Submitted URL: https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXrLUowrciiV...
Effective URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=185077...
Submission: On October 12 via manual from US — Scanned from DE

Summary

This website contacted 42 IPs in 5 countries across 42 domains to perform 156 HTTP transactions. The main IP is 2606:4700:4400::ac40:95d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is page.firstleaf.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.
This is the only time page.firstleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 27 2620:1ec:bdf::64 8075 (MICROSOFT...)
1 1 13.107.253.51 8075 (MICROSOFT...)
9 104.18.70.113 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 108.138.26.67 16509 (AMAZON-02)
1 13.33.187.48 16509 (AMAZON-02)
1 18.66.102.5 16509 (AMAZON-02)
6 34.96.102.137 396982 (GOOGLE-CL...)
1 2606:2800:133... 15133 (EDGECAST)
1 104.18.72.113 13335 (CLOUDFLAR...)
5 3.234.152.166 14618 (AMAZON-AES)
4 216.198.53.1 209242 (CLOUDFLAR...)
3 20.50.88.244 8075 (MICROSOFT...)
1 2600:9000:264... 16509 (AMAZON-02)
1 18.153.182.205 16509 (AMAZON-02)
3 3 89.207.16.75 41041 (VCLK-EU-SE)
1 4 2606:4700:440... 13335 (CLOUDFLAR...)
8 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
25 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.36.17.181 396982 (GOOGLE-CL...)
5 2620:1ec:33::10 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42:600... 54113 (FASTLY)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 35.244.142.80 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 2 95.101.111.153 20940 (AKAMAI-ASN1)
1 1 35.227.244.1 15169 (GOOGLE)
3 2600:9000:26e... 16509 (AMAZON-02)
1 2 52.58.228.152 16509 (AMAZON-02)
1 35.234.162.151 396982 (GOOGLE-CL...)
3 2600:9000:20e... 16509 (AMAZON-02)
2 2600:1901:1:7... 396982 (GOOGLE-CL...)
1 35.186.194.58 ()
5 2606:4700::68... ()
1 20.40.202.0 ()
156 42
Apex Domain
Subdomains
Transfer
33 fastcdn.co
g.fastcdn.co — Cisco Umbrella Rank: 59834
v.fastcdn.co — Cisco Umbrella Rank: 57485
2 MB
26 perkspot.com
url1941.psmark.perkspot.com — Cisco Umbrella Rank: 77668
email.perkspot.com — Cisco Umbrella Rank: 236156
pslogin.perkspot.com — Cisco Umbrella Rank: 166171
ochsner.perkspot.com
779 KB
10 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2226
ekr.zdassets.com — Cisco Umbrella Rank: 2547
217 KB
7 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
117 KB
6 lightboxcdn.com
www.lightboxcdn.com
api.lightboxcdn.com
148 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2896
90 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 348
15 KB
5 firstleaf.com
page.firstleaf.com
images.firstleaf.com
ct.firstleaf.com Failed
54 KB
5 brilliantcollector.com
lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 19605
606 B
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
17 KB
4 zendesk.com
perkspot.zendesk.com — Cisco Umbrella Rank: 126690
3 KB
3 mczbf.com
www.mczbf.com — Cisco Umbrella Rank: 6342
19 KB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 1985
rs.fullstory.com
80 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
3 cloudfront.net
d1hdjv7b05hja2.cloudfront.net Failed
d2mjzob2nc713b.cloudfront.net
6 KB
3 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785
732 B
2 spotify.com
pixels.spotify.com — Cisco Umbrella Rank: 3275
271 B
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 5208
2 KB
2 trkn.us
trkn.us — Cisco Umbrella Rank: 2502
1 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
231 KB
2 zjptg.com
www.p.zjptg.com — Cisco Umbrella Rank: 49340
50 KB
2 azureedge.net
psprods3ep.azureedge.net — Cisco Umbrella Rank: 64065
7 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4957
2 KB
1 shop.pe
shop.pe — Cisco Umbrella Rank: 12983
270 B
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 3973
22 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
58 KB
1 gstatic.com
fonts.gstatic.com
32 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
547 B
1 instapagemetrics.com
cdn.instapagemetrics.com — Cisco Umbrella Rank: 63801
54 KB
1 instapage.com
heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 59542
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 17729
1 KB
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 18177
1 KB
1 kqzyfj.com
www.kqzyfj.com — Cisco Umbrella Rank: 77140
614 B
1 tyuwq.com
clicks.tyuwq.com — Cisco Umbrella Rank: 141730
234 B
1 sjwoe.com
www.sjwoe.com — Cisco Umbrella Rank: 65912
468 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3081
47 KB
1 go2sdk.com
js.go2sdk.com — Cisco Umbrella Rank: 26209
4 KB
1 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 14046
24 KB
0 typography.com Failed
cloud.typography.com Failed
156 42
Domain Requested by
25 v.fastcdn.co page.firstleaf.com
22 ochsner.perkspot.com ochsner.perkspot.com
9 static.zdassets.com ochsner.perkspot.com
