3b45930e01c1ccb538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-1e9f"
age
10178212
cf-ray
8ec47f8d0821daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
white-raymond-james.svg
www.blueleaf.com/wp-content/uploads/2023/11/ 		8 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/white-raymond-james.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708fce6a1c0c91cb0c5af05846215fabfb7006418146786ca16b8a5a34ca52b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f20-1faf"
age
10178213
cf-ray
8ec47f8febb1daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:44 GMT
bl-advantage.png
www.blueleaf.com/wp-content/uploads/2023/12/ 		29 KB
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/12/bl-advantage.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b0548a25b293419dcba74ad5d8f83fa153d0386f7feb3feaf4ac00fca0b4ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"657111d2-17905"
age
347190
cf-polished
origSize=96517
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:13 GMT
content-disposition
inline; filename="bl-advantage.webp"
last-modified
Thu, 07 Dec 2023 00:29:06 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fd7fb75daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
29400
server
cloudflare
elise-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		7 KB
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/elise-logo-138x44-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7f9acbdff38db833c6d582719d327a1866d43ddd74204f18f8b02d224eb05a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb5-2625"
age
1655912
cf-polished
origSize=9765
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:13 GMT
content-disposition
inline; filename="elise-logo-138x44-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fd80b84daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6846
server
cloudflare
fairway-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		2 KB
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/fairway-logo-138x44-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980c74cedd0725b72b22fddb82ce513eb343e984b4850dd6bf8bf0f143339dd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb6-76e"
age
10178213
cf-polished
origSize=1902
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:13 GMT
content-disposition
inline; filename="fairway-logo-138x44-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fdc79e7daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1576
server
cloudflare
core
js.driftt.com/ Frame 82B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=pp44gfupkihz&eId=pp44gfupkihz&region=US&forceShow=false&skipCampaigns=false&sessionId=8fc11f95-3d17-4f17-b1ba-cd797919bdd1&sessionStarted=1733238793.66&campaignRefreshToken=42731cdf-c6c6-4c58-aa41-52d06ea54f85&hideController=false&pageLoadStartTime=1733238780805&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.blueleaf.com%2F
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1733238900000/pp44gfupkihz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blueleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 15:13:13 GMT
etag
W/"8d171c1ab68fa656ee61a7ae17d07acb"
last-modified
Mon, 25 Nov 2024 19:25:31 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 a66cf66feb9f859a61920422b04d33a0.cloudfront.net (CloudFront)
x-amz-cf-id
woypEKGzGqlojNIHA-OdHp9TIDsSNwsCnHcV79A0qO0eJOlJGxUlWA==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
Qmdl6cY2R6dFEY3eRuZp_X3AREd2Qa5p
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
33
chat
js.driftt.com/core/ Frame CEC1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1733238780805
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1733238900000/pp44gfupkihz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blueleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 15:13:13 GMT
etag
W/"8d171c1ab68fa656ee61a7ae17d07acb"
last-modified
Mon, 25 Nov 2024 19:25:31 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 a66cf66feb9f859a61920422b04d33a0.cloudfront.net (CloudFront)
x-amz-cf-id
mLvdBICR7nm7i9epUgPq-VLBmZaRqHldE7wreG44Leau8lZeBm6EKA==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
Qmdl6cY2R6dFEY3eRuZp_X3AREd2Qa5p
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
27
elise-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		7 KB
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/elise-logo-138x44-cropped.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7f9acbdff38db833c6d582719d327a1866d43ddd74204f18f8b02d224eb05a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
age
1655924
etag
"65709fb5-2625"
cf-polished
origFmt=png, origSize=9765
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:13 GMT
content-type
image/webp
content-disposition
inline; filename="elise-logo-138x44-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47fdcca3adaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6846
server
cloudflare
CFP-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/CFP-logo-138x44-cropped.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec65fb4ee2300769a0bc7871dcca2a98806daf009c25bb8db2d9c4f365e6eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-578"
age
10178213
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1400
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/webp
content-disposition
inline; filename="CFP-logo-138x44-cropped.webp"
vary
Accept
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
cache-control
public, max-age=31536000
cf-ray
8ec47f8febbadaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
server
cloudflare
114468.js
js-na1.hs-scripts.com/ 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-na1.hs-scripts.com/114468.js
Requested by
Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1733238600000/114468.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e6c04e9ab147a0075327800968651e1b9511b2b4f649d0ab57eb2f596f5048
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
6563
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 15:13:13 GMT
x-hubspot-correlation-id
c8eb26b5-fb99-43b1-aad1-4d1711d663c0
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Tue, 03 Dec 2024 13:13:19 GMT
access-control-allow-credentials
true
cf-ray
8ec47fde3e51743a-MIA
accept-ranges
bytes
access-control-allow-origin
https://www.blueleaf.com
content-length
598
server
cloudflare
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1372317473&v=1.1&a=114468&ct=standard-page&rcu=https%3A%2F%2Fwww.blueleaf.com%2F&pu=https%3A%2F%2Fwww.blueleaf.com%2F&t=Blueleaf&cts=1733238793922&vi=3acb0e6a4626b7592543c84fe99a351d&nc=true&u=254022679.3acb0e6a4626b7592543c84fe99a351d.1733238793908.1733238793908.1733238793908.1&b=254022679.1.1733238793908&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-robots-tag
none
x-request-id
04752c74-6bdd-4576-b7a9-18d95f2998c3
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmygJn0xvJ33gwYGs1KsClFTNOccOgyNxqWWgaLy%2BA%2FkQXJaUs4oMbzenaz5BWI2Uqc8%2BQ%2FqxbCHaM6kRiVLWZZMMf2ft%2FUh4XJKKLqCqUYyA6sKnnT42hOFzqDrubyYjYfGROP1VRTNb9asWG9r"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Tue, 03 Dec 2024 15:13:14 GMT
x-hubspot-correlation-id
04752c74-6bdd-4576-b7a9-18d95f2998c3
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-9fq2m
x-envoy-upstream-service-time
9
access-control-allow-credentials
false
cf-ray
8ec47fdfbd8a747e-MIA
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
L
t.leady.com/ 		0
103 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.leady.com/L?k=STvag2oDJLHh7otx&d=i&s=58c9978d-297a-4759-b5d7-e25e84af3779&l=https%3A%2F%2Fwww.blueleaf.com%2F&r=&g=4741312e312e313835313430343938312e31373333323338373832&nc=0&22068
Requested by
Host: t.leady.com
URL: https://t.leady.com/STvag2oDJLHh7otx/L.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.145.183.49 , Czech Republic, ASN24971 (MASTER-AS Master Internet s.r.o., CZ),
Reverse DNS
chewie.imper.cz
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Date
Tue, 03 Dec 2024 15:13:14 GMT
Server
nginx
Connection
keep-alive
CFP-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		1 KB
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/CFP-logo-138x44-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec65fb4ee2300769a0bc7871dcca2a98806daf009c25bb8db2d9c4f365e6eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb6-578"
age
10178213
cf-polished
origSize=1400
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:14 GMT
content-disposition
inline; filename="CFP-logo-138x44-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fde3c45daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
server
cloudflare
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.blueleaf.com
URL: https://www.blueleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag
W/"792eca3181a87960d692c005437f63e0"
Age
1633
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
3iIb0wrv6SS3Ur6baSjeQLkIbpYqVnhwFQBsPG6bgGG7F-kbLN2FLg==
Date
Tue, 03 Dec 2024 14:46:02 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 b140d5b0fbed1dab248b0959f44a7944.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:26c1:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
17364
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
TaLC9VEjL9MK21WrNgV_lHVWix1GCb8ewY9z6reYS53bJhcdAKO6dg==
Date
Tue, 03 Dec 2024 10:23:51 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256

