urlscan.io logo urlscan.io
SecurityTrails logo

cloverleafpublications.company.site Open in urlscan Pro
18.193.28.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://investigative-voices.news/
Effective URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Submission: On November 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 2 countries across 24 domains to perform 113 HTTP transactions. The main IP is 18.193.28.123, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is cloverleafpublications.company.site.
TLS certificate: Issued by R10 on September 10th 2024. Valid for: 3 months.
This is the only time cloverleafpublications.company.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.72.49.79 14618 (AMAZON-AES)
2 18.193.28.123 16509 (AMAZON-02)
22 2600:9000:264... 16509 (AMAZON-02)
1 104.102.19.45 16625 (AKAMAI-AS)
7 18.195.190.156 16509 (AMAZON-02)
7 18.245.46.13 16509 (AMAZON-02)
3 13.33.216.116 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 3.233.246.208 14618 (AMAZON-AES)
1 2600:9000:249... 16509 (AMAZON-02)
1 2600:9000:272... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
8 172.67.219.241 13335 (CLOUDFLAR...)
2 52.217.233.65 16509 (AMAZON-02)
4 2600:1f18:243... 14618 (AMAZON-AES)
1 172.67.5.146 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 104.102.57.226 16625 (AKAMAI-AS)
12 151.101.129.21 54113 (FASTLY)
2 157.240.253.1 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.0.176 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 2001:4860:480... 15169 (GOOGLE)
3 151.101.131.1 54113 (FASTLY)
2 184.31.94.168 16625 (AKAMAI-AS)
7 18.172.112.77 16509 (AMAZON-02)
1 34.96.122.219 396982 (GOOGLE-CL...)
2 15.197.193.217 16509 (AMAZON-02)
2 172.217.16.196 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
1 3.160.150.20 16509 (AMAZON-02)
113 34
1    52.72.49.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-49-79.compute-1.amazonaws.com
investigative-voices.news
2    18.193.28.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-28-123.eu-central-1.compute.amazonaws.com
cloverleafpublications.company.site
22    2600:9000:2644:8600:1f:58b3:eac0:21 (United States)

ASN16509 (AMAZON-02, US)
d34ikvsdm2rlij.cloudfront.net
1    104.102.19.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-19-45.deploy.static.akamaitechnologies.com
chimpstatic.com
7    18.195.190.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
app.ecwid.com
7    18.245.46.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-13.fra56.r.cloudfront.net
downloads.mailchimp.com
3    13.33.216.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-216-116.fra60.r.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
1    2600:9000:2057:ac00:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)
d3dq8sxcny4hg.cloudfront.net
2    3.233.246.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-246-208.compute-1.amazonaws.com
ecomm.events
1    2600:9000:2491:a600:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)
d1oxsl77a1kjht.cloudfront.net
1    2600:9000:2724:9c00:13:2031:2340:21 (United States)

ASN16509 (AMAZON-02, US)
d11s7fcxy18ubx.cloudfront.net
2    2600:9000:2490:c000:3:22ec:38c0:21 (United States)

ASN16509 (AMAZON-02, US)
djqizrxa6f10j.cloudfront.net
8    172.67.219.241 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.chaty.app
pixel.chaty.app
image-cdn.chaty.app
2    52.217.233.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ecwid-addons.s3.amazonaws.com
4    2600:1f18:243f:2d01:3b80:78a9:66ec:dda (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.sitewit.com
1    172.67.5.146 (United States)

ASN13335 (CLOUDFLARENET, US)
www.powr.io
1    2600:9000:206f:f200:19:4fd1:c1c0:21 (United States)

ASN16509 (AMAZON-02, US)
d20ubqycd8ynev.cloudfront.net
1    104.102.57.226 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-57-226.deploy.static.akamaitechnologies.com
mc.us8.list-manage.com
12    151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
4    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    151.101.131.1 (San Francisco, United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    184.31.94.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-94-168.deploy.static.akamaitechnologies.com
digitalasset.intuit.com
7    18.172.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-77.fra60.r.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
1    34.96.122.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.122.96.34.bc.googleusercontent.com
mcusercontent.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
2    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net
www.google.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
www.google.de
1    3.160.150.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-20.fra60.r.cloudfront.net
js.stripe.com
Apex Domain
Subdomains		 Transfer
38 cloudfront.net
d34ikvsdm2rlij.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d11s7fcxy18ubx.cloudfront.net
djqizrxa6f10j.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
2 MB
15 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226
t.paypal.com — Cisco Umbrella Rank: 3852
266 KB
8 chaty.app
cdn.chaty.app — Cisco Umbrella Rank: 224019
pixel.chaty.app — Cisco Umbrella Rank: 206650
image-cdn.chaty.app — Cisco Umbrella Rank: 936814
59 KB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 18060
114 KB
7 ecwid.com
app.ecwid.com — Cisco Umbrella Rank: 46416
42 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
282 KB
4 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 67651
28 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
64 B
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 945
320 B
2 intuit.com
digitalasset.intuit.com — Cisco Umbrella Rank: 17376
5 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
164 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
74 KB
2 amazonaws.com
ecwid-addons.s3.amazonaws.com — Cisco Umbrella Rank: 229943
7 KB
2 ecomm.events
ecomm.events — Cisco Umbrella Rank: 60907
2 KB
2 company.site
cloverleafpublications.company.site
39 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
64 B
1 mcusercontent.com
mcusercontent.com — Cisco Umbrella Rank: 5758
607 KB
1 list-manage.com
mc.us8.list-manage.com — Cisco Umbrella Rank: 147163
9 KB
1 powr.io
www.powr.io — Cisco Umbrella Rank: 18188
12 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 7032
2 KB
1 investigative-voices.news
investigative-voices.news
233 B
113 24
Domain Requested by
22 d34ikvsdm2rlij.cloudfront.net cloverleafpublications.company.site
d34ikvsdm2rlij.cloudfront.net
12 www.paypal.com www.paypal.com
7 d2j6dbq0eux0bg.cloudfront.net cloverleafpublications.company.site
7 downloads.mailchimp.com chimpstatic.com
downloads.mailchimp.com
7 app.ecwid.com d34ikvsdm2rlij.cloudfront.net
app.ecwid.com
5 cdn.chaty.app app.ecwid.com
cdn.chaty.app
4 www.googletagmanager.com cloverleafpublications.company.site
analytics.sitewit.com
www.googletagmanager.com
4 analytics.sitewit.com app.ecwid.com
analytics.sitewit.com
cloverleafpublications.company.site
3 t.paypal.com cloverleafpublications.company.site
3 region1.google-analytics.com www.googletagmanager.com
3 d3cy3u1txmkqs3.cloudfront.net app.ecwid.com
2 pixel.chaty.app cdn.chaty.app
2 www.google.com www.googletagmanager.com
cloverleafpublications.company.site
2 insight.adsrvr.org analytics.sitewit.com
cloverleafpublications.company.site
2 digitalasset.intuit.com cloverleafpublications.company.site
2 www.facebook.com cloverleafpublications.company.site
2 js.stripe.com js.stripe.com
2 connect.facebook.net connect.facebook.net
2 ecwid-addons.s3.amazonaws.com app.ecwid.com
2 djqizrxa6f10j.cloudfront.net app.ecwid.com
2 ecomm.events app.ecwid.com
ecomm.events
2 cloverleafpublications.company.site
1 image-cdn.chaty.app
1 www.google.de cloverleafpublications.company.site
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 mcusercontent.com cloverleafpublications.company.site
1 mc.us8.list-manage.com downloads.mailchimp.com
1 d20ubqycd8ynev.cloudfront.net app.ecwid.com
1 www.powr.io app.ecwid.com
1 d11s7fcxy18ubx.cloudfront.net app.ecwid.com
1 d1oxsl77a1kjht.cloudfront.net app.ecwid.com
1 d3dq8sxcny4hg.cloudfront.net app.ecwid.com
1 chimpstatic.com cloverleafpublications.company.site
1 investigative-voices.news 1 redirects
113 35
Subject Issuer Validity Valid
*.company.site
R10		 2024-09-10 -
2024-12-09		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-28 -
2025-06-28		 a year crt.sh
*.ecwid.com
Amazon RSA 2048 M03		 2024-06-06 -
2025-07-06		 a year crt.sh
downloads.mailchimp.com
Amazon RSA 2048 M03		 2024-06-24 -
2025-07-22		 a year crt.sh
*.ecomm.events
R10		 2024-10-29 -
2025-01-27		 3 months crt.sh
chaty.app
WE1		 2024-10-18 -
2025-01-16		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-24 -
2025-08-24		 a year crt.sh
powr.io
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-31 -
2025-07-31		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-30 -
2025-02-06		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 a year crt.sh
digitalasset.intuit.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-23 -
2025-08-12		 a year crt.sh
mcusercontent.com
WR3		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Frame ID: 14C088744D6DEA104F1089A3667A851F
Requests: 99 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/CBBF5FE85F67741FF21DD1D4BE06B0F4.cache.js
Frame ID: 138E0C56811BDB579AC39C8133967D69
Requests: 1 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: CC754155C2BCC065A70B4FD1CAE00D45
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Frame ID: 236CBE0529030ECD5D717206C7A81B04
Requests: 4 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11216295269?random=1730817866751&cv=11&fst=1730817866751&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9172770513&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&hn=www.googleadservices.com&frm=0&tiba=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&npa=0&pscdl=noapi&auid=1754591246.1730817867&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6241224A184FFD1E45A7CD5D75A7926E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fcloverleafpublications.company.site
Frame ID: 52479AAA5401E3DFFBC3232A7BE2B0E7
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D2F504AE9A372DDBB260C06D35A584FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investigative Voices R E P O R T S

Page URL History Show full URLs

  1. https://investigative-voices.news/ HTTP 302
    https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://app\.ecwid\.com/script\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected

Page Statistics

113
Requests

98 %
HTTPS

32 %
IPv6

24
Domains

35
Subdomains

34
IPs

2
Countries

4157 kB
Transfer

12434 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://investigative-voices.news/ HTTP 302
    https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Investigative-Voices-R-E-P-O-R-T-S-c173979752
cloverleafpublications.company.site/products/
Redirect Chain
  • https://investigative-voices.news/
  • https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
140 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.193.28.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a1669a26fdbbb4919918f2e3df9edeaa0d0edd71f9bb9b9f27bb7a2b80d1b6f4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 05 Nov 2024 14:44:18 GMT
strict-transport-security
max-age=15724800
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
date
Tue, 05 Nov 2024 14:44:16 GMT
engine
Rebrandly.redirect, version 2.1
location
https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
strict-transport-security
max-age=15552000
website.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		118 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/website.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71efa6181397bc4908dd5b7ddb339c65f75b96e041682ff92f805d7a44433f14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
0uo73LIk.djHXw46p54QoIsHVs.bl1lR
etag
W/"aa57d6b032fc5d89918b8d56842859a6"
age
8245
x-cache
Hit from cloudfront
x-amz-cf-id
f1HEY4-62GkKvUgeCk2_WvxdeEEdJ3QSDDrFdSl9f2AE79T2ZzcK-w==
date
Tue, 05 Nov 2024 12:26:54 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 12:26:10 GMT
x-amz-replication-status
PENDING
x-amz-meta-ecwid-hash
aa57d6b032fc5d89918b8d56842859a6
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
AnnouncementBarTile.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/AnnouncementBarTile.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddb72e524d579075dd0e82b903369d6dc6e0c9efc3da4a48ca68f937d6eb26c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
WIEnj2JX6E4WrrIk1g6Cv4nlIP_K8Oue
etag
W/"0daffb2b319a2e6c5e292528ee42b511"
age
8245
x-cache
Hit from cloudfront
x-amz-cf-id
44RMgrv7lNHdN-ZEwBGEK8HgLSNlCRMSBJcHVWSdrrpYF-a0CVhvzg==
date
Tue, 05 Nov 2024 12:26:54 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 12:26:10 GMT
x-amz-replication-status
PENDING
x-amz-meta-ecwid-hash
0daffb2b319a2e6c5e292528ee42b511
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
HeaderTile.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		161 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/HeaderTile.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ad5d725bf6720734176f8df5d679770fdd89061df60d529a782b4fc6abdde2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
RvxNgwDr5a2zMMTOahZ7MlTswvDJN5ut
etag
W/"8f3e64409503b8e0c37a6483a5ef8caf"
age
8245
x-cache
Hit from cloudfront
x-amz-cf-id
TnPUWKAPIZbcMbw2zKw6d14OZJmGHdGX-wbpzo0fmJd7MrkeavrZDw==
date
Tue, 05 Nov 2024 12:26:54 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 12:26:05 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
8f3e64409503b8e0c37a6483a5ef8caf
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ProductBrowserTile.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ProductBrowserTile.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a8d5f80019fae8dbae1e16d2989db78dc26cdc89a74fb3c6df6c8a952d138bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
3rh6.tmFO8kPeRnzUdsDiQbOIcV77muV
etag
W/"f7644c47cb60526928dfecbad5e1f331"
age
8245
x-cache
Hit from cloudfront
x-amz-cf-id
p7VuxDIJbAuvqbzFr6YX8OXqN5_hYtuZhvM-Xb22YtjYbqLyXVumWQ==
date
Tue, 05 Nov 2024 12:26:54 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 12:26:22 GMT
x-amz-replication-status
PENDING
x-amz-meta-ecwid-hash
f7644c47cb60526928dfecbad5e1f331
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
FooterTile.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/FooterTile.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8220e8bfa4b0d048232c1a49a83a3f84994765de8a58dca333fbdbc97031f572