static.zdassets.com
8 g.fastcdn.co page.firstleaf.com
7 unpkg.com ochsner.perkspot.com
6 dev.visualwebsiteoptimizer.com ochsner.perkspot.com
dev.visualwebsiteoptimizer.com
5 www.lightboxcdn.com ochsner.perkspot.com
www.lightboxcdn.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
page.firstleaf.com
5 lib-us-1.brilliantcollector.com cdn.rollbar.com
ochsner.perkspot.com
4 cdn.jsdelivr.net page.firstleaf.com
cdn.jsdelivr.net
4 page.firstleaf.com 1 redirects www.p.zjptg.com
page.firstleaf.com
4 perkspot.zendesk.com static.zdassets.com
3 www.mczbf.com ochsner.perkspot.com
page.firstleaf.com
3 d2mjzob2nc713b.cloudfront.net page.firstleaf.com
shop.pe
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
page.firstleaf.com
3 dc.services.visualstudio.com cdn.rollbar.com
2 pixels.spotify.com ochsner.perkspot.com
2 tags.w55c.net 1 redirects page.firstleaf.com
2 trkn.us 1 redirects page.firstleaf.com
2 edge.fullstory.com ochsner.perkspot.com
edge.fullstory.com
2 region1.analytics.google.com www.googletagmanager.com
ochsner.perkspot.com
2 www.googletagmanager.com page.firstleaf.com
www.googletagmanager.com
2 www.p.zjptg.com ochsner.perkspot.com
www.p.zjptg.com
2 psprods3ep.azureedge.net ochsner.perkspot.com
2 pslogin.perkspot.com 2 redirects
1 api.lightboxcdn.com www.lightboxcdn.com
1 rs.fullstory.com edge.fullstory.com
1 tag.simpli.fi www.googletagmanager.com
1 shop.pe 1 redirects
1 images.firstleaf.com ochsner.perkspot.com
1 cdn.pdst.fm ochsner.perkspot.com
1 connect.facebook.net ochsner.perkspot.com
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.google.de page.firstleaf.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.instapagemetrics.com page.firstleaf.com
1 heatmap-events-collector.instapage.com page.firstleaf.com
1 fonts.googleapis.com page.firstleaf.com
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.kqzyfj.com 1 redirects
1 clicks.tyuwq.com cdn.rollbar.com
1 www.sjwoe.com cdn.rollbar.com
1 ekr.zdassets.com cdn.rollbar.com
1 az416426.vo.msecnd.net ochsner.perkspot.com
1 js.go2sdk.com ochsner.perkspot.com
1 cdn.rollbar.com ochsner.perkspot.com
1 email.perkspot.com 1 redirects
1 url1941.psmark.perkspot.com 1 redirects
0 ct.firstleaf.com Failed images.firstleaf.com
0 cloud.typography.com Failed page.firstleaf.com
0 d1hdjv7b05hja2.cloudfront.net Failed page.firstleaf.com
156 52
Subject Issuer Validity Valid
*.perkspot.com
Go Daddy Secure Certificate Authority - G2
2024-06-13 -
2025-07-15
a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 04
2024-09-19 -
2025-09-14
a year crt.sh
zdassets.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh
unpkg.com
WE1
2024-09-25 -
2024-12-24
3 months crt.sh
www.p.zjptg.com
Amazon RSA 2048 M02
2024-06-02 -
2025-07-01
a year crt.sh
cdn.rollbar.com
Amazon RSA 2048 M03
2024-04-11 -
2025-05-09
a year crt.sh
js.go2sdk.com
Amazon RSA 2048 M02
2024-07-05 -
2025-08-01
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2024-06-29 -
2025-07-31
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-06-06 -
2025-06-06
a year crt.sh
*.brilliantcollector.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-08 -
2025-04-16
a year crt.sh
perkspot.zendesk.com
E6
2024-09-09 -
2024-12-08
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 07
2024-09-08 -
2025-09-03
a year crt.sh
www.sjwoe.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-11
a year crt.sh
clicks.tyuwq.com
Amazon RSA 2048 M02
2024-09-17 -
2025-10-17
a year crt.sh
page.firstleaf.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
fastcdn.co
Cloudflare Inc ECC CA-3
2024-07-15 -
2024-12-31
6 months crt.sh
upload.video.google.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
instapage.com
WE1
2024-09-27 -
2024-12-26
3 months crt.sh
*.google-analytics.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
cdn.instapagemetrics.com
WR3
2024-10-10 -
2025-01-08
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03
2024-09-16 -
2025-03-15
6 months crt.sh
*.g.doubleclick.net
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.google.de
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
*.gstatic.com
WR2
2024-09-24 -
2024-12-17
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-22 -
2024-10-20
3 months crt.sh
cdn.pdst.fm
WR3
2024-09-13 -
2024-12-12
3 months crt.sh
firstleaf.com
WE1
2024-08-21 -
2024-11-19
3 months crt.sh
edge.fullstory.com
WR3
2024-08-24 -
2024-11-22
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
www.mczbf.com
Amazon RSA 2048 M03
2024-04-20 -
2025-05-19
a year crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-05 -
2025-02-04
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
rs.fullstory.com
WR3
2024-08-25 -
2024-11-23
3 months crt.sh
lightboxcdn.com
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
api.lightboxcdn.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-09-14 -
2025-03-14
6 months crt.sh