Redirect headers

Access-Control-Max-Age
600
Age
42610
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
k0pCEUgwALWE5x61S3OoUZFyaexb23HqeOclEk-J9krmTzL4dDmgMQ==
Date
Tue, 03 Dec 2024 03:23:03 GMT
Content-Type
application/xml
Access-Control-Allow-Headers
*
Location
https://s.adroll.com/j/pre/index.js
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 b140d5b0fbed1dab248b0959f44a7944.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
index.js
s.adroll.com/j/pre/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
Q955tQRDtUFjDuSJU1afkTBwzATla10I
Etag
W/"706be4fd28aeb971d2ff83a528c2073a"
Age
1417
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
y2UePx3fxiqkSKlz4GEO-vVuyqgGlPqWota5mdIQN_T2tGEwSD_6Kw==
Date
Tue, 03 Dec 2024 14:54:13 GMT
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Last-Modified
Fri, 22 Nov 2024 12:23:15 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 b140d5b0fbed1dab248b0959f44a7944.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
3YPOPGSDVNESLNOQCKXYY7
d.adroll.com/consent/check/ 		576 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/3YPOPGSDVNESLNOQCKXYY7?flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&_s=86a5a0f711b905e5140774a3abaa5e3c&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:88c9:6a56:c096:6fde Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
819d77b6adbf1fee109ee1c010b74405b7d5b8ad02a50b10143eecc1db7be99b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
576
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:14 GMT
pragma
no-cache
content-type
application/javascript
server
nginx/1.22.1
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EH2GV8F2Q1&gtm=45je4bk0v890332678za200&_p=1733238781238&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGIzZG&cid=1851404981.1733238782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=2&sid=1733238781&sct=1&seg=1&dl=https%3A%2F%2Fwww.blueleaf.com%2F&dt=Blueleaf&en=impression&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.event_category=video-html&ep.event_label=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.non_interaction=true&ep.video_provider=html&ep.video_title=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.video_url=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&_et=11823&tfd=14729
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:14 GMT
content-type
text/plain
server
Golfe2
iframe_content.html
x.adroll.com/pxl/ Frame 9ADD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.blueleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Tue, 03 Dec 2024 15:13:15 GMT
last-modified
Tue, 03 Dec 2024 03:25:59 GMT
RFE3V7HQKZAHDAPF26EGIO
d.adroll.com/pixel/3YPOPGSDVNESLNOQCKXYY7/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/pixel/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&cookie=&adroll_s_ref=&keyw=&p0=13639&xa4=1
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:88c9:6a56:c096:6fde Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7e1dd5f3215dd4eac7335bfd16d37af997c14d3da201463a327bfe006b50adc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-segment-display-name
Visitors to Unsegmented Pages
x-rule-type
p
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-conversion-currency
x-conversion-value
0.00
x-segment-eid
PCZ4CI7FABD7FEQYPBZJLS
x-advertisable-eid
3YPOPGSDVNESLNOQCKXYY7
x-segment-name
*
content-length
399
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:14 GMT
x-pixel-eid
RFE3V7HQKZAHDAPF26EGIO
server
nginx/1.22.1
x-rule
*
RFE3V7HQKZAHDAPF26EGIO
ipv4.d.adroll.com/px4/3YPOPGSDVNESLNOQCKXYY7/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/px4/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&cookie=&adroll_s_ref=&keyw=&p0=13639&xa4=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.207.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-207-129.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
42
date
Tue, 03 Dec 2024 15:13:16 GMT
pragma
no-cache
content-type
image/gif
server
nginx/1.22.1
v11
tracking.crazyegg.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/v11?u=821864&st=319192&s=&ss=16f6be80-b189-11ef-a24a-bdc1ebf3e46f&p=7714ecbd87c3862adda959ad22203438&tk=a9cb421264f8872d8d11cb7d1ff5e375
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.105.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-105-22.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/gzip
Referer
https://www.blueleaf.com/