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
3Rjewa5FFNQgUw9L43TN8_KUS1mprbaf
etag
W/"aff3bf85d82ef68c1a8b5aa146432722"
age
8245
x-cache
Hit from cloudfront
x-amz-cf-id
6mc1yuT7pMtoBW6VJsiNvmvevQExdqwNQ9f_5tKGOn9loTPYQ_y6ag==
date
Tue, 05 Nov 2024 12:26:54 GMT
content-type
text/css
vary
accept-encoding, Origin
last-modified
Tue, 05 Nov 2024 12:26:13 GMT
x-amz-replication-status
PENDING
x-amz-meta-ecwid-hash
aff3bf85d82ef68c1a8b5aa146432722
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
StandardFont.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		661 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/StandardFont.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9206946d514b8fc7b5de7361b365f4ebedd9eeb28c4128ebed4174df091c4345

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

etag
"04ab43ea8f418744ad65e7a3a016d14f"
x-amz-version-id
80qmO7.eJQ9fE0pFReCvxmUNYsV2kLDd
age
8243
x-cache
Hit from cloudfront
x-amz-cf-id
dvmVi3DFyCAJ3Zdvkt9E2lIMJfktuhEQHUwhOy8rPvhXL1AYlVAlig==
date
Tue, 05 Nov 2024 12:26:56 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 12:26:15 GMT
vary
Origin
x-amz-replication-status
PENDING
x-amz-meta-ecwid-hash
04ab43ea8f418744ad65e7a3a016d14f
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
661
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
AbrilFatfaceFont.css
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		683 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/AbrilFatfaceFont.css
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1eeaa0f5a51c723d0837c8de5c92c9643d8c5c80bb16c7c687f621a70749036

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

etag
"586b75c9d4cb0dc7892673d647b1a884"
x-amz-version-id
NcpOgFtJUD4Fr00PIdvUPhGKN6tIDmfF
age
8192
x-cache
Hit from cloudfront
x-amz-cf-id
Khd6NaymfsYx6NYOFWahjWF-4UwCG3tdTCCpIIGy7XUsI36GR2sSCA==
date
Tue, 05 Nov 2024 12:27:46 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 12:26:14 GMT
vary
Origin
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
586b75c9d4cb0dc7892673d647b1a884
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
683
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
store-2020.bundle.js
d34ikvsdm2rlij.cloudfront.net/startersite/static/2024/2024-48963-g380f493dcbf463/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/startersite/static/2024/2024-48963-g380f493dcbf463/js/store-2020.bundle.js
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
455a3f25597741375ae4f968951915b378636d3793c810dc645593a0e22f4105

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-amz-version-id
77rHarNcJc9Fke.3SCkcHKVH_50I9MCt
etag
W/"a572b8e2269d6f2251931c477e964053"
age
112211
x-cache
Hit from cloudfront
x-amz-cf-id
OeLzyFaeSEtmXWh2V6DhPJO8paxzAMGMu1El2wAm0N2YHWStM3NW_A==
date
Mon, 04 Nov 2024 07:34:11 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Mon, 04 Nov 2024 07:32:17 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
a572b8e2269d6f2251931c477e964053
cache-control
public, max-age=31536000
via
1.1 9d1f21fface75767578955e1853e754e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a33da6b9fd73c3b3f99df60a755875b72ba54dcb7d58a4e92e08fd1b36287b9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
j17dTFJi8kU9zd.a_bQExIasUJsHvHCL
etag
W/"aa72aaef788b9a88467066c6ad5f838e"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
TaXSY_biDN8rtQAY1Izid6IqXaiVSfdpQTYaQi5xalLDcixkGj7kSA==
date
Tue, 05 Nov 2024 14:44:20 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:09 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
aa72aaef788b9a88467066c6ad5f838e
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
website-app.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		42 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/website-app.js
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
223ac54a0388f9250b825d82b31a6e2083205c1f9dc0ed8210be689d0ed17c45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-max-age
3000
etag
"9210ca7551cae91075e9b84d8ce5e4d5"
x-amz-version-id
1ckFzW1OU3v69IFNr1nblPZHp_6Vyai9
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
Q4jGZS3twGWIN3CU8afJ0S3yG1KlvmBPla9szbXiCYDJfHjjwFHYxQ==
date
Tue, 05 Nov 2024 14:44:20 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 05 Nov 2024 12:26:16 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
9210ca7551cae91075e9b84d8ce5e4d5
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
42
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
9fd6792560c05a4cb0d7cef2c.js
chimpstatic.com/mcjs-connected/js/users/5080f1e4eab1eeed2ccd4b657/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/5080f1e4eab1eeed2ccd4b657/9fd6792560c05a4cb0d7cef2c.js
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.19.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-19-45.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6bb474abadf55bc9230b4da10b251d6e0a8f1f335827b884beee54b136a2c219

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

X-EdgeConnect-MidMile-RTT
0
Content-Encoding
gzip
ETag
"16144232042e6c4b401564e992b4d139"
Expires
Tue, 05 Nov 2024 15:13:59 GMT
Date
Tue, 05 Nov 2024 14:44:22 GMT
Last-Modified
Mon, 03 Jun 2024 21:03:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
x-amz-id-2
1WRDXw+mT6zy32siaETWXZd9vgZtTy/AgknhTFlJb38X3/so2lgDXfPi01o5tcDxFK7EnBbR3Hw=
Cache-Control
max-age=1777
Connection
keep-alive
x-amz-request-id
HP0M2C8EFND0VR7B
Accept-Ranges
bytes
Content-Length
1243
Server
AmazonS3
X-EdgeConnect-Origin-MEX-Latency
106
x-amz-server-side-encryption
AES256
standard-all-400-normal.woff
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/standard-all-400-normal.woff
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/StandardFont.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba39ecab73e3d2fd37e1681d47867e2940803ea0db6766e932b17a5001b11dbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/StandardFont.css

Response headers

access-control-max-age
3000
etag
"9df54bd1d2a938f1459542b9235d4b0a"
x-amz-version-id
2DUjFtKpZyJhgL5Lo23_baFYSyqDOz8J
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
VQYXaGq5gVF9KiqJ29zXZnG0xC8iO801DWN5q2NVfXqdlLp6gseTUQ==
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
application/font-woff
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 05 Nov 2024 12:26:12 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
9df54bd1d2a938f1459542b9235d4b0a
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
25296
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
abril-fatface-latin-400-normal.woff2
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/abril-fatface-latin-400-normal.woff2
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/AbrilFatfaceFont.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/AbrilFatfaceFont.css

Response headers

access-control-max-age
3000
etag
"c505a5b998cf70c98db25dd8d644c688"
x-amz-version-id
2.m2W0VQXrWv6FjFGWK2Bb7Ea1ZG05Fv
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
yHIiSXNzixtI9ISD-QA7m_yxFiTyIiICBkYP_RmH4oxPVZT_KsLDDw==
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
application/octet-stream
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 05 Nov 2024 12:26:15 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
c505a5b998cf70c98db25dd8d644c688
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
13176
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
website.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		1 MB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/website.js
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cd0429ba709824a6a52ade788dda269d2b89ef96aeb16a16bb9c2f02b9356a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://d34ikvsdm2rlij.cloudfront.net/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
pCgfJFLjzJ_AO5two.207oynlIRu7GbY
etag
W/"b39d251b96aae0165eef178027f51206"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
FZsK59Quqhr1bZYOk9ToMGegWL905xSMIHsVKhbzjbRATgDHRBe6qA==
date
Tue, 05 Nov 2024 14:44:23 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:18 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
b39d251b96aae0165eef178027f51206
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
script.js
app.ecwid.com/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/startersite/static/2024/2024-48963-g380f493dcbf463/js/store-2020.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
18024a1a815b5777378ef853cfe52a8979bc41fbfa28a868e05b17bf1b5baea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Access-Control-Max-Age
600
Cache-Control
private,must-revalidate,max-age:3
Content-Encoding
gzip
ETag
W/"153840048"
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Tue, 05 Nov 2024 14:44:22 GMT
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding
Server
nginx
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 		226 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/5080f1e4eab1eeed2ccd4b657/9fd6792560c05a4cb0d7cef2c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f63402d28283b8a65e36879b9e4768287f4d2d8c3b9529ba5ae05653b8ebfc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
br
ETag
W/"1baee6edf38a79e1feda9b5099117403"
Age
17102
Connection
keep-alive
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
tIMPJW3yGLMidIfvUfcFzkrrWp-VGBwwXsQuNmiRAfULPNAYC_FF3A==
Date
Tue, 05 Nov 2024 09:59:21 GMT
Content-Type
application/javascript
Last-Modified
Tue, 27 Aug 2024 23:38:24 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
new-frontend.de.2093334210.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ 		311 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.de.2093334210.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61b5692a36016b6b700e6070762271d15715ce46bac8bdc65597804d0ed66925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=31536000
content-encoding
gzip
x-amz-version-id
WVQ0ztbPom_lly9Pdn20sgCjZqNUMVAy
etag
W/"72f85e1e6e41a2374bbaa03adf5773a5"
age
9181
via
1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
znuE4DF2PGsAXp5QCWnn_RdqCmM605PrXEQdNpzafksRyZvCVJSxRQ==
date
Tue, 05 Nov 2024 12:11:21 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 05 Nov 2024 12:06:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
ecwid-storefront.011a138842d3cde5bfa9de236283e14e.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 		1 MB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.011a138842d3cde5bfa9de236283e14e.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-116.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
2c4dae3de18a78d983b9a637f693f530ef89bc338969fe52f5e08bd2c988ed9d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
011a138842d3cde5bfa9de236283e14e
age
8243
via
1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
-lBWhnRlXOziNdUo3xNhBeT3vM-6MqXU45jLHaPyiF8eKvz88AqQUg==
date
Tue, 05 Nov 2024 12:26:59 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P10
states.js
d3dq8sxcny4hg.cloudfront.net/ 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2024-49290-ge11168c352ab25&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ac00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
age
8014
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
22964
x-amz-cf-id
_WAmMB8JGwhWx_VmlwWNwOXu5wnhn4DkjIi638bgoQo0WlJTgqRgoQ==
date
Tue, 05 Nov 2024 12:30:48 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
FRA6-C1
data.js
app.ecwid.com/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/data.js?ownerid=13880652&lang=en&token=2f93437cbe8305407894c8e771b3af8198f932d4&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e1ea079ae92f9dbd7931f2c150e408db8e72f3feacb4cceedcae12e14bafa7f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Content-Length
10830
Content-Encoding
gzip
Date
Tue, 05 Nov 2024 14:44:22 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Server
nginx
Connection
keep-alive
i.js
ecomm.events/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.233.246.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-246-208.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
0487c38e38d1aa68657c18420d3181708e77d93fd38acaf1282617b8aae81e85
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
no-cache
content-encoding
gzip
etag
2138495213
content-length
1715
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
new
d1oxsl77a1kjht.cloudfront.net/css/ 		822 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=2089975835&ownerid=13880652&frontendV2&color-background=%23f9f9f9&color-foreground=%23191919&color-link=%231a7ac4&color-button=%23191919&color-price=%23191919&font-family=Standard%2C-apple-system%2CBlinkMacSystemFont%2CSegoe%20UI%2CRoboto%2CArial%2Csans-serif&useExactGalleryColors=false
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a600:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
49063a01465587353046fddf430ea0575800b275b5318f9497aa03c70e26ae5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"2089975835"
age
898963
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
psRbvUdNYJEAi6qB8kNTpHyz2Cg9JdzYLCooHJz2MwCb58VjUiX0YA==
date
Sat, 26 Oct 2024 05:01:39 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P7
CBBF5FE85F67741FF21DD1D4BE06B0F4.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 138E 		2 MB
686 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/CBBF5FE85F67741FF21DD1D4BE06B0F4.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:9c00:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f9a8fba1a032b4322abb2fb683f59c8c9228cf7d003e88ec727b724bbc49b0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
x-amz-version-id
GPHq9xQMi5dVLcEEiMED0RuoKOKlGOeN
etag
W/"df8d6d035c6652aee44d4f30c35907fa"
age
8003
x-cache
Hit from cloudfront
x-amz-cf-id
8LVqyJDJdH3o8sAMiTOt7ExWz3ZIXNmC9Je45pojmhsOyUF_H3V9tQ==
date
Tue, 05 Nov 2024 12:30:59 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 05 Nov 2024 12:27:47 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
df8d6d035c6652aee44d4f30c35907fa
cache-control
public, max-age=31536000
via
1.1 f41688bac877227b82b3347b2428d266.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12
server
AmazonS3
x-amz-server-side-encryption
AES256
style.min.css
djqizrxa6f10j.cloudfront.net/apps/customizations/APPS/google-tag-manager/1.5/ 		1 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://djqizrxa6f10j.cloudfront.net/apps/customizations/APPS/google-tag-manager/1.5/style.min.css
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c000:3:22ec:38c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-amz-version-id
Pn155ukJ_MRlOwS4IQ5Oxnd90M.UowMu
etag
"68b329da9893e34099c7d8ad5cb9c940"
age
48323
x-cache
Hit from cloudfront
x-amz-cf-id
T0X3xNYKMGj-dbDqMYbebP9LCDaY0p2przy94jF8tORhaKAEybWHjA==
date
Tue, 05 Nov 2024 01:19:00 GMT
content-type
text/css
vary
accept-encoding
last-modified
Thu, 09 Feb 2023 10:38:51 GMT
x-amz-replication-status
COMPLETED
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pixel.css
cdn.chaty.app/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.chaty.app/pixel.css
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd931a0cda674e5b0ac29bad14f36d5e7183ff9a8076de1efddff0c691124ba1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"43b8b46228577ec43219cda782988153"
x-amz-version-id
null
age
2377
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxC9hq%2BVt4DHmtekg%2FaVnHFQu8A06Ltqkah3SrGuCMg1R3YNiABx38YApc6om%2BjIbEZ8TCbAbL4L8GXb2Sr5LmFH%2Fr7Uxo4%2F2qPXbA5Kti6YXEHVI8iP39SxgENFst67"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
dc5kdB7pd1BP8wbtjl2jQ3pfwQVX0_MKNlbidOWhiLKhFnt0sx_qgA==
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 09:06:19 GMT
vary
accept-encoding
priority
u=0,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=40157&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4606&delivery_rate=78452&cwnd=12000&unsent_bytes=0&cid=63e58b587a88e885&ts=307&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-ray
8ddd9f1a6dc8d265-FRA
x-amz-cf-pop
FRA60-P7
server
cloudflare
x-amz-server-side-encryption
AES256
style.css
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/pin-save-button/1.4/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/pin-save-button/1.4/style.css
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.233.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7136fb3ae47f00f8dcb80d35fc26edd6b46cc3083a16340adff6e75f2cf176ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-amz-id-2
GO8chIDgJZTp8OqBZRSbdYEJSp2dOzPpaxXSyuyEkoe/Bd1m659I0ADhnxR1KJoP75kLJIc2uo0=
x-amz-replication-status
COMPLETED
ETag
"3f1eab9f4d0acc7df7f9560143c7675c"
x-amz-version-id
FvucfUh11yOSOBm2anRKvan9iM6nM46J
x-amz-request-id
B8XJ75GNB6VM312N
Accept-Ranges
bytes
Content-Length
3208
Date
Tue, 05 Nov 2024 14:44:24 GMT
Last-Modified
Thu, 06 Jul 2023 17:46:33 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-server-side-encryption
AES256
script.min.js
djqizrxa6f10j.cloudfront.net/apps/customizations/APPS/google-tag-manager/1.5/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://djqizrxa6f10j.cloudfront.net/apps/customizations/APPS/google-tag-manager/1.5/script.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c000:3:22ec:38c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b128282d738229104ecea5f2f9a9dd4b9e1d87a847e1b067ee99444072bdd9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