This page contains 3 frames:

Primary Page: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Frame ID: 8A5D88E1E56A1C32730DB61252621A8C
Requests: 137 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Frame ID: 2BC26FE4723586F3096AB487BB900A92
Requests: 11 HTTP requests in this frame

Frame: https://page.firstleaf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: FC0A9D671946748F2E9C3742CD388903
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Buying Award-Winning Wine Is Simple With Firstleaf

Page URL History Show full URLs

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfe... HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1536512?merchantName=FirstleafWineClub&assetType=Small&enti... HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=52fe1144-553c-497d-8951-17431ae1b788&auth=9d1ed33736d6e936d7c... HTTP 302
    https://pslogin.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=ET6UV20E02EHL52RWCXJCX06D HTTP 302
    https://cj.dotomi.com/i8115mu21K/u05/JNNKQQNQ/KIRPIOK/I/I/I?v=sxni%3DJYBZa75J57JMQA7WbHcOHc5BI%3c%... HTTP 302
    https://www.emjcd.com/ee66uoxwG/ov-/DHHEKKHK/ECLJCIE/C/GCCGCHLELJDHLCCLHC:K25zZC_wPKmb/nCHFEmEIKKq... HTTP 302
    https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /react-redux(@|/)([\d.]+)(?:/[a-z]+)?/react-redux(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