Response headers

access-control-allow-origin
*
content-length
0
date
Tue, 03 Dec 2024 15:13:15 GMT
content-type
text/plain
server
awselb/2.0
PCZ4CI7FABD7FEQYPBZJLS.js
s.adroll.com/pixel/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/PCZ4CI7FABD7FEQYPBZJLS.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36ab5ab710c217477817b5e1e9e78aca1494a8f45229e4b75559ac31e271e477

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
1nlacbqFctiENDjOhPoyRAwU0JUi.BcM
Etag
W/"b309c3de76917f86ba1748fe9cf9be46"
Age
1418
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
B8cGJW_1QJR-Y1Nt8Tli9zry9cFReXSbfBMR7jsaxXiTWLV-FQnWdw==
Date
Tue, 03 Dec 2024 15:13:15 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Tue, 10 Sep 2024 12:48:50 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
trigger
x.adroll.com/attribution/ 		2 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=941b429fb4c167f75e47847184465ed7&advertisable_eid=3YPOPGSDVNESLNOQCKXYY7&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

content-length
2
date
Tue, 03 Dec 2024 15:13:15 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"6972895181597626119","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"6972895181597626119","filters":{"source_type":["navigation"]}}],"debug_key":"10011864806132077410","debug_reporting":true,"filters":{"0":["3YPOPGSDVNESLNOQCKXYY7"]}}
content-type
text/plain; charset=utf-8
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/3YPOPGSDVNESLNOQCKXYY7/RFE3V7HQKZAHDAPF26EGIO/PCZ4CI7FABD7FEQYPBZJLS.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
CK4cMX5vZLEnRrAtBOR1tfE4_uNanswm
Etag
W/"4a64112c69b3c4b3f104f38d9547a094"
Age
235
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
xOgImujtdVFOiHGRiq33pKm5tiJUtcTttAjHITCGeAPdayjxgEvYvg==
Date
Tue, 03 Dec 2024 15:09:21 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Mon, 30 Sep 2024 21:10:57 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=300, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
Protocol
H2
Server
35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
130.202.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:16 GMT
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%252C%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=420dc9e3-26c7-4571-baa0-46d5a22053aa&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=420dc9e3-26c7-4571-baa0-46d5a22053aa&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/png
server
Jetty(11.0.13)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=420dc9e3-26c7-4571-baa0-46d5a22053aa&ttd_puid=b57c6520-89ea-4001-a49e-9b1c054046e2%2C%2C
content-length
359
date
Tue, 03 Dec 2024 15:13:16 GMT
server
Kestrel
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=ZylmQUMxHDhl99xgOJGhsw
  • https://d.adroll.com/cm/g/in
42 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
2600:1f18:61c0:2205:88c9:6a56:c096:6fde Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-result
g.-1.-1.-1
content-length
42
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/gif
server
nginx/1.22.1

Redirect headers

cache-control
no-cache, must-revalidate
location
https://d.adroll.com/cm/g/in
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
225
date
Tue, 03 Dec 2024 15:13:16 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795&C=1
43 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttgjo1Uvnucg673cJYQKl2ep5iLv3uhbTJLnrXbkbOnJ68HS3iNMUbLFvzo78OVynQeboj0VmzyFMNmupwQrc951d6XhKeDK1ZGtd9AK09xLk2hhMgmvxPiGTubrxA4pPfOqsnfjwTkYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ec47feb8a98b3e9-MIA
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=105&external_user_id=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expiration=1764774795&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lb5WUftU6Sem%2FkLQa79AmMQd3jAhBXtyTtrRGHHJyIzgrHh36%2B1gJ334F2Q16TsmEuqwgI4RAnHGWwgmahiyiNCsZr5mbEdus72n%2Bj0H0s6kiPtsZrWUaCIvRvjjmaohOcq6A%2BzFkqIs6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec47feae81ba554-MIA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 03 Dec 2024 15:13:16 GMT
vary
Accept-Encoding
server
cloudflare
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://idsync.rlcdn.com/377928.gif?partner_uid=6729664143311c3865f7dc603891a1b3
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjMQABoNCIzAvLoGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040&expected_cookie=603417c7-188e-421a-8758-1bcd9ab12680
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040&expected_cookie=603417c7-188e-421a-8758-1bcd9ab12680
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3F8ACCC754994CE9871284FEE2E34E3A Ref B: MIAEDGE2821 Ref C: 2024-12-03T15:13:16Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYoXxrLaiiTrbnShhh+jg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 03 Dec 2024 15:13:16 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location
/db_sync?pid=10339&puuid=88703ede0ef50ff415df6e037814fc529ade4ce6e0ad090d7919967f85eb804f791426b5417dce21&rand=04361040&expected_cookie=603417c7-188e-421a-8758-1bcd9ab12680
x-msedge-ref
Ref A: 790813561E0443D8A61D2E4E86727B20 Ref B: MIAEDGE2821 Ref C: 2024-12-03T15:13:16Z
x-li-fabric
prod-ltx1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYoXxrJPRc7H3NJX/PXGA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 03 Dec 2024 15:13:15 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&expires=365
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:15 GMT
pragma
no-cache
server
nginx/1.22.1
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent=&cc=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent=&cc=1
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
38.132.118.76
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Dec 2024 15:13:15 GMT
content-type
image/gif
vary
Accept
server
OXGW/0.0.0