vary
accept-encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
OiHPCj7F820RZkTQ1DzWm0tK7k318hcC
etag
W/"23973d3e5e8f1d8b265df445cedc15b4"
age
28040
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HU1uBTOyy2lZKT98s1mnbGIEj544g7j5YnFdKZX5ybvmiIfJGarlJA==
date
Tue, 05 Nov 2024 06:57:03 GMT
content-type
application/javascript
last-modified
Thu, 09 Feb 2023 10:38:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
pixel.js
cdn.chaty.app/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chaty.app/pixel.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5f8ab5af25a43653ccaf5452949c206e9e215badc241138d94f1a28f0cd776

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"f4002bb577a87d8d7599e0b23e36888f"
x-amz-version-id
null
age
6993
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dr01BFcAElXYskz88ErO%2BOyjmI1wSLQeQhu2Q4gdAUIJmzmT8cwATBrFGvybQgYp4O0lX7GOJnFFYHHAtD5%2BtFJ7Ot6N%2BVT0GCaqObn41F1T1u5mGMEZv8ZF1Bo0JK0k"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pCDyVCDJmJXBZLZa29TyddJeJO8HwkKj_wXqaagTSSkoLHGlEnjDnw==
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 16:01:17 GMT
vary
accept-encoding
priority
u=3,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=40157&sent=19&recv=9&lost=0&retrans=0&sent_bytes=12356&recv_bytes=4606&delivery_rate=78452&cwnd=12000&unsent_bytes=0&cid=63e58b587a88e885&ts=308&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-ray
8ddd9f1a6dbfd265-FRA
x-amz-cf-pop
FRA60-P7
server
cloudflare
x-amz-server-side-encryption
AES256
ecwid.plugin.js
analytics.sitewit.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:3b80:78a9:66ec:dda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3e0c1e0adf53ec377d8b821778bb967c63d25201e8b9c7c427c5a6e231ef5c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
private,no-cache
x-aspnet-version
4.0.30319
content-length
5978
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
date
Tue, 05 Nov 2024 14:44:23 GMT
content-type
text/javascript; charset=utf-8
server
Microsoft-IIS/10.0
script.js
ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/pin-save-button/1.4/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecwid-addons.s3.amazonaws.com/apps/customizations/APPS/pin-save-button/1.4/script.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.233.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
eaff24ddd34c808a583d362a8630cef26203f1cdfc72ca7b69f7f49153a5e35e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-amz-id-2
BKjy6EOuRgI2kxrHRPp73DakBVszIfjacTUgYU/wQNT1A6fly+VgTAZT8NJFh6554lT6/Odz5GQ=
x-amz-replication-status
COMPLETED
ETag
"3ce11617d7e1732f0be98ac8d9a241ce"
x-amz-version-id
ByjQvw_U8wK1IN.Kv1S76xrDOkJkFIvc
x-amz-request-id
B8XQFW4NVJ9P913F
Accept-Ranges
bytes
Content-Length
2608
Date
Tue, 05 Nov 2024 14:44:24 GMT
Last-Modified
Thu, 06 Jul 2023 17:46:33 GMT
Content-Type
application/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
powr.js
www.powr.io/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/powr.js?external-type=ecwid
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.5.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2740e7f70cdfb9b12a4269b5e0e4736126bdfb12ea330d2e93a8ba3c55d5d74
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
15728
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 09:04:38 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:44:23 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 09:04:19 GMT
x-origin-instance
gke
content-security-policy
frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
cache-control
max-age=604800, public
x-envoy-upstream-service-time
4
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ddd9f1e39ace50d-TXL
x-xss-protection
1; mode=block
server
cloudflare
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:f200:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
max-age=60, stale-while-revalidate=120
content-encoding
gzip
etag
-155848237
age
27
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
1007
x-amz-cf-id
P11wmKpWEjSmhavIJX0puTWPI7r1WE6nB2WulyzYAD973aW2bqpiWg==
date
Tue, 05 Nov 2024 14:44:23 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
form-settings
mc.us8.list-manage.com/subscribe/ 		15 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us8.list-manage.com/subscribe/form-settings?u=5080f1e4eab1eeed2ccd4b657&id=110d414abb&f_id=139161&u=5080f1e4eab1eeed2ccd4b657&id=110d414abb&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.57.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-57-226.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
1f04b76ab701b3b28ffde7963d89ead1355e2b9a35312cde078dcc9037db7ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-request-id
1-672a2f47-0f5e4bdd4f6af55421df5d2f
content-encoding
gzip
expires
Tue, 05 Nov 2024 14:49:24 GMT
x-ua-compatible
IE=edge,chrome=1
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-spanid
33dc6a24-6ec6-b9e5-92b8-fe5091a2c7ce
cache-control
max-age=300
intuit_tid
1-672a2f47-0f5e4bdd4f6af55421df5d2f
x-envoy-upstream-service-time
1184
x-amzn-trace-id
Root=1-672a2f47-0f5e4bdd4f6af55421df5d2f
referrer-policy
same-origin
x-envoy-decorator-operation
http-interposer-desired-service.mailchimp-cloud-httpinterposer-use2-prd-m2.svc.cluster.local:8090/*
content-length
6820
server
istio-envoy
AnnouncementBarTile.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/AnnouncementBarTile.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fedd8559f71128c87428ccec4fdb30b6cde025baaef842a2835d099b86353306

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
TtXmDTmaC9YLFa4AycwYcdWiT0b6MHVD
etag
W/"ef0ecaa9d22778405b13a9a4732a1c4c"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
J4cJomuJcZRph-DEifSoK3vDsQOhEUgS0EbX0oawKj7cP9sA9-3Fwg==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:13 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
ef0ecaa9d22778405b13a9a4732a1c4c
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ActionLink.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ActionLink.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddd701e2d2d6f4acc62495f21a3b32c5595414ebe7baad5e6dd15faf2608b853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
L8mif9IS7uVSzkn6PRWznfaL4CU.12M.
etag
W/"f589b07bb93d794a21a3adb36682ed47"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
Z03aSU3r-amOp7KkHXD60E_zJWZrie5mi2drkZfiFeQe_cm6U36LXg==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:06 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
f589b07bb93d794a21a3adb36682ed47
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
website-icons.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/website-icons.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2710b98db0f6253a46ccaa1d88c4f1b16b63e96c5e9e789786cdd2a1b27e9356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
jx4BdHZFuebPfL57YrHUEj5NdLDxA8gP
etag
W/"4863b88c24604243366caf8d595fbe83"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
DfEgZqzLLXgTYggrPVXyfsGdJkSVlFTGfMQwhB3pqRjaKN_fQDrxGw==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:17 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
4863b88c24604243366caf8d595fbe83
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
HeaderTile.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/HeaderTile.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5779b9a5ccca1b765ef4ca3ad3b7e39fdb60821ed898b1d092bac6d6c1ea1f6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
PtoRzVZ9odmjjqb1gbDkWjUDOvtjF9eh
etag
W/"3e101a7a83de788fea7d9a6d8a551e1a"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
EGhqSA453-duE7r2CP0l4yCTyoP7y_RO2D9JOcf40YCN1Hn76IlQKg==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:18 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
3e101a7a83de788fea7d9a6d8a551e1a
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
PictureContainer.vue_vue_type_script_setup_true_lang.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/PictureContainer.vue_vue_type_script_setup_true_lang.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ea225f623fa77c2ecd25c83c4b13b4d8de9769f40d38d5bdb38c61eb359c7c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
AUTa0xnluMUZtVbYz3ZBWpOxhFWb0Qqf
etag
W/"00921eafbc2c2caae49721c5a757f6ba"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
qpermCNL-j6yjZ4DfDOv9zj4tO0ZAs-sqQ6PEMlA7hyTf-RLU0lGkw==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:07 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
00921eafbc2c2caae49721c5a757f6ba
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
LanguageDropdownMenu.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/LanguageDropdownMenu.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97f2896c1b3e6a001ddae29a328988701368dd41257c221ec05ec7012fd6e47c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
boLH.X1muhexiVj.TBuZbqoOdB98Lqer
etag
W/"b6b9f902aaee5d02b4bbe55742b32771"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
XtabI_u4BXzlc2t6SnAU2M5co6Mgr7SHVee5HhW_V_gJiUQtioCE3g==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:08 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
b6b9f902aaee5d02b4bbe55742b32771
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ProductBrowserTile.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ProductBrowserTile.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dca594f9f5619920c2c2ed5aadf8ab7d17815e9481d4f1e57a2c58e588991545