156
Requests

92 %
HTTPS

52 %
IPv6

42
Domains

52
Subdomains

42
IPs

5
Countries

3935 kB
Transfer

9273 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXrLUowrciiV9wrpLSdOcrXbS7azr6g2L1AhNVTMPUJeqaEqZFhHLmxmX6kyefDXqQ0Bp6R61AJKD1eDPzICO4KXI7zUQpMoa6FpdDBgL5UL52muHoTdvyY5YE0CA6guPsetFuc4odPghCfDl4elwhw4hdmesa0ppa8JHDmDCdP8GAJrLKROvL4l1odVE6A0jIBovh1RXKI-2BUKrnccsNreES6ZkvyyZ-2FFSpiZnPNlT61dnyea6NxjmLfJiZfQ8qB7mo6u4nPi1phFkv0KnmkDbI3C4ukqhxoKGErT-2Fi6zIrq7-2B5w8-2FwX18bHtVaoDBhgyrIWWkqHJq3a8kAidmWQ8E5SYJhvT2D7RGPyYgaoyMYgwhusIfcLpC1AghUmEKuSBUSgEcRcze15WlnFm3mvqkOQ-3D-3DHKm7_RWOSQ1lKQTZT9-2BgDW3WYvHVE-2BUxvjx9-2BzSU0FQ8gJPDaUr3nH4bqBcBr5nikAu0U6SkQne9K-2B0g5rUH30a7xTeQTiRzN7aItEnlmfiKCpg1dniObiYr4v3yUHtA8wQy8gM-2Buxg6jMM1Z0R-2BUITN1Mk19VEKgrLgKaAs5TVW62GzhFMOf-2F2KX2XG1CFWwvuv6Bh-2FKJWMyxBHw08cNkbJV6g-3D-3D HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1536512?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=0&dt=&ao=1536512&esp=sg&userId=35058885&email=meagan.fontenot%40ochsner.org&communityid=1070&cmpnid=992&entityEmailTypeCode=weeklyblast&auth=3b66e682d2995270bd7e48f9aed25043 HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=52fe1144-553c-497d-8951-17431ae1b788&auth=9d1ed33736d6e936d7c2fe60d8562646&redirectUrl=%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
    https://pslogin.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=ET6UV20E02EHL52RWCXJCX06D HTTP 302
    https://cj.dotomi.com/i8115mu21K/u05/JNNKQQNQ/KIRPIOK/I/I/I?v=sxni%3DJYBZa75J57JMQA7WbHcOHc5BI%3c%3cmyyux%3A%2F%2F111.pv43ko.htr%2Fhqnhp-75EC5B7-6AA7DDAD%3c%3cL%3cmyyux%3A%2F%2Fthmxsjw.ujwpxuty.htr%2F%3c%3c6%3c6%3c5%3c5%3c HTTP 302
    https://www.emjcd.com/ee66uoxwG/ov-/DHHEKKHK/ECLJCIE/C/GCCGCHLELJDHLCCLHC:K25zZC_wPKmb/nCHFEmEIKKqHDDqrKDmpErKICmDKnKrL?l=mA0v%3DWlOmnKIWIKWZdNKjoUpbUpIOV%3cu16!FK7H-BJMu0y9O%3czBB7A%3A%2F%2FEEE.28HGx1.u64%2Fu30u2-KIRPIOK-JNNKQQNQ%3c%3cY%3czBB7A%3A%2F%2F6uzA5w9.7w92A76B.u64%2F%3cIMNMQINJ-PuKP-MwRI-tKvI-NuutsOKNwONJ%3cJ%3cJ%3cI%3cI%3c HTTP 302
    https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXrLUowrciiV9wrpLSdOcrXbS7azr6g2L1AhNVTMPUJeqaEqZFhHLmxmX6kyefDXqQ0Bp6R61AJKD1eDPzICO4KXI7zUQpMoa6FpdDBgL5UL52muHoTdvyY5YE0CA6guPsetFuc4odPghCfDl4elwhw4hdmesa0ppa8JHDmDCdP8GAJrLKROvL4l1odVE6A0jIBovh1RXKI-2BUKrnccsNreES6ZkvyyZ-2FFSpiZnPNlT61dnyea6NxjmLfJiZfQ8qB7mo6u4nPi1phFkv0KnmkDbI3C4ukqhxoKGErT-2Fi6zIrq7-2B5w8-2FwX18bHtVaoDBhgyrIWWkqHJq3a8kAidmWQ8E5SYJhvT2D7RGPyYgaoyMYgwhusIfcLpC1AghUmEKuSBUSgEcRcze15WlnFm3mvqkOQ-3D-3DHKm7_RWOSQ1lKQTZT9-2BgDW3WYvHVE-2BUxvjx9-2BzSU0FQ8gJPDaUr3nH4bqBcBr5nikAu0U6SkQne9K-2B0g5rUH30a7xTeQTiRzN7aItEnlmfiKCpg1dniObiYr4v3yUHtA8wQy8gM-2Buxg6jMM1Z0R-2BUITN1Mk19VEKgrLgKaAs5TVW62GzhFMOf-2F2KX2XG1CFWwvuv6Bh-2FKJWMyxBHw08cNkbJV6g-3D-3D HTTP 302
  • https://email.perkspot.com/e/v3/click/offer/1536512?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=0&dt=&ao=1536512&esp=sg&userId=35058885&email=meagan.fontenot%40ochsner.org&communityid=1070&cmpnid=992&entityEmailTypeCode=weeklyblast&auth=3b66e682d2995270bd7e48f9aed25043 HTTP 302
  • https://pslogin.perkspot.com/auth/email?sid=52fe1144-553c-497d-8951-17431ae1b788&auth=9d1ed33736d6e936d7c2fe60d8562646&redirectUrl=%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
  • https://pslogin.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast HTTP 302
  • https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Request Chain 107
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499;ip=45.141.152.76;cuidchk=1
Request Chain 108
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 109
  • https://tags.w55c.net/rs?id=71b67348696b454582c45b8a45b1a724&t=homepage HTTP 302
  • https://tags.w55c.net/rs?sccid=fb9d1665-a30a-0972-32b8-d8de3b1a5773&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Request Chain 111
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