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537103138&val=6729664143311c3865f7dc603891a1b3&gdpr=0&gdpr_consent=&cc=1
x-forwarded-for
38.132.118.76
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Dec 2024 15:13:15 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
OXGW/0.0.0
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=&us_privacy=1---
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Tue, 03 Dec 2024 15:13:16 GMT
x-traceid
37419e4e68a519377f45647a17f3f721

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=&us_privacy=1---
content-length
137
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:15 GMT
pragma
no-cache
server
nginx/1.22.1
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 03 Dec 2024 15:13:15 GMT
content-type
image/gif; charset=utf-8
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:15 GMT
pragma
no-cache
server
nginx/1.22.1
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 03 Dec 2024 15:13:16 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
text/html
server
ATS
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

x-fastly-to-nlb-rtt
64341
date
Tue, 03 Dec 2024 15:13:16 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Tue, 03 Dec 2024 15:13:15 GMT
pragma
no-cache
server
nginx/1.22.1
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=4714&xuid=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 03 Dec 2024 15:13:16 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=941b429fb4c167f75e47847184465ed7-1733238794875&flg=1&pv=87240410837.27127&arrfrr=https%3A%2F%2Fwww.blueleaf.com%2F&advertisable=3YPOPGSDVNESLNOQCKXYY7
  • https://ib.adnxs.com/setuid?entity=172&code=NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
Protocol
H2
Server
68.67.161.208 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
11f941b8-7662-4f37-9da4-514078253ee5
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 03 Dec 2024 15:13:16 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
38.132.118.76; 38.132.118.76; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
b478f4de-bb66-4129-a9da-56183ab7db96
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 03 Dec 2024 15:13:16 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
Elise-3-203x203-cropped.jpg
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		6 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/Elise-3-203x203-cropped.jpg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab76322122bb842bf9db8503b65045d73077fee296b98de51b03db5a8dc2b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb5-193d"
age
8520874
cf-cache-status
HIT
cf-polished
origSize=6461
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8ec47f900bdbdaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6440
server
cloudflare
ico-arrow-right-gray.svg
www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ 		287 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ico-arrow-right-gray.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e90955dc7703df738f980cd8d37c613863be3be5730e38e0deaa40d1c67442b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-11f"
age
10178213
cf-ray
8ec47f900be5daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
ico-arrow-left-gray.svg
www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ 		292 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ico-arrow-left-gray.svg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8a8dd4d15decdf3a7bb09e849b49896ce9d970eae5edefd732897f197fb932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-124"
age
10178213
cf-ray
8ec47f900be7daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
Bob_4215-2-203x203-cropped.jpg
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		8 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/Bob_4215-2-203x203-cropped.jpg
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf58f50585ff3c830d7881a41b97b6463053a5d25a10c8554f3d066ecd584dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"65709fb6-2037"
age
70384
cf-cache-status
HIT
cf-polished
origSize=8247
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
image/jpeg
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8ec47f900bdfdaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
8158
server
cloudflare
tim-smith-203x203-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		11 KB
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/tim-smith-203x203-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff618c4c0bc06b97ce3d193f972f12bd58280339a9802b8f034522f9b3273512