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
XC3Jmwmy6qVn8IyoLfFwABs66BbpiPk3
etag
W/"ae024cd30e0c818bc82e3aabc0c4c6d1"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
TjVDozRylGgas33bVfrijoiCRcX3LdSqpuozxtLyccGZo29xyJEdjw==
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:11 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
ae024cd30e0c818bc82e3aabc0c4c6d1
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
rpc
app.ecwid.com/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=13880652&version=2024-49290-ge11168c352ab25
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Permutation
CBBF5FE85F67741FF21DD1D4BE06B0F4
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Access-Control-Allow-Origin
*
Content-Length
12
Date
Tue, 05 Nov 2024 14:44:24 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
Connection
keep-alive
register
ecomm.events/ 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/register
Requested by
Host: ecomm.events
URL: https://ecomm.events/i.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.233.246.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-246-208.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
content-length
0
date
Tue, 05 Nov 2024 14:44:23 GMT
server
nginx/1.19.0
js
www.paypal.com/sdk/ 		304 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=false&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acd8b4d98ff4f807f4ccfb3ea334e4a5070978334ae2a6d8ea1b84d61d2a177e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pkogh2ZwG7BN5GHK7/4FMhcKAFVbMuOEfy34aP6/xVsTGKaC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pkogh2ZwG7BN5GHK7/4FMhcKAFVbMuOEfy34aP6/xVsTGKaC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f9690833c0b3b
content-encoding
gzip
etag
W/"148cb-StHKqdAGkfcbkpLXYIb5w3SCAZY"
age
9831
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f9690833c0b3b-2fdc19e90aa30ca0-01
server-timing
"traceparent;desc="00-0000000000000000000f9690833c0b3b-34b9c05891a6e8d2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-pkogh2ZwG7BN5GHK7/4FMhcKAFVbMuOEfy34aP6/xVsTGKaC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pkogh2ZwG7BN5GHK7/4FMhcKAFVbMuOEfy34aP6/xVsTGKaC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817864.291895,VS0,VE10
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84171
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ 		304 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acd8b4d98ff4f807f4ccfb3ea334e4a5070978334ae2a6d8ea1b84d61d2a177e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-2ub3lPV+46MiK8EglbdfPLZsqC9LvzonH/ieve30+7+EzO0T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-2ub3lPV+46MiK8EglbdfPLZsqC9LvzonH/ieve30+7+EzO0T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f969083020815
content-encoding
gzip
etag
W/"148cb-StHKqdAGkfcbkpLXYIb5w3SCAZY"
age
9831
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f969083020815-e264cef9167cc6c4-01
server-timing
"traceparent;desc="00-0000000000000000000f969083020815-52fd0c925bc8e78f-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
1, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-2ub3lPV+46MiK8EglbdfPLZsqC9LvzonH/ieve30+7+EzO0T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-2ub3lPV+46MiK8EglbdfPLZsqC9LvzonH/ieve30+7+EzO0T' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817864.291341,VS0,VE12
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84171
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ 		305 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4699ee2f66430fa5cee49bac2dad6f5758c09cbfae78df390950ea806891af3a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gZ/JZtfHQzm71xkhuy+Q2MSMMWh7bmYfkb2ZYFqzYeu9QVW1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gZ/JZtfHQzm71xkhuy+Q2MSMMWh7bmYfkb2ZYFqzYeu9QVW1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
f8822814b675e
content-encoding
gzip
etag
W/"149be-mbgSNPkuluYewRsa32qqnUJR9AA"
age
9831
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
disable-set-cookie
true
traceparent
00-0000000000000000000f8822814b675e-f4dacbc318d58a6f-01
server-timing
"traceparent;desc="00-0000000000000000000f8822814b675e-5903bc7d04af7368-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
p3p
true
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
x-cache
HIT, MISS
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gZ/JZtfHQzm71xkhuy+Q2MSMMWh7bmYfkb2ZYFqzYeu9QVW1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gZ/JZtfHQzm71xkhuy+Q2MSMMWh7bmYfkb2ZYFqzYeu9QVW1' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
cache-control
public, max-age=3600, s-maxage=10800
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817864.291888,VS0,VE11
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
access-control-allow-origin
*
content-length
84414
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gQPiCW0Q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gQPiCW0Q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=23, mss=1232, tbw=4526, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
JuCRofybr2Pjzy5Go96EnIBpEFiST9/X9r66WmrTvofS632tkIRceD/ZFoXjzp7Tgud5IKXlpkDv9B7zpw1lmg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		321 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JV26WXKXCK
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19d94c66f6d8cd487ce7ca7a26bc03ec92a63238c98cc559ae1ab8b12c54e61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 05 Nov 2024 14:44:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108920
x-xss-protection
0
server
Google Tag Manager
rpc
app.ecwid.com/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=13880652&version=2024-49290-ge11168c352ab25
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Permutation
CBBF5FE85F67741FF21DD1D4BE06B0F4
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Access-Control-Allow-Origin
*
Content-Length
12
Date
Tue, 05 Nov 2024 14:44:24 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
Connection
keep-alive
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=13880652&version=2024-49290-ge11168c352ab25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://cloverleafpublications.company.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 05 Nov 2024 14:44:24 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=13880652&version=2024-49290-ge11168c352ab25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://cloverleafpublications.company.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 05 Nov 2024 14:44:24 GMT
Server
nginx
/
js.stripe.com/v3/ 		676 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6854aac3481586ab33282abce09abaf024c5a896f7195dbec702d7f6afbfd0e3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-request-id
d444a9c3-28b7-423e-b7dc-fdf8865074a1
content-encoding
br
etag
"cd22d51d20dedffaba05b45106dc0fe1"
age
41
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 05 Nov 2024 14:44:24 GMT
last-modified
Mon, 04 Nov 2024 22:07:42 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-fra-etou8220105-FRA
x-cache-hits
22
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
167638
server
Fastly
gtm.js
www.googletagmanager.com/ 		0
0
ecwid-checkout.8539782cea06b758a4d17919af9fb69c.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 		809 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.8539782cea06b758a4d17919af9fb69c.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?13880652&data_platform=startersite_v2&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-116.fra60.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
a13ea60a7fa0cdcc665f316c43490a023353f24b76206c5a1df774a5732634b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=31536000
content-encoding
gzip
etag
8539782cea06b758a4d17919af9fb69c
age
8304
via
1.1 35cfa6fbcb341fd2ae15e24a43e2f57a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
5WZz4lUGBIbqcOrx2SDQgxb2024bTXMo1B08BkKTqD9dkqn-Z5iDVg==
date
Tue, 05 Nov 2024 12:26:00 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx/1.19.0
x-amz-cf-pop
FRA60-P10
rpc
app.ecwid.com/ 		39 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=13880652&version=2024-49290-ge11168c352ab25
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-190-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
27bc581ac80297dc79545f291a01b61b429cb1c1a16e4b8c4e21ee465cd70c59

Request headers

X-GWT-Permutation
CBBF5FE85F67741FF21DD1D4BE06B0F4
X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2024/2024-49290-ge11168c352ab25/ru.cdev.xnext.frontend.LegacyFrontend/
Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8
X-Ecwid-Device-Measurement
WEB;DESKTOP;1600;1200;96;1600;1200

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
10764
Date
Tue, 05 Nov 2024 14:44:24 GMT
Content-Type
application/json;charset=utf-8
Content-Disposition
attachment
Server
nginx
2414108945460411
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2414108945460411?v=2.9.176&r=stable&domain=cloverleafpublications.company.site&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
ffc1bba92f03393ce8e0edbc63b5dc1d4bd5d3a058c6e35f310d8f967c68ab9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gaa06GfI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:44:24 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gaa06GfI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=68, mss=1232, tbw=70380, tp=68, tpl=0, uplat=165, ullat=0
pragma
public
x-fb-debug
nfqePkJVpInF/Kplz7JatXf3q59FOL10G64AAQQz5aiVWN/9wL+7HvmE00utHy78lqEEPoNsmt1nM0/Z0PZ9ww==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
LeftLogoSearchMarkup.js
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/LeftLogoSearchMarkup.js
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e83224fde4f793f8418070fa23900281df31faab2f3ef7c17684697f564aa71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
V.RcOo1jAh1yXyGuUz2plzypeDg1BBd_
etag
W/"76d38e5320acf3477eda7bf31dc3ced4"
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
O5vXsNp3SfsPqj5fl-F-b8Z_I9WrqT1G4_N6kx4Af6703a19I3Jhvw==
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 05 Nov 2024 12:26:12 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
76d38e5320acf3477eda7bf31dc3ced4
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=cloverleafpublications.company.site&t=xo&v=5.0.463&source=payments_sdk&mrid=552FWT99WLLDQ&client_id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&comp=buttons&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=false&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K91pWKHzo2jJMrK2qZtERWGwteng/PiPblgvvoEbTdx73rGk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

paypal-debug-id
f865820b6de7f
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
9831
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f865820b6de7f-1f81e5a16aeeb0f5-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Tue, 05 Nov 2024 14:44:25 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K91pWKHzo2jJMrK2qZtERWGwteng/PiPblgvvoEbTdx73rGk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817865.172819,VS0,VE8
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=cloverleafpublications.company.site&t=xo&v=5.0.463&source=payments_sdk&mrid=552FWT99WLLDQ&client_id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&comp=buttons&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K91pWKHzo2jJMrK2qZtERWGwteng/PiPblgvvoEbTdx73rGk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

paypal-debug-id
f865820b6de7f
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
9832
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f865820b6de7f-1f81e5a16aeeb0f5-01
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-cache
HIT, MISS
dc
ccg11-origin-www-1.paypal.com
date
Tue, 05 Nov 2024 14:44:25 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
1, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K91pWKHzo2jJMrK2qZtERWGwteng/PiPblgvvoEbTdx73rGk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
x-timer
S1730817866.708070,VS0,VE7
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=cloverleafpublications.company.site&t=xo&v=5.0.463&source=payments_sdk&mrid=552FWT99WLLDQ&client_id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&comp=buttons,funding-eligibility,payment-fields&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Fw06n8AMxxoICzs30OQdRP9jmvbctveWzisEc3+LK5MZaoMJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

paypal-debug-id
f865820b7c69d
content-encoding
gzip
etag
W/"2f86-rIyHQCWayVhsCSMMD5/wlkCo+Tw"
age
9832
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f865820b7c69d-1e4e685fabe69874-01
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT, MISS
date
Tue, 05 Nov 2024 14:44:25 GMT
content-type
application/x-javascript; charset=utf-8
x-served-by
cache-fra-etou8220033-FRA, cache-fra-etou8220033-FRA
x-cache-hits
0, 0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Fw06n8AMxxoICzs30OQdRP9jmvbctveWzisEc3+LK5MZaoMJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
cache-control
public, max-age=3600
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817866.769460,VS0,VE11
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
content-length
4354
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2414108945460411&ev=PageView&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&rl=&if=false&ts=1730817865756&sw=1600&sh=1200&v=2.9.176&r=stable&a=plecwid&ec=0&o=12318&fbp=fb.1.1730817865754.166331701703961584&ler=empty&cdl=API_unavailable&it=1730817864492&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=f0&rqm=GET
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2936, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 05 Nov 2024 14:44:25 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2414108945460411&ev=PageView&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&rl=&if=false&ts=1730817865756&sw=1600&sh=1200&v=2.9.176&r=stable&a=plecwid&ec=0&o=12318&fbp=fb.1.1730817865754.166331701703961584&ler=empty&cdl=API_unavailable&it=1730817864492&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=f0&rqm=FGET
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433806129805045320"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
p5Yc2c1608ePH9WIbdaWkaRHWEDXqk4+It1165e82beHHtsPDLR74C3eRa3iO6xsHvLtCNFeLtD2IN6joW7+PA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433806129805045320", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=0, c=12, mss=1297, tbw=3254, tp=-1, tpl=-1, uplat=213, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/ 		112 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/38d3020ee67bdafdc3231e2272e1fa0689108cda/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
br
ETag
W/"a1391b4f56369883b0b9a4e7cd122028"
Age
33284
Connection
keep-alive
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
YHO-gQ_9muMM5miXjN6JWOviJTg6ab955y9CZl5j3I2FlmMVdUspyw==
Date
Tue, 05 Nov 2024 05:29:42 GMT
Content-Type
application/javascript
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JV26WXKXCK&gtm=45je4au0v9172770513za200&_p=1730817863768&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1014830822.1730817866&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730817865&sct=1&seg=0&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&dt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=10111
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV26WXKXCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://cloverleafpublications.company.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
text/plain
server
Golfe2
ts
t.paypal.com/ 		42 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730817865978&g=-60&completeurl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&ru=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%22storeId%22%3A%2213880652%22%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
77abd66c546aa
correlation-id
77abd66c546aa
expires
Tue, 05 Nov 2024 14:44:26 GMT
traceparent
00-000000000000000000077abd66c546aa-e38a91af5ce21065-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-000000000000000000077abd66c546aa-2bb37e10158e88f0-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220135-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730817866.182508,VS0,VE173
via
1.1 varnish
accept-ranges
bytes
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JV26WXKXCK&gtm=45je4au0v9172770513za200&_p=1730817863768&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1014830822.1730817866&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&cu=USD&sid=1730817865&sct=1&seg=0&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&dt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&en=view_item_list&_ee=1&pr1=id00041~nmCrime%20Against%20Humanity%3A%20Government%20Corruption%20Floods%20Appalachia%20(Print)~lp0~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr25~br~k0currency~v0USD&pr2=id00034~nmClimate%20change%3A%20Hoax%20or%20Reality%3F~lp1~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr75~br~k0currency~v0USD&pr3=id00038~nmStorm%20Makers%3A%20The%20Power%20and%20Peril%20of%20Weather%20Modification%20(print)~lp2~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr75~br~k0currency~v0USD&pr4=id00044~nmDARPA%20Exposed%3A%20The%20Secret%20Agency%20Behind%20AI%2C%20Robots%2C%20and%20Super%20Soldiers%20(Investigative%20Voices%20Book%205)~lp3~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr75~br~k0currency~v0USD&pr5=id00043~nmPlaying%20God%20with%20the%20Atmosphere%3A%20Inside%20HAARP%27s%20Influence%20on%20Weather%20and%20Climate~lp4~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr75~br~k0currency~v0USD&pr6=id00046~nmNewsletter%3A%20QuantumAI%20Pulse%201%20Year~lp5~caInvestigative%20Voices%20R%20E%20P%20O%20R%20T%20S~pr100~br~k0currency~v0USD&ep.item_list_name=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&ep.item_list_id=C173979752&_et=31&tfd=10240
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV26WXKXCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://cloverleafpublications.company.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
text/plain
server
Golfe2
ts
t.paypal.com/ 		42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730817866108&g=-60&completeurl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&ru=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%22storeId%22%3A%2213880652%22%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
898c4a5d90caf
correlation-id
898c4a5d90caf
expires
Tue, 05 Nov 2024 14:44:26 GMT
traceparent
00-0000000000000000000898c4a5d90caf-9269d5b93dd948da-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-0000000000000000000898c4a5d90caf-ca6f48c82cf3af24-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220135-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730817866.182507,VS0,VE146
via
1.1 varnish
accept-ranges
bytes
ts
t.paypal.com/ 		42 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1730817866117&g=-60&completeurl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&ru=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%22storeId%22%3A%2213880652%22%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.1 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