156 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
none
ochsner.perkspot.com/offer/1536512/
Redirect Chain
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXrLUowrciiV9wrpLSdOcrXbS7azr6g2L1AhNVTMPUJeqaEqZFhHLmxmX6kyefDXqQ0Bp6R61AJKD...
  • https://email.perkspot.com/e/v3/click/offer/1536512?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=0&dt=&ao=1536512&esp=sg&userI...
  • https://pslogin.perkspot.com/auth/email?sid=52fe1144-553c-497d-8951-17431ae1b788&auth=9d1ed33736d6e936d7c2fe60d8562646&redirectUrl=%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklybl...
  • https://pslogin.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
  • https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
21 KB
13 KB
Document
General
Full URL
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b828d32445a345d885fce5981f71dcafd56ba090f89ab77b68109ac50bc1aed3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
8829
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Sat, 12 Oct 2024 22:02:32 GMT
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
vary
Accept-Encoding
x-azure-ref
20241012T220231Z-17d475c956fvv28nvt2hke5gt800000003000000000091r4
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
204
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Sat, 12 Oct 2024 22:02:31 GMT
location
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
x-azure-ref
20241012T220231Z-17d475c956fvv28nvt2hke5gt800000003000000000091qg
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
core.css
ochsner.perkspot.com/Content/sass/dist/
133 KB
32 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
32540
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091tz
x-powered-by
ASP.NET
perxcss.css
ochsner.perkspot.com/Content/sass/dist/
476 KB
58 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d4b821d2b6d83ce0869a8fea875d4627bc4824afe37e7efd6c410455e99332b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0cdb052e1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
59429
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 18:49:38 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091u0
x-powered-by
ASP.NET
psBootstrap.css
ochsner.perkspot.com/Scripts/React/
774 KB
79 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Scripts/React/psBootstrap.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
470bf3f1c1c57d07c7de0523efa3fc852f6102ff6b704486e146e59573da6244
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
80502
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091u1
x-powered-by
ASP.NET
community-css
ochsner.perkspot.com/
63 KB
12 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/community-css?communityId=1070
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
764ab7d0b07ecf326e83b47494588e9e1c5d2bccc97eac9a51fc58cd2bc41904
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 13 Oct 2024 22:02:32 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:32 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
private, max-age=86400
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
11451
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091u2
x-powered-by
ASP.NET
insights
ochsner.perkspot.com/bundles/
4 KB
3 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:32 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:32 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
public
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
2628
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091u3
x-powered-by
ASP.NET
PerkSpot_TLF_SDK_6-1.js
ochsner.perkspot.com/scripts/
161 KB
53 KB
Script
General
Full URL
https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
54239
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091zv
x-powered-by
ASP.NET
logo_252.png
psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/
4 KB
4 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/logo_252.png
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a837a16374198c6233ca32292dde824cbc4c4367222725189cb5bc3166a2263

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-amz-id-2
G12H8lYI4oq7AYWpUAFhyNGVjHV8v9thl29qAApAaVqLp0p9CM3XODceLaXZRtw5P9XqRkQPwak=
cache-control
public, max-age=18000
etag
"68c72d39be0ae6eb14b989aafa15c025"
x-fd-int-roxy-purgeid
77438333
x-amz-request-id
XSTSEPK7133YNJDX
accept-ranges
bytes
x-cache
TCP_HIT
content-length
3838
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
image/png
last-modified
Wed, 04 Sep 2024 15:56:04 GMT
x-azure-ref
20241012T220232Z-176d4fdd79cfwskcr90ct47dvn0000000ktg000000010sfu
x-amz-server-side-encryption
AES256
logo_44971.webp
psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/
2 KB
2 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/logo_44971.webp
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac37996ea31bb4a1009ab93325cd2e100f3a04159a10ba7d7335f8f9b6d8a430