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb6-342f"
age
904982
cf-polished
origSize=13359
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:15 GMT
content-disposition
inline; filename="tim-smith-203x203-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fe59d41daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11480
server
cloudflare
rob-203x203-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		13 KB
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/rob-203x203-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e826c0f05fba93b4e3b1ca5b3070bdec3b0154b88843196a3606e1bec3e98b58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb6-3e11"
age
1831703
cf-polished
origSize=15889
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:15 GMT
content-disposition
inline; filename="rob-203x203-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fe59d44daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13388
server
cloudflare
elise-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/05/ 		7 KB
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/05/elise-logo-138x44-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7f9acbdff38db833c6d582719d327a1866d43ddd74204f18f8b02d224eb05a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
age
2
etag
"65709fb5-2625"
cf-polished
origSize=9765
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:15 GMT
content-type
image/webp
last-modified
Wed, 06 Dec 2023 16:22:13 GMT
vary
Accept
content-disposition
inline; filename="elise-logo-138x44-cropped.webp"
cache-control
public, max-age=31536000
cf-ray
8ec47fe63decdaf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6846
server
cloudflare
CFP-logo-138x44-cropped.png
www.blueleaf.com/wp-content/uploads/cache/2019/04/ 		1 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/cache/2019/04/CFP-logo-138x44-cropped.png
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1db8eb7ffc8594e42c0729400701d1a8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aec65fb4ee2300769a0bc7871dcca2a98806daf009c25bb8db2d9c4f365e6eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cf-bgj
imgq:100,h2pri
cf-cache-status
HIT
etag
"65709fb6-578"
age
10178213
cf-polished
origSize=1400
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:14 GMT
content-disposition
inline; filename="CFP-logo-138x44-cropped.webp"
last-modified
Wed, 06 Dec 2023 16:22:14 GMT
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
cf-ray
8ec47fde3c45daf9-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1150
server
cloudflare
favicon.ico
www.blueleaf.com/wp-content/themes/blueleaf/dist/images/ 		1 KB
578 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/themes/blueleaf/dist/images/favicon.ico?ver=1701879591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61a195858f84e08e7a86cb91d2ceb06176e08b353992d4ceae76ada5806625e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"65709f27-47e"
age
10178216
cf-ray
8ec47ff07a24daf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 15:13:16 GMT
content-type
image/x-icon
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Wed, 06 Dec 2023 16:19:51 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EH2GV8F2Q1&gtm=45je4bk0v890332678za200&_p=1733238781238&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGIzZG&cid=1851404981.1733238782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=3&sid=1733238781&sct=1&seg=1&dl=https%3A%2F%2Fwww.blueleaf.com%2F&dt=Blueleaf&en=video_progress&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.event_category=video-html&ep.event_label=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.non_interaction=false&ep.video_provider=html&ep.video_title=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.video_url=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&epn.video_duration=25.992633&epn.video_current_time=13.052779&epn.video_percent=50&_et=1056&tfd=19732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:19 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EH2GV8F2Q1&gtm=45je4bk0v890332678za200&_p=1733238781238&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dZGIzZG&cid=1851404981.1733238782&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=4&sid=1733238781&sct=1&seg=1&dl=https%3A%2F%2Fwww.blueleaf.com%2F&dt=Blueleaf&en=video_progress&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.event_category=video-html&ep.event_label=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.non_interaction=false&ep.video_provider=html&ep.video_title=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&ep.video_url=https%3A%2F%2Fwww.blueleaf.com%2Fwp-content%2Fuploads%2F2023%2F11%2Fhero-video.mp4&epn.video_duration=25.992633&epn.video_current_time=19.692313&epn.video_percent=75&_et=6626&tfd=26367
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH2GV8F2Q1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.138 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.blueleaf.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.blueleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 15:13:26 GMT
content-type
text/plain
server
Golfe2
hero-video.mp4
www.blueleaf.com/wp-content/uploads/2023/11/ 		21 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.blueleaf.com/wp-content/uploads/2023/11/hero-video.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.blueleaf.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"65709f22-2e68f9a"
age
10181551
Content-Range
bytes 0-48664473/48664474
cf-ray
8ec47f8ffbbedaf9-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
Content-Length
48664474
date
Tue, 03 Dec 2024 15:13:01 GMT
content-type
video/mp4
last-modified
Wed, 06 Dec 2023 16:19:46 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.oribi.io
URL
https://cdn.oribi.io/Xy0xODM5NTQwOTM4/oribi.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCFQ49M
Domain
www.blueleaf.com
URL
blob:https://www.blueleaf.com/2035e167-6ad7-4e2d-b861-67e3475f3d35
Domain
www.blueleaf.com
URL
blob:https://www.blueleaf.com/78f69a16-849b-4db9-878e-67556822c863
Domain
www.blueleaf.com
URL
blob:https://www.blueleaf.com/c563dbbd-283e-4601-8e64-28b3349e2dee
Domain
www.blueleaf.com
URL
blob:https://www.blueleaf.com/42cf26f1-0cf5-4660-b65a-68b7c13c4bb3
Domain
www.blueleaf.com
URL
blob:https://www.blueleaf.com/3630668d-75be-46d1-acc8-9ee4ab1cf248

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 string| gtm4wp_datalayer_name object| dataLayer string| mi_version boolean| mi_track_user object| MonsterInsightsDefaultLocations object| MonsterInsightsLocations object| disableStrs function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| monsterinsights_frontend function| jQuery object| google object| litHtmlVersions object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView function| drift object| _hsq object| ORIBI string| adroll_adv_id string| adroll_pix_id function| hj object| _hjSettings string| leady_track_key object| dataLayer_content object| monsterinsights_tracked_video_marks object| monsterinsights_youtube_percentage_tracking_timeouts function| monsterinsights_media_get_id_for_iframe function| monsterinsights_media_record_video_event function| monsterinsights_media_maybe_record_video_progress object| monsterinsights_media_vimeo_plays function| monsterinsights_setup_vimeo_events_for_iframe function| monsterinsights_on_vimeo_load function| monsterinsights_media_init_vimeo_events function| monsterinsights_media_on_youtube_load function| monsterinsights_media_load_youtube_api function| monsterinsights_media_init_youtube_events function| monsterinsights_media_init_html_video_events function| monsterinsights_media_init_video_events function| monsterinsights_media_load function| onYouTubeIframeAPIReady function| loadScript object| leadin_wordpress object| _hsp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| omapi_data object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| MonsterInsights object| MonsterInsightsObject function| LazyLoad object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia object| _wq string| _wistiaElemId object| wistiaEmbeds object| images object| iframes boolean| is_iframe object| rocket_lazy boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| beTracker object| google_tag_manager object| google_tag_data object| gaGlobal string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked boolean| LEADY_COOKIE_CONSENT_OBTAINED object| _leady object| Leady function| _l_live function| sanitizeKey boolean| _hstc_loaded object| cesrk07907636757971097 string| cesrk07907636757971097_path boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory boolean| __adroll_loaded object| drift_audio_context boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll object| adroll_loaded object| adroll_callbacks function| __cmp function| __tcfapi function| __gpp object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called string| adroll_seg_eid boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors string| adroll_rule_type function| __adroll_idem0 object| drift_sentry_config