access-control-expose-headers
Server-Timing
paypal-debug-id
5f9b811c4ad7f
correlation-id
5f9b811c4ad7f
expires
Tue, 05 Nov 2024 14:44:26 GMT
traceparent
00-00000000000000000005f9b811c4ad7f-39206d3fee329c43-01
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
server-timing
"traceparent;desc="00-00000000000000000005f9b811c4ad7f-ff5049039ecb2c86-01"";content-encoding;desc="",x-cdn;desc="fastly"
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/gif
x-served-by
cache-fra-etou8220135-FRA
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
x-timer
S1730817866.182489,VS0,VE146
via
1.1 varnish
accept-ranges
bytes
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame CC75 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
br
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Age
47809
Connection
keep-alive
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Uo4ai9XF-FNAjib7lynvdU-SHkY_H70k36iB8_IMB66Wms3P0s34pg==
Date
Tue, 05 Nov 2024 01:27:38 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
banner.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame CC75 		813 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Vary
accept-encoding, Origin
ETag
"03dc514068214f6d7d052c91c8492206"
Age
17102
Connection
keep-alive
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
813
X-Amz-Cf-Id
nmYgxp7iLJ1sGzKlrNDN_cz6ukG9ffe3WeygWlhe5Zg51ODXtVqF7w==
Date
Tue, 05 Nov 2024 09:59:25 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
common.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 236C 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

X-Amz-Cf-Pop
FRA56-P9
Content-Encoding
br
ETag
W/"22d453e74fdbe5b73dac8b53e669122e"
Age
47809
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Uo4ai9XF-FNAjib7lynvdU-SHkY_H70k36iB8_IMB66Wms3P0s34pg==
Date
Tue, 05 Nov 2024 01:27:38 GMT
Content-Type
text/css
Vary
accept-encoding, Origin
Server
AmazonS3
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
x-amz-server-side-encryption
AES256
layout-3.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ Frame 236C 		1 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/layout-3.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
032c7880ae5c1991cbb3029e19381f92b542c630b901eca2419b2d0c53c7a0f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
gzip
ETag
W/"298adea4fda4301a7e96b43556ad7798"
Age
43678
Connection
keep-alive
Via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
lgctavxFCJFhmvFvhduoCvkB2XLRYqJSg9ewLQCRnfHzhUZ7kPiOYg==
Date
Tue, 05 Nov 2024 02:36:29 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
modal.css
downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/38d3020ee67bdafdc3231e2272e1fa0689108cda/modal.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding, Origin
Content-Encoding
br
ETag
W/"bb442b187fc78727105fd57962ce4b14"
Age
47808
Connection
keep-alive
Via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Iw5pHznGNSheWoYe9qOFbcuAojkRsYIdjx2Xxs2wWaikVp0v1B1yDA==
Date
Tue, 05 Nov 2024 01:27:39 GMT
Content-Type
text/css
Last-Modified
Tue, 04 Jun 2024 16:58:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P9
x-amz-server-side-encryption
AES256
intuit-mc-rewards-text-dark.svg
digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/intuit-mc-rewards-text-dark.svg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.94.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-94-168.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io https://*.mailchimp.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.intuit.com https://*.mailchimp.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-vhost
publish-oidam
etag
"2ca6-601df65c4e040-gzip"
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 01 Aug 2023 16:54:17 GMT
x-frame-options
ALLOW-FROM https://*.intuit.com https://*.mailchimp.com
content-disposition
inline
content-security-policy
frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io https://*.mailchimp.com;
cache-control
max-age=86400
x-dispatcher
dispatcher2uswest1-b80
accept-ranges
bytes
content-length
4576
server
Apache
intuit-mc-rewards-text-dark.svg
digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/ Frame 236C 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/intuit-mc-rewards-text-dark.svg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.94.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-94-168.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io https://*.mailchimp.com;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.intuit.com https://*.mailchimp.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
x-vhost
publish-oidam
etag
"2ca6-601df65c4e040-gzip"
x-content-type-options
nosniff
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Tue, 01 Aug 2023 16:54:17 GMT
x-frame-options
ALLOW-FROM https://*.intuit.com https://*.mailchimp.com
content-disposition
inline
content-security-policy
frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io https://*.mailchimp.com;
cache-control
max-age=86400
x-dispatcher
dispatcher2uswest1-b80
accept-ranges
bytes
content-length
4576
server
Apache
sw.js
analytics.sitewit.com/partner/ecwid/13880652/noconnect-nogaw-nofbq/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/partner/ecwid/13880652/noconnect-nogaw-nofbq/sw.js
Requested by
Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/ecwid.plugin.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:3b80:78a9:66ec:dda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1820e1791eaba056af00b19fa1b6b61dce48668716978e91062d64995d9cb410

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
private,no-cache
x-aspnet-version
4.0.30319
content-length
20460
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
text/javascript; charset=utf-8
server
Microsoft-IIS/10.0
4610482138.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4610482138.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7018e48245aeb6babae72c5d4c2a3e526fdaf3c83c6e0a12e4d5a07ed622038

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"23a4f851d8bc5715fb6db9522f70f86a"
age
813141
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
35580
x-amz-cf-id
BeTc6j2hu49EN1ePadUboLGA3kuLi1VIAdFp_F9JZuFduiNj573CHg==
date
Sun, 27 Oct 2024 04:52:06 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 07:26:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
4610328499.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4610328499.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10a0beb3184479bc1718c4f75454f2bd5e90fd9c2602d0b8ff5d5e72f2e5e204

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"57458d7a64ce3f604d84fa7c7bb8dcfe"
age
813140
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
37550
x-amz-cf-id
AlIXXyY3P9LC9jKBTASFUYguYG0EkbwKdRxwxUjTstg1VroGP03l7A==
date
Sun, 27 Oct 2024 04:52:07 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 07:26:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
4610482133.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4610482133.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66e8b37662f0c49793a9201e7672bbffd2f56137bfedc5d18e88675ea2805608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"a71be72028017f8561a8892029184ffe"
age
813139
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
28387
x-amz-cf-id
-ZaXkS1zctQ_IMVGDonRGvs5uWCTvCWBEvwOCc-S3I5lLT0JSM366w==
date
Sun, 27 Oct 2024 04:52:08 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 07:25:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
4610482124.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4610482124.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46fe475a9443da1e4d20502c7941f383f285aa0bffc28c6a6885e8ef3d4bfd7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"0b8841bfe90d42356099b134240c301b"
age
813138
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
37279
x-amz-cf-id
3TZQRfKd2NULbvNuA48JZfWHuYhedxhyTitKGeqESh5SP3yXDqHH9Q==
date
Sun, 27 Oct 2024 04:52:09 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 05:57:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
4610328494.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4610328494.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afd8a3af67389712a6a10b853a84513a0ee04a9cefc27603ca7a2e55cc89cb84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"6b8c2bd17802573f4648cdb940a7c903"
age
813137
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
29217
x-amz-cf-id
-224sfvHJDaYoPacXDYVRBaLJuF2JbxDx3H0scTh-nnmhrCaZ_lW9w==
date
Sun, 27 Oct 2024 04:52:10 GMT
content-type
image/jpeg
last-modified
Sat, 26 Oct 2024 07:24:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
4619896045.jpg
d2j6dbq0eux0bg.cloudfront.net/images/13880652/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/13880652/4619896045.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f964a974c495c08c0333b4d6984c012a37f2f80c07cadcc497ead3a3396db9ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"6a89769132bc0fa2989e6dd824c8f16f"
age
230228
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
31367
x-amz-cf-id
xnn9CNky2giSRYz-wjzlF8OFv4rEX5YCYfyFLd3hm1gVskjacPoXEw==
date
Sat, 02 Nov 2024 22:47:19 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 21:49:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
DALL%C2%B7E_2024_10_09_20_20_39___Podcast_cover_artwork_for__Investigative_Voices__by_Lidia_LoPinto__featuring_an_investigator_in_silhouette__holding_a_magnifying_glass__The_investigat_webp.webp
d2j6dbq0eux0bg.cloudfront.net/images/wysiwyg/category/13880652/173979752/1729214811199-742038753/ 		370 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/wysiwyg/category/13880652/173979752/1729214811199-742038753/DALL%C2%B7E_2024_10_09_20_20_39___Podcast_cover_artwork_for__Investigative_Voices__by_Lidia_LoPinto__featuring_an_investigator_in_silhouette__holding_a_magnifying_glass__The_investigat_webp.webp
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170b9f1ea26af6d1b0a07c07d745068f4db4805acb02100087df4482afd9643

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
public, max-age=31536000
etag
"692f53bb07e2c9bd73cf2d1767d33bd9"
age
9838
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
378954
x-amz-cf-id
ee8neM5bLhDEK6pSerkiKvHALO6LMCZv4XZnLxueTKNq8qSFzoJBiA==
date
Tue, 05 Nov 2024 12:00:29 GMT
content-type
image/webp
last-modified
Fri, 18 Oct 2024 01:26:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
standard-all-700-normal.woff
d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/standard-all-700-normal.woff
Requested by
Host: d34ikvsdm2rlij.cloudfront.net
URL: https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/StandardFont.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8600:1f:58b3:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
982fc17615c33ab9c796d031ccfd857b8104884f3a08570d984ca72dbaf1401b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cloverleafpublications.company.site
Referer
https://d34ikvsdm2rlij.cloudfront.net/vuega/static/2024/2024-49290-ge11168c352ab25/website/assets/StandardFont.css