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-amz-id-2
GD39+9in4thU9NfcsE9Z/MoOtrTWlr/nqQRy9J/rEadio491dBHfzxVyU4VglNR/3G1USZ3BhjM=
x-cache-info
L1_T2
cache-control
public, max-age=172800
etag
"e04ded651669d79a41441a63a5926aa5"
x-fd-int-roxy-purgeid
77438333
x-amz-request-id
PJJNC1V89T81W7Y0
accept-ranges
bytes
x-cache
TCP_HIT
content-length
2106
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/octet-stream
last-modified
Wed, 15 May 2024 07:20:22 GMT
x-azure-ref
20241012T220232Z-176d4fdd79cfwskcr90ct47dvn0000000ktg000000010sft
x-amz-server-side-encryption
AES256
jquery
ochsner.perkspot.com/bundles/
827 KB
314 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jquery?v=J6h_AL6u6wuvcIz6tbrKyATCmVd_tSErMeClln0d-iU1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
access-control-expose-headers
Request-Context
cache-control
public
content-encoding
gzip
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
expires
Sun, 12 Oct 2025 22:02:32 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:32 GMT
vary
User-Agent,Accept-Encoding
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091ug
x-powered-by
ASP.NET
jqueryval
ochsner.perkspot.com/bundles/
40 KB
16 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jqueryval?v=YzRBe6gfD164-CLYW2zoB8py-eOZPLHUgoPct44VgDo1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:32 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:32 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
public
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
15663
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091v0
x-powered-by
ASP.NET
bootstrap
ochsner.perkspot.com/bundles/
41 KB
14 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/bootstrap?v=7jtbseVPa_P_wxk-ANB0JbEiqz4vMc1fIXNwp0ieQEk1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:32 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:32 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
public
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
14262
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091vs
x-powered-by
ASP.NET
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=47a722f2-2bfd-44a4-b985-45e6e2b97d00
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id
FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age
39
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43imWygSpgEgLV%2BiODAy4Gnv22BvBZk9OWL%2FZ41jDbwAKlBx3CoaBc6DXv9Tpwr5fIhcs1CN5asiBsKvrMrRfiDFqM1j2PsC3kHm7Yx2z1zJCkgIGsEGJngJcsSRJzE4YlNm17Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 11:42:28 GMT
vary
Accept-Encoding
x-amz-id-2
ZrNqvzFcxKDpd1DO6OGbvd9hNgnmjAi0LOoiJhpVs3OC1CPCI/0PN3DVZ4ZkHYcczEgFeNIYvA1LZ8ItYgjSWQ==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=3600, s-maxage=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SMMW4T0T9NNQQ6YX
cf-ray
8d1a5ff29dd62c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
react.production.min.js
unpkg.com/react@18.0.0/umd/
11 KB
5 KB
Script
General
Full URL
https://unpkg.com/react@18.0.0/umd/react.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"2a04-xsszuHb0TYvo8H4oHFeLkFVRBIk"
age
4037695
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J691DQ69FPQ39MTWKPVT7AT2-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff2edf44da1-FRA
access-control-allow-origin
*
server
cloudflare
react-dom.production.min.js
unpkg.com/react-dom@18.0.0/umd/
128 KB
53 KB
Script
General
Full URL
https://unpkg.com/react-dom@18.0.0/umd/react-dom.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"2014a-4hvyK4+Q49dCXSLyG13VROqaHvw"
age
4112470
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J66T3RH1Q6CV3FWN7040YYEE-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff30e194da1-FRA
access-control-allow-origin
*
server
cloudflare
react-redux.min.js
unpkg.com/react-redux@7.2.8/dist/
16 KB
7 KB
Script
General
Full URL
https://unpkg.com/react-redux@7.2.8/dist/react-redux.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"3ed0-hpbGJdoINWADjmP0Akj8XlSsvxg"
age
175360
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J9W4TSG448AM8ENR2TJJNKTF-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff33e454da1-FRA
access-control-allow-origin
*
server
cloudflare
axios.min.js
unpkg.com/axios@0.26.1/dist/
17 KB
8 KB
Script
General
Full URL