66 Cookies

Domain/Path Name / Value
.blueleaf.com/ Name: _ga
Value: GA1.1.1851404981.1733238782
.blueleaf.com/ Name: _ga_R1K4RHNMHL
Value: GS1.1.1733238781.1.0.1733238781.60.0.0
.blueleaf.com/ Name: cebs
Value: 1
www.blueleaf.com/ Name: leady_session_id
Value: 58c9978d-297a-4759-b5d7-e25e84af3779
t.leady.com/ Name: c
Value: AAAAAGdPH/44/hwETf+8Ag==
.blueleaf.com/ Name: _hjSessionUser_469594
Value: eyJpZCI6ImQ1MTVlZmM4LTM3ZGEtNWYxYy1hOTJiLTE3NjkzZjEzNTI0ZCIsImNyZWF0ZWQiOjE3MzMyMzg3ODI0NTMsImV4aXN0aW5nIjp0cnVlfQ==
.blueleaf.com/ Name: _hjSession_469594
Value: eyJpZCI6ImYwMDRkODhkLWZhOTItNGVjZS05NmJhLTgxMGVkNDI3Y2ZiOSIsImMiOjE3MzMyMzg3ODI0NTQsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.blueleaf.com/ Name: _ce.clock_data
Value: 53%2C38.132.118.76%2C1%2Ca11f5da7336cfe2e2fd950a3d968fdb0%2CChrome%2CUS
.blueleaf.com/ Name: cebsp_
Value: 1
.blueleaf.com/ Name: _ce.s
Value: v~1345d4d7875a02b19e8ff14edd2d7189167b45a0~lcw~1733238782760~vir~new~lva~1733238782166~vpv~0~v11.fs~1~v11.cs~319192~v11.s~16f6be80-b189-11ef-a24a-bdc1ebf3e46f~v11ls~16f6be80-b189-11ef-a24a-bdc1ebf3e46f~v11.sla~1733238782759~v11nv~1~lcw~1733238782891
www.blueleaf.com/ Name: drift_campaign_refresh
Value: 42731cdf-c6c6-4c58-aa41-52d06ea54f85
.blueleaf.com/ Name: __hstc
Value: 254022679.3acb0e6a4626b7592543c84fe99a351d.1733238793908.1733238793908.1733238793908.1
.blueleaf.com/ Name: hubspotutk
Value: 3acb0e6a4626b7592543c84fe99a351d
.blueleaf.com/ Name: __hssrc
Value: 1
.blueleaf.com/ Name: __hssc
Value: 254022679.1.1733238793908
.hubspot.com/ Name: __cf_bm
Value: Yzfryc8cHDYj0KoJtCgoKFYA2U_L.q_swYLg0_GwG74-1733238794-1.0.1.1-wgPhxFGiImivrJDM03dH4M9AXAAvlq9Cs6k6kAUug7ZULK0sjLs4zWVcfSAO0wO6horZ1aAJps7sOVT1ydvsag
.hubspot.com/ Name: _cfuvid
Value: xluUkTbmfBIN0ExzgINMouMFRbrkp1XZgaZB.t3tNg8-1733238794283-0.0.1.1-604800000
.blueleaf.com/ Name: _ga_EH2GV8F2Q1
Value: GS1.1.1733238781.1.1.1733238794.47.0.0
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.blueleaf.com/ Name: __adroll_fpc
Value: 941b429fb4c167f75e47847184465ed7-1733238794875
.www.blueleaf.com/ Name: __ar_v4
Value: %7C3YPOPGSDVNESLNOQCKXYY7%3A20250002%3A1%7CRFE3V7HQKZAHDAPF26EGIO%3A20250002%3A1%7CPCZ4CI7FABD7FEQYPBZJLS%3A20250002%3A1
x.adroll.com/ Name: ar_debug
Value: 1
.openx.net/ Name: i
Value: d89ff7b5-834b-4fbc-86f4-4725156b4b16|1733238796
.tapad.com/ Name: TapAd_TS
Value: 1733238796026
.tapad.com/ Name: TapAd_DID
Value: b57c6520-89ea-4001-a49e-9b1c054046e2
.taboola.com/ Name: t_gid
Value: cb2642d2-c690-4427-bff9-59156e106c56-tucte48a58c
.taboola.com/ Name: t_pt_gid
Value: cb2642d2-c690-4427-bff9-59156e106c56-tucte48a58c
.casalemedia.com/ Name: CMID
Value: Z08gDNHM428AABcxAeclsgAA
.casalemedia.com/ Name: CMPS
Value: 939
.casalemedia.com/ Name: CMPRO
Value: 939
.yahoo.com/ Name: A3
Value: d=AQABBAwgT2cCEF4RkYk-zt31lFB_TtLc8Z0FEgEBAQFxUGdZZ9ww0iMA_eMAAA&S=AQAAAgZd26nGNXhQKFGGkvZxny0
.3lift.com/ Name: tluidp
Value: 1758789725306326870756