Response headers

access-control-max-age
3000
etag
"93c895c0d3f1daaa1a5216d3c3fa89dc"
x-amz-version-id
sKAwNE2si37pGtPNyhWNrX2S2Bx.EJUn
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
TfCo-8HGLZhlnDX8ZeYc2a0jDQhU9pGGaDR9ygDIR8PbiDOsialN8A==
date
Tue, 05 Nov 2024 14:44:27 GMT
content-type
application/font-woff
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 05 Nov 2024 12:26:11 GMT
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
93c895c0d3f1daaa1a5216d3c3fa89dc
cache-control
public, max-age=31536000
via
1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
24084
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
6d15f6b7-1b13-5ff8-7b97-e8d818e80d5c.jpg
mcusercontent.com/5080f1e4eab1eeed2ccd4b657/images/ Frame 236C 		606 KB
607 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcusercontent.com/5080f1e4eab1eeed2ccd4b657/images/6d15f6b7-1b13-5ff8-7b97-e8d818e80d5c.jpg
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.122.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.122.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
011041170a85ae5dd3f77232f5c5413c3266ce66faebedae4f12737d7583cccd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=fr8Ygw==, md5=8M849nai8L+aCTiucnq99Q==
etag
"f0cf38f676a2f0bf9a0938ae727abdf5"
x-goog-stored-content-encoding
identity
expires
Tue, 05 Nov 2024 15:44:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
620192
date
Tue, 05 Nov 2024 14:44:27 GMT
last-modified
Mon, 03 Jun 2024 19:31:57 GMT
content-type
image/jpeg
x-guploader-uploadid
AHmUCY3XISGDQUUtlBxNpwSP_mVyM4N_cn06HGoSndbl2IR32pWDRJ0UdCxBe50KNGj_rAlmYj4
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1717443117913753
content-length
620192
server
UploadServer
js
www.googletagmanager.com/gtag/ 		244 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11216295269
Requested by
Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/ecwid/13880652/noconnect-nogaw-nofbq/sw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c18e5150024e54a6cef870dde4ec807bb6e958e49710b8296cf5dc67d54391d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 05 Nov 2024 14:44:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89465
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		244 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11216295269&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV26WXKXCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1564b8aabcfc4035c11f9efed04da9f19a02e3dbbf1fea05a7aab54384b4fc51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 05 Nov 2024 14:44:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 05 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89396
x-xss-protection
0
server
Google Tag Manager
pxl
insight.adsrvr.org/track/ 		27 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/pxl?adv=lz1g413&ct=0:y3te1iw&fmt=2&callback=sw.td_callback
Requested by
Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/ecwid/13880652/noconnect-nogaw-nofbq/sw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
a54296a1ab6aee7ca31298d7b0a0523ebbcc8496174a797ee0a1dc588342567d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
gzip
date
Tue, 05 Nov 2024 14:44:27 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
cq_blank.gif
analytics.sitewit.com/images/ 		35 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sitewit.com/images/cq_blank.gif?_sw_ecwidid=13880652&_sw_uid=121bd3f0-0cf2-4f86-ac56-b4a382e2f67e&_sw_fp=3fec827ea9c99bc178aef2aacf43260920ea92cd&_sw_pl=660&_sw_pc=5&_sw_dat=MXxjbG92ZXJsZWFmcHVibGljYXRpb25zLmNvbXBhbnkuc2l0ZXxodHRwczovL2Nsb3ZlcmxlYWZwdWJsaWNhdGlvbnMuY29tcGFueS5zaXRlL3Byb2R1Y3RzL0ludmVzdGlnYXRpdmUtVm9pY2VzLVItRS1QLU8tUi1ULVMtYzE3Mzk3OTc1MnxkZS1ERXwxNjAwfDEyMDB8MjR8Q2hyb21lLzEzMC4wLjAuMHwtfDF8MHwxfDB8LXx8LXwtfC18MmEwMTo0YTA6MTMzODo5Mjo6OXww&to=593
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:3b80:78a9:66ec:dda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache
etag
"9f8deacbda13cb1:0"
accept-ranges
bytes
content-length
35
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
date
Tue, 05 Nov 2024 14:44:26 GMT
content-type
image/gif
last-modified
Thu, 24 Jun 2010 20:21:15 GMT
server
Microsoft-IIS/10.0
pxl
insight.adsrvr.org/track/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl?adv=lz1g413&ct=0:y3te1iw&fmt=3
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-length
70
date
Tue, 05 Nov 2024 14:44:27 GMT
content-type
image/gif
server
Kestrel
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&scrsrc=www.googletagmanager.com&frm=0&rnd=712852386.1730817867&auid=1754591246.1730817867&npa=0&gtm=45be4au0za200zb9172770513&gcs=G111&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730817866770&tfd=10957&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11216295269&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11216295269/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11216295269/?random=1730817866751&cv=11&fst=1730817866751&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9172770513&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&hn=www.googleadservices.com&frm=0&tiba=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&npa=0&pscdl=noapi&auid=1754591246.1730817867&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11216295269&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
aabcae590261210176f1aa97d5ae2cf1825c3b94158d1135a58ef0508a6bfe52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2407
date
Tue, 05 Nov 2024 14:44:27 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11216295269
td.doubleclick.net/td/rul/ Frame 6241 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/11216295269?random=1730817866751&cv=11&fst=1730817866751&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9172770513&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&hn=www.googleadservices.com&frm=0&tiba=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&npa=0&pscdl=noapi&auid=1754591246.1730817867&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11216295269&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloverleafpublications.company.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:44:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 5247 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fcloverleafpublications.company.site
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11216295269&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Nov 2024 14:44:27 GMT
expires
Wed, 05 Nov 2025 14:44:27 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/11216295269/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11216295269/?random=1730817866751&cv=11&fst=1730815200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9172770513&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&hn=www.googleadservices.com&frm=0&tiba=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&npa=0&pscdl=noapi&auid=1754591246.1730817867&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d_zcm6JU8CuQibhAJdzBAQ5NFWyMkZQ&random=1284218099&rmt_tld=0&ipr=y
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 05 Nov 2024 14:44:27 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.de/pagead/1p-user-list/11216295269/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11216295269/?random=1730817866751&cv=11&fst=1730815200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9172770513&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&hn=www.googleadservices.com&frm=0&tiba=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&npa=0&pscdl=noapi&auid=1754591246.1730817867&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d_zcm6JU8CuQibhAJdzBAQ5NFWyMkZQ&random=1284218099&rmt_tld=1&ipr=y
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 05 Nov 2024 14:44:27 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cq_blank.gif
analytics.sitewit.com/images/ 		35 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sitewit.com/images/cq_blank.gif?_sw_ecwidid=13880652&_sw_uid=121bd3f0-0cf2-4f86-ac56-b4a382e2f67e&_sw_fp=3fec827ea9c99bc178aef2aacf43260920ea92cd&_sw_pl=660&_sw_pc=5&_sw_dat=MXxjbG92ZXJsZWFmcHVibGljYXRpb25zLmNvbXBhbnkuc2l0ZXxodHRwczovL2Nsb3ZlcmxlYWZwdWJsaWNhdGlvbnMuY29tcGFueS5zaXRlL3Byb2R1Y3RzL0ludmVzdGlnYXRpdmUtVm9pY2VzLVItRS1QLU8tUi1ULVMtYzE3Mzk3OTc1MnxkZS1ERXwxNjAwfDEyMDB8MjR8Q2hyb21lLzEzMC4wLjAuMHwtfDF8MHwxfDB8LXx8LXx8LXwyYTAxOjRhMDoxMzM4OjkyOjo5fDA=&to=339
Requested by
Host: cloverleafpublications.company.site
URL: https://cloverleafpublications.company.site/products/Investigative-Voices-R-E-P-O-R-T-S-c173979752
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:3b80:78a9:66ec:dda Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache
etag
"9f8deacbda13cb1:0"
accept-ranges
bytes
content-length
35
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
date
Tue, 05 Nov 2024 14:44:27 GMT
content-type
image/gif
last-modified
Thu, 24 Jun 2010 20:21:15 GMT
server
Microsoft-IIS/10.0
widgets
pixel.chaty.app/api/pixel/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.chaty.app/api/pixel/widgets
Requested by
Host: cdn.chaty.app
URL: https://cdn.chaty.app/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67e4cb69a42ddf97f34c178245be91c04f9fdec3301968bf393a27c2f31bb60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FF0FqtBd16uUM1um8yzHJc9jrhjVgqkbVNU2mBXCf6atyFmQqkHfxc28DwgOYJrs5x40PVUsrfLJlYUx5G1SbdUTOCwrV2PJar4UVkwprHOr9r5zNN0o9o6LZNW1BwUxl3c%3D"}],"group":"cf-nel","max_age":604800}
x-ratelimit-remaining
57
cf-ray
8ddd9f3cf93dd28e-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=57175&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4184&recv_bytes=5073&delivery_rate=232&cwnd=12000&unsent_bytes=0&cid=ebff8d0becc676d3&ts=1779&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 14:44:29 GMT
x-ratelimit-limit
60
content-type
application/json
server
cloudflare
priority
u=1,i
logger
www.paypal.com/xoplatform/logger/api/ 		963 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=false&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
630708f074175a938fa75836f204fa6d902d88da37604fe8207f96c2069d7414
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f433988c7a4a4
content-encoding
br
etag
W/"3c3-DBRgAmhqoxNjNroT5ma9iv0GpZM"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f433988c7a4a4-c053c489d9f160dc-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Tue, 05 Nov 2024 14:44:28 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817868.290269,VS0,VE167
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://cloverleafpublications.company.site
logger
www.paypal.com/xoplatform/logger/api/ 		974 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons&enable-funding=venmo&disable-funding=card,giropay,ideal,bancontact,mybank,blik,p24,sofort,sepa,eps,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7eaf9eb912a34ac17b1a239cf0b902f70041ee501ee59fdda07c058b7b6438e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f43398857d224
content-encoding
br
etag
W/"3ce-u7HWsNO2T9zCIeOJ29VB1TJvYnw"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f43398857d224-3091ac5427a65034-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Tue, 05 Nov 2024 14:44:28 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817868.289872,VS0,VE183
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://cloverleafpublications.company.site
logger
www.paypal.com/xoplatform/logger/api/ 		978 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?currency=USD&merchant-id=552FWT99WLLDQ&client-id=ATwlXIWtW3LqxFzzz5juQ2009513Ms10SzoC0MQCegeqNfMRNwE0oKL_0rg4_3OyTL1cTlQfnbdusBTP&commit=true&components=buttons,funding-eligibility,payment-fields&disable-funding=paylater,card,venmo,giropay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
28666ff7936648d19d825bd845e14910481ebfc07f31d7d56f23025692a2ffd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloverleafpublications.company.site/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

paypal-debug-id
f433988047c13
content-encoding
br
etag
W/"3d2-/IFg0DXdgszFiQ3dGT2KdBnL/Z4"
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-content-type-options
nosniff
traceparent
00-0000000000000000000f433988047c13-3f08705be56f905f-01
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
date
Tue, 05 Nov 2024 14:44:28 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-cache-hits
0, 0
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
x-timer
S1730817868.274310,VS0,VE183
access-control-allow-credentials
true
via
1.1 varnish, 1.1 varnish
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
access-control-allow-origin
https://cloverleafpublications.company.site
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cloverleafpublications.company.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://cloverleafpublications.company.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 05 Nov 2024 14:44:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f43398801c96c
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f43398801c96c-7545913a6c5af7b6-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-timer
S1730817868.072452,VS0,VE175
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cloverleafpublications.company.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://cloverleafpublications.company.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 05 Nov 2024 14:44:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f433988ca48c6
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f433988ca48c6-32b2bd967288c81a-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-timer
S1730817868.074085,VS0,VE172
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cloverleafpublications.company.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://cloverleafpublications.company.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 05 Nov 2024 14:44:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f4339885aa235
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f4339885aa235-c35d3531dec93591-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220133-FRA, cache-fra-etou8220133-FRA
x-timer
S1730817868.074212,VS0,VE159
favicon.ico
cloverleafpublications.company.site/ 		98 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cloverleafpublications.company.site/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.193.28.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
135ad18772a27a2daf8d79c1758691c3505f3ca29ba87de23c4d4a6d742c66c5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

strict-transport-security
max-age=15724800
cache-control
public, max-age=3600
content-encoding
gzip
date
Tue, 05 Nov 2024 14:44:28 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
pixel.css
cdn.chaty.app/ 		31 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.chaty.app/pixel.css
Requested by
Host: cdn.chaty.app
URL: https://cdn.chaty.app/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd931a0cda674e5b0ac29bad14f36d5e7183ff9a8076de1efddff0c691124ba1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"43b8b46228577ec43219cda782988153"
x-amz-version-id
null
age
2377
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxC9hq%2BVt4DHmtekg%2FaVnHFQu8A06Ltqkah3SrGuCMg1R3YNiABx38YApc6om%2BjIbEZ8TCbAbL4L8GXb2Sr5LmFH%2Fr7Uxo4%2F2qPXbA5Kti6YXEHVI8iP39SxgENFst67"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
dc5kdB7pd1BP8wbtjl2jQ3pfwQVX0_MKNlbidOWhiLKhFnt0sx_qgA==
date
Tue, 05 Nov 2024 14:44:22 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 09:06:19 GMT
vary
accept-encoding
priority
u=0,i=?0
server-timing
cfL4;desc="?proto=QUIC&rtt=40157&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4180&recv_bytes=4606&delivery_rate=78452&cwnd=12000&unsent_bytes=0&cid=63e58b587a88e885&ts=307&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 b77e6c4c926acdb5c1a30b7465e6750e.cloudfront.net (CloudFront)
cf-ray
8ddd9f1a6dc8d265-FRA
x-amz-cf-pop
FRA60-P7
server
cloudflare
x-amz-server-side-encryption
AES256
views
pixel.chaty.app/api/pixel/widgets/ 		0
0
visitors
pixel.chaty.app/api/pixel/widgets/ 		21 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.chaty.app/api/pixel/widgets/visitors
Requested by
Host: cdn.chaty.app
URL: https://cdn.chaty.app/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec14c19bec9cdd6d6863682b6a23b4e9d816546eef9a0b2d48949bbd36bac16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGwvw6Owh%2FlMTX0%2BBuaO37gPLKk4Ax75eBTh8zEo1YSJYkiydPJWRzYBRqNciDMh2kTK0vc0RyhE1QW2zk03kIwn5jh5cUz%2FjZi9SNl7JpQLZSdU4I7bJrS1sd1XWFTEmKQ%3D"}],"group":"cf-nel","max_age":604800}
x-ratelimit-remaining
56
cf-ray
8ddd9f4678a8d28e-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=53823&sent=19&recv=18&lost=0&retrans=0&sent_bytes=8566&recv_bytes=6061&delivery_rate=100601&cwnd=12000&unsent_bytes=0&cid=ebff8d0becc676d3&ts=3911&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 14:44:31 GMT
x-ratelimit-limit
60
content-type
application/json
server
cloudflare
priority
u=1,i
whatsapp.png
cdn.chaty.app/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.chaty.app/images/whatsapp.png
Requested by
Host: cdn.chaty.app
URL: https://cdn.chaty.app/pixel.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7609eb618409bd46712f5956c05f400e91c8c33dff4386b7be20b1f6a1f693a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cdn.chaty.app/pixel.css