https://unpkg.com/axios@0.26.1/dist/axios.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"457f-zA7QrHnYYTK2xYcjaiN3JvTqWzo"
age
4039237
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J68ZYMYTXMW9DB0QFRKDFKJD-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff36e614da1-FRA
access-control-allow-origin
*
server
cloudflare
purify.min.js
unpkg.com/dompurify@2.4.0/dist/
21 KB
10 KB
Script
General
Full URL
https://unpkg.com/dompurify@2.4.0/dist/purify.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5495-OpC3QS0Kv+nnoIqpV/fCIUZWBuk"
age
1003358
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J93F69NS5MYK8A76BG88BZVX-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff38e7b4da1-FRA
access-control-allow-origin
*
server
cloudflare
react-query.production.min.js
unpkg.com/react-query@3.39.1/dist/
48 KB
18 KB
Script
General
Full URL
https://unpkg.com/react-query@3.39.1/dist/react-query.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"bf18-Rt6LU5PcFI8/cFoIPW8wSWdNlHI"
age
18422383
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3VR4FDD12M67QCM42KED-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff3ae9c4da1-FRA
access-control-allow-origin
*
server
cloudflare
redux-toolkit.umd.min.js
unpkg.com/%40reduxjs/toolkit@1.8.1/dist/
39 KB
17 KB
Script
General
Full URL
https://unpkg.com/%40reduxjs/toolkit@1.8.1/dist/redux-toolkit.umd.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"9a02-Q4Nq/njKcJAXmF3qDmhO8lBlpCM"
age
1003350
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J93F6AGHWM3JSGJBBY80CYW7-fra
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d1a5ff3debc4da1-FRA
access-control-allow-origin
*
server
cloudflare
toast.bundle.js
ochsner.perkspot.com/Scripts/React/
25 KB
6 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/toast.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e1c1595da56ccf5a9005795c8d6ebafe118b906769a7547b08e85ff2f47a59ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
6085
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220232Z-17d475c956fvv28nvt2hke5gt800000003000000000091xu
x-powered-by
ASP.NET
reduxStore.bundle.js
ochsner.perkspot.com/Scripts/React/
6 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/reduxStore.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
143facb143d219ecd0daa5774d09c24b92354cc68c01dabd36118811efb9b76e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
2079
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091yk
x-powered-by
ASP.NET
dependencies.bundle.js
ochsner.perkspot.com/Scripts/React/
46 KB
15 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/dependencies.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
94c7924b975fe9b0165bd088077e9aeeeb829d69a18032b9e366eadbb7a01d1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"0ecba4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
15074
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091yq
x-powered-by
ASP.NET
runtime.bundle.js
ochsner.perkspot.com/Scripts/React/
2 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/runtime.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d8af4966c94bfa4e9ae22b7a1cc7fc8c6c30d2ed7149bfdb5f29922c19843a17
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
content-encoding
gzip
etag
"1f14be4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
1329
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/x-javascript
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
vary
Accept-Encoding
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091yr
x-powered-by
ASP.NET
perkspot.interstitial
ochsner.perkspot.com/bundles/
70 B
681 B
Script
General
Full URL
https://ochsner.perkspot.com/bundles/perkspot.interstitial?v=75limDE-2tqT07c2TKoyoRaneuVhjVbGd0-jy267eRQ1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:33 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:33 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
public
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
175
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091ys
x-powered-by
ASP.NET
100001
www.p.zjptg.com/tag/1850771/
49 KB
49 KB
Script
General
Full URL
https://www.p.zjptg.com/tag/1850771/100001
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-67.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
c14117f777cb68fc4afc7be60160853bb2b9b9f86723c8be5565a6ccbcdc088c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