.3lift.com/ Name: tluid
Value: 1758789725306326870756
.rubiconproject.com/ Name: audit_p
Value: 1|XiYjRBAaW4EW5/bfrN+/nNrKNKwEoTY9UWkQu7+46E2bz16xSA9sXSVNHoTFVI/nB/edjM359+uM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDteZHtrYUUO8N9eNoO7rJ3HCGUHIj5VSVyrI7oeUlan873IYgrEusiVzgrDGC/W5dyg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: khaos
Value: M48LMM76-1I-KZV9
.rubiconproject.com/ Name: khaos_p
Value: M48LMM76-1I-KZV9
.rubiconproject.com/ Name: audit
Value: 1|XiYjRBAaW4EW5/bfrN+/nNrKNKwEoTY9UWkQu7+46E2bz16xSA9sXSVNHoTFVI/nB/edjM359+uM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDteZHtrYUUO8N9eNoO7rJ3HCGUHIj5VSVyrI7oeUlan873IYgrEusiVzgrDGC/W5dyg5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ==
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.bidswitch.net/ Name: tuuid
Value: 1b24dcc1-8462-41c0-9bb7-c818f971b437
.bidswitch.net/ Name: c
Value: 1733238796
.bidswitch.net/ Name: tuuid_lu
Value: 1733238796
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&KRTB&22883-NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&KRTB&23504-NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM&KRTB&23615-NjcyOTY2NDE0MzMxMWMzODY1ZjdkYzYwMzg5MWExYjM
.pubmatic.com/ Name: PugT
Value: 1733238795
.doubleclick.net/ Name: IDE
Value: AHWqTUlkkh0-5iwiOcKTgipBHaV_YUY073L3bEclrD8dRGhAs0nPal-FUwSe1Xjn3Dg
.rlcdn.com/ Name: rlas3
Value: aRE5L8eo/L1RXZ2fKsF3Yo5SYg/0RvCw8jRQn1B3/24=
.adnxs.com/ Name: XANDR_PANID
Value: qZ6I1BCdBrtMTjzhuXyemP12kEIlnQk6t5Rn9AHjjTtYsiZM04gNE5UXjGX1GuPbt5Xiai5YsLUyX8pp_WtNgBebKPhnh9kjIEDYTnJhYpY.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2596605106265578101
.d.adroll.com/ Name: __adroll
Value: 6729664143311c3865f7dc603891a1b3-g_1733238796-a_1733238794
.adroll.com/ Name: __adroll_shared
Value: 6729664143311c3865f7dc603891a1b3-g_1733238796-a_1733238794
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2m6f
.rlcdn.com/ Name: pxrc
Value: CIzAvLoGEgUI6AcQABIFCOhHEAA=
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2C%3nXH!z!@wnfH1Ya.O4]7Q=E?-QacIakieFgVjaN_>a(*+_a)!WWiT-1%/x2Gc_N?tAm>.GA`6DFPA1seqWrC1J%nugO%v4VB%nm06-8?MV
.adsrvr.org/ Name: TDID
Value: 420dc9e3-26c7-4571-baa0-46d5a22053aa
www.blueleaf.com/ Name: drift_aid
Value: 488c0d07-df6b-4818-9c64-14eae633c8f7
www.blueleaf.com/ Name: driftt_aid
Value: 488c0d07-df6b-4818-9c64-14eae633c8f7
.pippio.com/ Name: did
Value: Itrqmyz0vB2WoVmq
.pippio.com/ Name: didts
Value: 1733238796
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIzAvLoGEgYIgr0rEAA=
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwimiqS74e3JPRAFGAUgASgCMgsIuNPg5_ftyT0QBTgB
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8127
.linkedin.com/ Name: li_sugr
Value: 603417c7-188e-421a-8758-1bcd9ab12680
.linkedin.com/ Name: bcookie
Value: "v=2&b090dc85-f810-4223-8a9c-db7b933e4212"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3476:u=1:x=1:i=1733238796:t=1733325196:v=2:sig=AQErno5pK6ODQCI1S6WPZzfXj46lNXIX"