Response headers

cf-cache-status
HIT
x-amz-version-id
null
etag
"ee622aa9c97d476d38036f586d21d148"
age
1807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBvWG8JwXnvBbw%2FWXuBJJSiLYfDn%2B3yKQgTj7sXBk73fqvE27YkWt6n3XwBx9Rg0egCixXDHSdYILAS%2Fb9idt1%2BHf1DYpMa363g5rghomE6cpf3c2ZwjldVbHPmQFbRY"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
s-BztZr2OFbXl2TnVTdn8bk52IDD67pVdIiouxqXhVcgETVp5YLxtA==
date
Tue, 05 Nov 2024 14:44:29 GMT
content-type
image/png
last-modified
Mon, 04 Dec 2023 11:37:39 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfL4;desc="?proto=QUIC&rtt=50342&sent=39&recv=25&lost=0&retrans=0&sent_bytes=33918&recv_bytes=5598&delivery_rate=228342&cwnd=21300&unsent_bytes=0&cid=63e58b587a88e885&ts=7368&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 256cd380c9790a2b71d68709829caa18.cloudfront.net (CloudFront)
cf-ray
8ddd9f468ff6d265-FRA
accept-ranges
bytes
content-length
17625
x-amz-cf-pop
FRA60-P7
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ 		417 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
wa-logo.webp
cdn.chaty.app/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.chaty.app/images/wa-logo.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8eed6888885bbeb11089e1ab90c237c7d42e4c6483a0f5ffb8546d60215036

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cf-cache-status
HIT
x-amz-version-id
null
etag
"f4dd7ebe22540fce9ad4a2ecc472520d"
age
778
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCmL5Hek%2BclJ80I0iVYrL4QAxnQYyEpuVv%2FcfZ8rE4JTYoTrO9H1Tr5IwnLEuy9wzx6CXOM7f37ei7rA0%2FpYNslF7kkZKXmeAbSwVDDyk%2FiCg6hq9xiNJ%2BVTAY7ehL6D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yh3CG-xkHnlITbcjkeKQ_u2PgQzDLY7zwQBD42_Wu0hnNyQpUwduAw==
date
Tue, 05 Nov 2024 14:44:29 GMT
content-type
image/webp
last-modified
Mon, 04 Dec 2023 11:37:38 GMT
vary
Accept-Encoding
priority
u=3,i
server-timing
cfL4;desc="?proto=QUIC&rtt=50342&sent=56&recv=26&lost=0&retrans=0&sent_bytes=52819&recv_bytes=5950&delivery_rate=228342&cwnd=21300&unsent_bytes=0&cid=63e58b587a88e885&ts=7399&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
cf-ray
8ddd9f46b8a4d265-FRA
accept-ranges
bytes
content-length
1896
x-amz-cf-pop
FRA60-P7
server
cloudflare
x-amz-server-side-encryption
AES256
Arn4ucAazBt2PLG4MAm73B7rQDejqS8kTJroNvis1KYQA5Bk94862.jpg
image-cdn.chaty.app/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image-cdn.chaty.app/Arn4ucAazBt2PLG4MAm73B7rQDejqS8kTJroNvis1KYQA5Bk94862.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8976db3039bba3cd8fec12803fea9226f6039eb1376251914f4b5b20e2b5ccfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cf-cache-status
REVALIDATED
etag
"b3ba971abecd1f205fd15fdd7afa4e8c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bk%2BYacCH96RogFJVmyCrh2KRD30Ili8zMSTJt3nJtCggWvP2ISG5LU%2FzCfgBArA8F5XZbuOIpdbvKWkT%2FsAWvbXhShvOPMxiGArWADKPtO33NWcXE7jheTjfoIac%2FBygh%2BJ9yKGI"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
61nyNnADryJTT8HtX9xzCGiwjBxnTR6BWszLMn8oI6sAyIn_Iz0VkQ==
date
Tue, 05 Nov 2024 14:44:30 GMT
content-type
image/jpeg
last-modified
Tue, 04 Jun 2024 05:03:16 GMT
vary
accept-encoding
priority
u=3,i
server-timing
cfL4;desc="?proto=QUIC&rtt=63511&sent=60&recv=37&lost=0&retrans=0&sent_bytes=55686&recv_bytes=6769&delivery_rate=34355&cwnd=33000&unsent_bytes=0&cid=63e58b587a88e885&ts=7515&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
cf-ray
8ddd9f474a0ad265-FRA
accept-ranges
bytes
content-length
4008
x-amz-cf-pop
FRA60-P4
server
cloudflare
x-amz-server-side-encryption
AES256
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame D2F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-20.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cloverleafpublications.company.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
42
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 14:43:49 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 01 Nov 2024 20:54:53 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c0db8c417b5a375429fc7f3c54841604.cloudfront.net (CloudFront)
x-amz-cf-id
CsuluGphuXM1s5UDwKoYLvubkf2SJ7ZyFJ0GdsMUhdpM6OP48COiGA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JV26WXKXCK&gtm=45je4au0v9172770513za200&_p=1730817863768&gcs=G111&gcd=13t3t3t2t5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1014830822.1730817866&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1730817865&sct=1&seg=0&dl=https%3A%2F%2Fcloverleafpublications.company.site%2Fproducts%2FInvestigative-Voices-R-E-P-O-R-T-S-c173979752&dt=Investigative%20Voices%20R%20E%20P%20O%20R%20T%20S&en=scroll&epn.percent_scrolled=90&_et=15&tfd=15246
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JV26WXKXCK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cloverleafpublications.company.site/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://cloverleafpublications.company.site
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 14:44:31 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=G-JV26WXKXCK,%20GT-NNSLLHJ
Domain
pixel.chaty.app
URL
https://pixel.chaty.app/api/pixel/widgets/views

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| viewportStyleEl boolean| showStore boolean| ecwid_no_body_height string| ecwidStoreURL string| ecwidStoreID string| ecwidStoreParams string| ecwidStoreName object| ecwidStoreSettings boolean| ecwid_nocssrewrite object| Ecwid object| EcwidV2 object| ec string| assetsBaseUrl string| initialState object| instantsite function| initEcwidCallback function| enableRPCLoader function| initFbWebView function| insertStore function| $ function| jQuery boolean| ecwid_script_defer object| _xnext_initialization_scripts object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __vueuse_ssr_handlers__ object| $mcSite function| getCurrentScriptUrl function| isStorefrontV2LoadedFromV3 string| ecwidV2ObjectName object| EcwidObj function| addExtension function| ep function| proxyChain object| chameleon string| colorPrefix string| key object| EcwidUtils object| EcwidLogger function| xInjectJs function| isOnIframe function| getHeadTag boolean| isEcwidV2StorefrontLoaded function| getEcwidV2Object function| getEcwidV2ObjectName function| getEcwidV3Object object| lazySizes object| ecwidEvents function| ecwid_init_elm_config object| ecwid_elm_config boolean| ecwid_bodyDone function| ecwid_onBodyDone object| pathGroups boolean| needLoadEcwidAsync string| ecwid_script_base string| ecwid_static_base string| ecwid_url number| ecwid_wait_for_interactive_seconds boolean| ecwid_use_new_loader string| ecwid_lang string| amazon_image_domain number| xnext_ownerId object| ecwid_initial_data object| ecwid_states_data string| EcHeap function| eca boolean| __heap_inits__ function| parseId function| parseStyle function| xAddWidget function| xProductBrowser function| ecwid_loader function| xAddToBag function| xProductThumbnail function| xLoginForm function| xMinicart function| xCategories function| xVCategories function| xCategoriesV2 function| xSearchPanel function| xSearch function| xGadget function| xSingleProduct function| xProduct function| xAffiliate object| ChameleonIntegration string| ec_legacyCssUrl function| ru_cdev_xnext_frontend_LegacyFrontend object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| __gwt_stylesLoaded function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm object| Cstmz_APPS_GoogleTagManager function| launch_chaty function| close_chaty string| rosettaLanguageCode object| rosettaMessages string| timestamp object| Venera boolean| __VUE__ object| EcVue number| _swStorePlugin string| _swStorePluginVersion string| _swPageBase string| _swDomainBase function| _swECWProcessOrder function| _swECWProcessCartChange function| _swECWProductView function| _swECWPageView function| _swECWRecordHit object| goog object| com object| java object| ru function| GwtPotentialElementShim function| StackFrame object| ErrorStackParser object| POWR_RECEIVERS function| loadPowr object| EcwidCart object| frame function| ecwid_incompatible_version function| fbq function| _fbq function| gtag object| dataLayer object| ProductBrowser object| ecwidMessages object| testElm object| __post_robot_11_0_0___uid_umbzcybzhfvhfzmyacvvfzlpwcuuxr object| paypalCart object| __zoid_10_3_3___uid_umbzcybzhfvhfzmyacvvfzlpwcuuxr object| google_tag_manager object| google_tag_data object| webpackChunkStripeJSouter function| noop function| Stripe object| __post_robot_11_0_0___uid_utnuykkblwecshtnjgawqiarznfvly object| paypalPaymentDetails object| __zoid_10_3_3___uid_utnuykkblwecshtnjgawqiarznfvly object| __post_robot_11_0_0___uid_fsifvycjrbhrdlfiuoyhzblxhvffvq object| paypalApm object| __zoid_10_3_3___uid_fsifvycjrbhrdlfiuoyhzblxhvffvq function| onYouTubeIframeAPIReady object| gaGlobal object| paypalDDL boolean| ecwidLoaded number| p function| swPreRegister function| swPostRegister object| _sw_b6 function| _swInitPageRegister function| _sw_analytics function| _sw_cookie function| _sw_user_info function| _sw_hit_info function| _sw_item function| _sw_transaction function| _sw_crypto object| sw object| uapl string| enctype object| oa string| vers object| GooglebQhCsO

16 Cookies

Domain/Path Name / Value
analytics.sitewit.com/ Name: ASP.NET_SessionId
Value: ugk1yedvumwafdgaqwyayl2v
.list-manage.com/ Name: _abck
Value: 20E152A9CA891EA174AFFCA7DB3EB75C~-1~YAAQkPAQArvU4NWSAQAArLTI/AxHviteJpXq75g5KKIjFImtSFpaE/6fSqYc+lrgFmoxxixnFIgUqrPCftlzkLXKULtFkCciCW8kd/NDb4orKlqqFs4kMK1was6FtUMP2zZQHvKHwD3Wr89YeC+pJX9IXbjLXoBXsjaVga97YNczGqS4wQqXu5qadN/U/QEPGcwNhM+EdJmhErj/Z7KztdkwFcP3B01wacGW/l+L2VQW8/K2nq4TGqvu1BwEfz5SQFaI6Vg/34azpNwnjc8b7lKVrT+2OHbF2MABW80Yk8MLMza9we80fjtt6LIWi6tP7tmZY4e/xChd9JCv/qsGape+w1kebnSoRiuRt5pYnJxT80yD59tEzg2SIIFcFBUo6lt/3TnMnM9/F7Yjj8jCUOr4szQC8fGvmFIygWF08/WK~-1~-1~-1
.us8.list-manage.com/ Name: ak_bmsc
Value: C9E4E14194D14A3C342EED56DD82E0B9~000000000000000000000000000000~YAAQkPAQArzU4NWSAQAArLTI/BmOCnEgcEfPa+x16hPDaBPuCfM6m4m5ovSnUskr+hQAhd+q6pDdaDcDJffhcD9jxcQBGJZo6gMjmY98ABZmVbKl0ceZAV3oyqneQeaLOQj323deYussK3RNXES38I3Ho+cUANwFQ2tXyF8hDbsDVD7TctypVn7Rg2CXfsIlxeCKbD9M2CSWM1o1SMUU6lLFD0ANy5YaytDFTPtsmi0UGqi2kW0gDvZIENgWmCdVdauFAQC1kGxnFnrJAiiAzCU4+AKOpNEWgPK9DQ5HSFbILF57OIFvXo+fzoh7Lb3k/FyxhQZlDaKf9/pz1zSkBgY8HgXlE9F2xbU46CQOWn5plA8BKmu8yHDloSvz4iKQLnycVEVhx79wczsmKCTbZpb+
.list-manage.com/ Name: bm_sz
Value: BB53BC40DCFF47C7E0E15ABCD38EF501~YAAQkPAQAr3U4NWSAQAArLTI/BlFG2wmYDyPy1QmABZ+/djqrvEy6g9wGJPI3dYffVrkfuVlN3MHX61j+4zQo3aN1vjQeOQEKn+/YYI1JRSOV5zXYtJTF9mAYrih+S4h1X6BjH/ILRVZWL/+fU8jyetZOiEPLu4MmboHVUMEo8IoYTfW0k6bawcYvoXeCQorYCcgFBEJGj+ExiSlk2rS0kVszYh/dG8PU/dhMB4NCpNgoJZWxvRw5vOcqHEwfo3LzOmht8/jld9ehRma5TdTXAq2MSw65Z2gZY/jmmg4UJXL2uFYGm2vjX89vgK/WJsAAywkk25hX7rPaLFpHqaqzklt83TaKEgV5H2RAv4IK3k2CxsoF/ILMe6zTQ==~3682352~3687734
.company.site/ Name: _fbp
Value: fb.1.1730817865754.166331701703961584
.company.site/ Name: _ga
Value: GA1.1.1014830822.1730817866
.company.site/ Name: _ga_JV26WXKXCK
Value: GS1.1.1730817865.1.0.1730817865.0.0.0
.company.site/ Name: _swa_u
Value: 121bd3f0-0cf2-4f86-ac56-b4a382e2f67e
.company.site/ Name: _gcl_au
Value: 1.1.1754591246.1730817867
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
analytics.sitewit.com/ Name: AWSALBCORS
Value: qXhL6PUmV8VzKS7hROlAWu2VaDX/gJaC0wJUgXQAX/87UEfmXl/n+Q5uAM7ZvgCxIcLrWQRAVRGEyAEFkn0n58ez58iqoSo8Kxl+NWYP27DJcUjOiZHip83mD/Jc
cloverleafpublications.company.site/ Name: csaas_user_id
Value: 0.p2s85i5ikr
cloverleafpublications.company.site/ Name: csaas_referrer
Value:
cloverleafpublications.company.site/ Name: cSaasWidget_wiooce6y7x
Value: [{"k":"v-widget","v":"2024-11-05T14:44:29.783Z"}]
cloverleafpublications.company.site/ Name: activeCsaasWidgets
Value: wiooce6y7x
cloverleafpublications.company.site/ Name: triggeredForkzFI9mkZ
Value: wiooce6y7x

1 Console Messages

Source Level URL
Text
network error URL: https://cloverleafpublications.company.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sitewit.com
app.ecwid.com
cdn.chaty.app
chimpstatic.com
cloverleafpublications.company.site
connect.facebook.net
d11s7fcxy18ubx.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d34ikvsdm2rlij.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
digitalasset.intuit.com
djqizrxa6f10j.cloudfront.net
downloads.mailchimp.com
ecomm.events
ecwid-addons.s3.amazonaws.com
googleads.g.doubleclick.net
image-cdn.chaty.app
insight.adsrvr.org
investigative-voices.news
js.stripe.com
mc.us8.list-manage.com
mcusercontent.com
pixel.chaty.app
region1.google-analytics.com
t.paypal.com
td.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.powr.io
pixel.chaty.app
www.googletagmanager.com
104.102.19.45
104.102.57.226
13.33.216.116
142.250.185.130
15.197.193.217
151.101.0.176
151.101.129.21
151.101.131.1
157.240.253.1
172.217.16.196
172.67.219.241
172.67.5.146
18.172.112.77
18.193.28.123
18.195.190.156
18.245.46.13
184.31.94.168
2001:4860:4802:34::36
216.58.206.35
2600:1f18:243f:2d01:3b80:78a9:66ec:dda
2600:9000:2057:ac00:1f:f560:8d00:21
2600:9000:206f:f200:19:4fd1:c1c0:21
2600:9000:2490:c000:3:22ec:38c0:21
2600:9000:2491:a600:1c:b536:2c40:21
2600:9000:2644:8600:1f:58b3:eac0:21
2600:9000:2724:9c00:13:2031:2340:21
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a03:2880:f176:181:face:b00c:0:25de
3.160.150.20
3.233.246.208
34.96.122.219
52.217.233.65
52.72.49.79
011041170a85ae5dd3f77232f5c5413c3266ce66faebedae4f12737d7583cccd
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032c7880ae5c1991cbb3029e19381f92b542c630b901eca2419b2d0c53c7a0f5
0487c38e38d1aa68657c18420d3181708e77d93fd38acaf1282617b8aae81e85
0ad5d725bf6720734176f8df5d679770fdd89061df60d529a782b4fc6abdde2b
0ea225f623fa77c2ecd25c83c4b13b4d8de9769f40d38d5bdb38c61eb359c7c4
0ec14c19bec9cdd6d6863682b6a23b4e9d816546eef9a0b2d48949bbd36bac16
10a0beb3184479bc1718c4f75454f2bd5e90fd9c2602d0b8ff5d5e72f2e5e204
118ac60d6d1855fdbd7379f012f9b6a97bd538293299472759a666b4d26ac843
135ad18772a27a2daf8d79c1758691c3505f3ca29ba87de23c4d4a6d742c66c5
1564b8aabcfc4035c11f9efed04da9f19a02e3dbbf1fea05a7aab54384b4fc51
18024a1a815b5777378ef853cfe52a8979bc41fbfa28a868e05b17bf1b5baea7
1820e1791eaba056af00b19fa1b6b61dce48668716978e91062d64995d9cb410
19d94c66f6d8cd487ce7ca7a26bc03ec92a63238c98cc559ae1ab8b12c54e61c
1a8d5f80019fae8dbae1e16d2989db78dc26cdc89a74fb3c6df6c8a952d138bb
1f04b76ab701b3b28ffde7963d89ead1355e2b9a35312cde078dcc9037db7ccd
21fd2df4903c9e47405d1c908cb002759b1cbed9027a21c198e4eeff4a52c492
223ac54a0388f9250b825d82b31a6e2083205c1f9dc0ed8210be689d0ed17c45
2710b98db0f6253a46ccaa1d88c4f1b16b63e96c5e9e789786cdd2a1b27e9356
27bc581ac80297dc79545f291a01b61b429cb1c1a16e4b8c4e21ee465cd70c59
28666ff7936648d19d825bd845e14910481ebfc07f31d7d56f23025692a2ffd8
2c4dae3de18a78d983b9a637f693f530ef89bc338969fe52f5e08bd2c988ed9d
3d8eed6888885bbeb11089e1ab90c237c7d42e4c6483a0f5ffb8546d60215036
3e0c1e0adf53ec377d8b821778bb967c63d25201e8b9c7c427c5a6e231ef5c54
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e
455a3f25597741375ae4f968951915b378636d3793c810dc645593a0e22f4105
4699ee2f66430fa5cee49bac2dad6f5758c09cbfae78df390950ea806891af3a
46fe475a9443da1e4d20502c7941f383f285aa0bffc28c6a6885e8ef3d4bfd7a
49063a01465587353046fddf430ea0575800b275b5318f9497aa03c70e26ae5d
4b5f8ab5af25a43653ccaf5452949c206e9e215badc241138d94f1a28f0cd776
4f9a8fba1a032b4322abb2fb683f59c8c9228cf7d003e88ec727b724bbc49b0e
5779b9a5ccca1b765ef4ca3ad3b7e39fdb60821ed898b1d092bac6d6c1ea1f6e
5cd0429ba709824a6a52ade788dda269d2b89ef96aeb16a16bb9c2f02b9356a8
61b5692a36016b6b700e6070762271d15715ce46bac8bdc65597804d0ed66925
630708f074175a938fa75836f204fa6d902d88da37604fe8207f96c2069d7414
66e8b37662f0c49793a9201e7672bbffd2f56137bfedc5d18e88675ea2805608
6854aac3481586ab33282abce09abaf024c5a896f7195dbec702d7f6afbfd0e3
6bb474abadf55bc9230b4da10b251d6e0a8f1f335827b884beee54b136a2c219
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f63402d28283b8a65e36879b9e4768287f4d2d8c3b9529ba5ae05653b8ebfc2
7136fb3ae47f00f8dcb80d35fc26edd6b46cc3083a16340adff6e75f2cf176ba
7170b9f1ea26af6d1b0a07c07d745068f4db4805acb02100087df4482afd9643
71efa6181397bc4908dd5b7ddb339c65f75b96e041682ff92f805d7a44433f14
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
7609eb618409bd46712f5956c05f400e91c8c33dff4386b7be20b1f6a1f693a8
7e83224fde4f793f8418070fa23900281df31faab2f3ef7c17684697f564aa71
8220e8bfa4b0d048232c1a49a83a3f84994765de8a58dca333fbdbc97031f572
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8976db3039bba3cd8fec12803fea9226f6039eb1376251914f4b5b20e2b5ccfe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9206946d514b8fc7b5de7361b365f4ebedd9eeb28c4128ebed4174df091c4345
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
97f2896c1b3e6a001ddae29a328988701368dd41257c221ec05ec7012fd6e47c
982fc17615c33ab9c796d031ccfd857b8104884f3a08570d984ca72dbaf1401b
9b128282d738229104ecea5f2f9a9dd4b9e1d87a847e1b067ee99444072bdd9f
a13ea60a7fa0cdcc665f316c43490a023353f24b76206c5a1df774a5732634b9
a1669a26fdbbb4919918f2e3df9edeaa0d0edd71f9bb9b9f27bb7a2b80d1b6f4
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
a33da6b9fd73c3b3f99df60a755875b72ba54dcb7d58a4e92e08fd1b36287b9c
a54296a1ab6aee7ca31298d7b0a0523ebbcc8496174a797ee0a1dc588342567d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabcae590261210176f1aa97d5ae2cf1825c3b94158d1135a58ef0508a6bfe52
ac2703bdccf412e09b63cf5fce781a258a9b8548ba8a314330c8e5a5b8e9fa5b
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
acd8b4d98ff4f807f4ccfb3ea334e4a5070978334ae2a6d8ea1b84d61d2a177e
afd8a3af67389712a6a10b853a84513a0ee04a9cefc27603ca7a2e55cc89cb84
b67e4cb69a42ddf97f34c178245be91c04f9fdec3301968bf393a27c2f31bb60
ba39ecab73e3d2fd37e1681d47867e2940803ea0db6766e932b17a5001b11dbf
c18e5150024e54a6cef870dde4ec807bb6e958e49710b8296cf5dc67d54391d4
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
cd931a0cda674e5b0ac29bad14f36d5e7183ff9a8076de1efddff0c691124ba1
d1eeaa0f5a51c723d0837c8de5c92c9643d8c5c80bb16c7c687f621a70749036
d61cb56d53c3bc09f69f5dc1728f9fadf2f931023984c8901af8af352db10b01
dca594f9f5619920c2c2ed5aadf8ab7d17815e9481d4f1e57a2c58e588991545
ddb72e524d579075dd0e82b903369d6dc6e0c9efc3da4a48ca68f937d6eb26c6
ddd701e2d2d6f4acc62495f21a3b32c5595414ebe7baad5e6dd15faf2608b853
df9c4bf14fc31cf05887c4d94695481545bcdec594d33158e45eeb467aa07ca7
e1ea079ae92f9dbd7931f2c150e408db8e72f3feacb4cceedcae12e14bafa7f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7eaf9eb912a34ac17b1a239cf0b902f70041ee501ee59fdda07c058b7b6438e
eaff24ddd34c808a583d362a8630cef26203f1cdfc72ca7b69f7f49153a5e35e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2740e7f70cdfb9b12a4269b5e0e4736126bdfb12ea330d2e93a8ba3c55d5d74
f7018e48245aeb6babae72c5d4c2a3e526fdaf3c83c6e0a12e4d5a07ed622038
f964a974c495c08c0333b4d6984c012a37f2f80c07cadcc497ead3a3396db9ed
fb11430bad0503642a242e3c42be2690df96d11efc4f08e27b9b96f02480f8ee
fedd8559f71128c87428ccec4fdb30b6cde025baaef842a2835d099b86353306
ffc1bba92f03393ce8e0edbc63b5dc1d4bd5d3a058c6e35f310d8f967c68ab9f