3 Console Messages

Source Level URL
Text
other warning URL: https://www.blueleaf.com/(Line 6)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://cdn.oribi.io/Xy0xODM5NTQwOTM4/oribi.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://www.blueleaf.com/
Message:
The resource https://www.blueleaf.com/wp-content/uploads/2019/04/iphone.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
analytics.google.com
assets-tracking.crazyegg.com
blueleafassistance.digital
cdn.oribi.io
cm.g.doubleclick.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fast.wistia.com
forms.hubspot.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
js-na1.hs-scripts.com
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
maps.googleapis.com
match.adsrvr.org
p.typekit.net
pagestates-tracking.crazyegg.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
s.adroll.com
script.crazyegg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
t.leady.com
td.doubleclick.net
track.hubspot.com
tracker.metricool.com
tracking.crazyegg.com
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.blueleaf.com
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
cdn.oribi.io
www.blueleaf.com
www.googletagmanager.com
104.18.27.193
104.19.148.8
107.178.254.65
141.193.213.10
141.226.224.48
142.251.163.138
15.197.225.128
172.253.122.95
172.253.63.154
172.67.72.173
18.160.18.33
18.160.41.58
18.165.98.104
18.210.207.129
18.67.65.33
194.145.183.49
2001:4998:14:800::1000
2400:52e0:1a00::1207:2
2600:1408:c400:29::17da:da44
2600:1f18:61c0:2205:88c9:6a56:c096:6fde
2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1
2600:9000:26c1:4400:6:9280:1080:93a1
2606:4700:4400::6812:28f0
2606:4700::6810:7574
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6812:8d11
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1f::66
2607:f8b0:4004:c21::5f
2607:f8b0:4004:c21::9d
2620:1ec:21::14
2a04:4e42::644
3.16.105.22
3.167.56.49
34.111.113.62
34.98.64.218
35.211.202.130
35.244.154.8
35.71.131.137
35.71.139.29
68.67.161.208
69.173.151.100
70.42.32.127
8.28.7.83
0061a2d076d7e51d46d0f48ecb18f343e53fbb63fc93b7851073fe1fe5c78bfd
088c95671c2121602fe451c5732353bd1836998369ecd47685a6880c69bf418d
09244974d9decf20f9cd3402621e4844a454f3ae43cdf509538f43c0456ba6c4
1314b65523c55a93b4dfd438a8e91c80ec370ae3d2750a3b45930e01c1ccb538
1ba4e88cf406b0c6307bf83de00b8f91eed255e0586bc1cc39cbe0ccc0b13130
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c8a8dd4d15decdf3a7bb09e849b49896ce9d970eae5edefd732897f197fb932
203987ff8bd021893a06303e163eeb294647081d8376b725bdacbc414cc4d035
2371b74e57f4690cc3ea0847772618a505fc224fcbada874b4f181dcc8c00a9e
27d1b7d7fd8ec1d4e3db31e030a1499ad452f90683dd2fa485924c2f48be59e6
2e90955dc7703df738f980cd8d37c613863be3be5730e38e0deaa40d1c67442b
36ab5ab710c217477817b5e1e9e78aca1494a8f45229e4b75559ac31e271e477
36fff107db5298724b3acc76f374ab35db4ce90067347613a2ebbcbafd28caa6
3aec65fb4ee2300769a0bc7871dcca2a98806daf009c25bb8db2d9c4f365e6eb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7f9acbdff38db833c6d582719d327a1866d43ddd74204f18f8b02d224eb05a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
572d5bca95113b880357de2f9d2949e2cc5c1e008400fc630bb5d5177de6dd2b
5bfe4db954929d352e4de43aecb78294c7638b2cf382b3f40d49d7b34f490f07
61a195858f84e08e7a86cb91d2ceb06176e08b353992d4ceae76ada5806625e0
65ab76322122bb842bf9db8503b65045d73077fee296b98de51b03db5a8dc2b4
6ca123db8c4e1ce21b2eec77f927c0563c64f04d8fc6c94aff8739eef4ebc9af
708fce6a1c0c91cb0c5af05846215fabfb7006418146786ca16b8a5a34ca52b7
71e6c04e9ab147a0075327800968651e1b9511b2b4f649d0ab57eb2f596f5048
76baed3ff846e739333ed4248bf0a17ac4e930a32f699cc9d94ce6ecc61ee4e7
7790882b18f7b3e10750f4474dc1a13150a2ef8510ef4c2e3e52c5d5f776db87
7ab6f78be141dd82a38b4a538cd993758cd41b36c75207a56536c6efe38af711
7b367e5b3a94a7704b66f17adc9d8f44d1f19af96e59e8e528745b9dadc303d1
7cc2e9383273604c39b525dc366bb6467ea148236649caa15e1e7c2dc6c052c0
7e1dd5f3215dd4eac7335bfd16d37af997c14d3da201463a327bfe006b50adc8
819d77b6adbf1fee109ee1c010b74405b7d5b8ad02a50b10143eecc1db7be99b
82aac15ff108b0688c710f986f12d0670e33fe6fc31b4b9eb3594684c9b69a62
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c
8b851243dfb01d421b9ad1b062622a23f230c32184a70c07b6e75908bf682961
8bde8c262105b0b4001279d19d0aeab2915799d7869b34e2a07bfe6834aeefe3
97f752f1bdffe4e12de8fe349f77012495c8926f74f64874a3e740960b365977
980c74cedd0725b72b22fddb82ce513eb343e984b4850dd6bf8bf0f143339dd6
9a7616157191cea33870e61c8f37b9842c4a63088c5821eeee34e570679e904f
9b918f10f013872fedaedf9b8cb09609bf87bfccf3ac96ea9802bd9910ff7967
a2db06993a81eb3ebd33897015d64c8ab5c9fcad5c3f8c4ad9329bce36440c4c
a3c5e7e7cbbfbef903e33d65a7534c896df34bfcf1241827ad2ae4227662fe91
a8e0031e28ecaf84ed1684d2ed488cdbe8b985bf2034d5614454262c71c445da
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3863591a4e6bc67e007ec2f346d1dda7df47080638b46a5375074803913974b
b4e62a8daa779d16b2c25d343db85f6501e334632b0eeafd7d9f5bc5b8f96367
b580efd0155568420094f37f187e054eda5ea43bc9662b4b5f94c8585cb559ce
b6b0548a25b293419dcba74ad5d8f83fa153d0386f7feb3feaf4ac00fca0b4ee
b903a5108b6008ea2b11e3dccba788a324aa9a412d0553f760aa210f6c632e47
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd0419945a0bcc90a4de1523be2b544810ea4bebc00e333239aa2a295fe12cd
bdfceadb20fa502959872ed224f8d53dd84cd0bd61eb82c2aeb31b1d0e263ce3
be4eb39933f746f6f2b7b81f0f91b22c9a6c76b088c7ae96ae7d773a48a13410
bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0
c3819e96a1583a93dace929b1c600d67ef08a97e3459b806a9e0750e8c437dbb
c58bf95e44cf97febc14f796577c93650940630354a7f9a6da0c93450e00154d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cff4de441699f754af67e95ca98f50c300dd9b9307e944af33a05b0b9fbe5511
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d6bfb36861303972a1f852dcae969a88e0d736d02bd2b48e1beb746ff6e16db2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcf58f50585ff3c830d7881a41b97b6463053a5d25a10c8554f3d066ecd584dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826c0f05fba93b4e3b1ca5b3070bdec3b0154b88843196a3606e1bec3e98b58
e9b834587661f12a32b0f9b6bf0fe1b2895e7c62e8b2b28fa76e91605afd5ea4
edc3790e39f46c2027c85a78447f8e91c6eddd9f480a9623cc14530ce2571f02
eed497e20396e23084be19923227db1063adb93cedede62bdba85f6cfa6170b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
feb11a2e56c988d286727f0a652725b289a2ebabb8950aad986f75de0e652894
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
ff618c4c0bc06b97ce3d193f972f12bd58280339a9802b8f034522f9b3273512