age
2287
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
50395
x-amz-cf-id
dPgpwkN71b-Ag_ozo-Ps46foWBj_taStgMxO2fmWeDM6XaSFZVC1Wg==
date
Sat, 12 Oct 2024 21:24:26 GMT
x-amz-cf-pop
FRA56-P7
server
CloudFront
addtohomescreen
ochsner.perkspot.com/bundles/
9 KB
4 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/addtohomescreen?v=dQY7ReEN3P6AvpTV4mVTeWSR8WQitK0nH1fxax2VNoA1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-expose-headers
Request-Context
content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:33 GMT
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:33 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors *.perkspot.com
cache-control
public
x-content-security-policy
frame-ancestors *.perkspot.com
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
accept-ranges
bytes
content-length
3536
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091yt
x-powered-by
ASP.NET
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/
77 KB
24 KB
Script
General
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

Content-Encoding
gzip
ETag
W/"16c901ad672c76633691d7e04767ba75"
Age
13663690
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
QQL86KbX8d3WXGmbsG07usYUs1Ci_GvgVVq14Djen9TfpAEzh-wTCw==
Date
Tue, 07 May 2024 18:34:24 GMT
Content-Type
application/javascript
Last-Modified
Wed, 14 Sep 2022 17:49:55 GMT
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Transfer-Encoding
chunked
Cache-Control
max-age=30672000,public
Connection
keep-alive
Via
1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P9
Server
AmazonS3
tune.js
js.go2sdk.com/v2/
4 KB
4 KB
Script
General
Full URL
https://js.go2sdk.com/v2/tune.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-5.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

x-amz-version-id
null
etag
"3301ce2b9ef7fa3f72c5ae2b296d4ceb"
age
65422
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
4142
x-amz-cf-id
pbG4RcC1DSeywHp4qzVLCRHfz9WeevZ_smngb1SZEeq1TNZ3-L8Ygg==
date
Sat, 12 Oct 2024 03:52:11 GMT
content-type
application/javascript
last-modified
Mon, 04 Mar 2024 18:55:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
j.php
dev.visualwebsiteoptimizer.com/
34 KB
9 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
cf9a4c09eafaca75b6f22c46fbff83eb82cb10a70bca691fb39691847d0a44c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
gfra2
35A1AD_0_0.woff2
ochsner.perkspot.com/Content/fonts/
28 KB
28 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_0_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"ea73fe4ce1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
28718
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
font/woff2
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091yz
x-frame-options
SAMEORIGIN
fontawesome-webfont.woff2
ochsner.perkspot.com/Content/fonts/
69 KB
69 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"b9b54de1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
70728
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
font/woff2
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091z0
x-frame-options
SAMEORIGIN
35A1AD_3_0.woff2
ochsner.perkspot.com/Content/fonts/
41 KB
41 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_3_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"b9b54de1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
42010
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
font/woff2
last-modified
Fri, 11 Oct 2024 18:49:28 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt800000003000000000091z1
x-frame-options
SAMEORIGIN
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
120 KB
47 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C5) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

content-md5
MPOa5dHQWkOQRqdkBRC0hg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DC490392FC747D
age
1217
x-ms-version
2009-09-19
expires
Sat, 12 Oct 2024 22:32:33 GMT
x-cache
HIT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-meta-lastmodified
2020-10-07 00:07:47
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-ms-request-id
814d5f96-301e-0060-6def-1cbc40000000
access-control-allow-origin
*
x-ms-meta-aijssdkver
2.8.18
content-length
48078
x-ms-blob-type
BlockBlob
server
ECAcc (ama/48C5)
va_gq-c254242f78225ffdfa86dd5ff4ce4baabr.js
dev.visualwebsiteoptimizer.com/cdn/edrv/
274 KB
71 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/edrv/va_gq-c254242f78225ffdfa86dd5ff4ce4baabr.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a14792366d25338a05d84f06ee7b1317767be34640a1fbf90672491caac2e7bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=2jCWDw==, md5=R55R/iz+ip6XOkiAL0S/QQ==
etag
"479e51fe2cfe8a9e973a48802f44bf41"
age
192206
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
72636
date
Thu, 10 Oct 2024 16:39:07 GMT
last-modified
Thu, 10 Oct 2024 15:56:34 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AHmUCY1GCD1rYajhQtEA-6oRB0F89Nz6SirxPVIvjFoYoXzSLBs9EPBGAQeCNHUa94rB-GQGQeNxtF6Cyw
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728575793965482
content-length
72636
content-language
en
server
UploadServer
v.gif
dev.visualwebsiteoptimizer.com/
35 B
144 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=793633&d=ochsner.perkspot.com&u=D72A90253FE1FB795F6093234CF54EC54&h=f5fdc6007a3773cb23751872ea4be094&t=false
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

cache-control
public, max-age=43200
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
image/gif
server
gnv03c
2abe629b-87f6-4e79-8e0e-1cc33cda8ee8
https://ochsner.perkspot.com/ Frame
0
0

s.gif
dev.visualwebsiteoptimizer.com/
35 B
53 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=793633&u=D72A90253FE1FB795F6093234CF54EC54&s=1728770552&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1728770553262%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1728770552271&v=b9df65f6f
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 google
expires
Mon, 10 Jan 2005 00:00:01 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
image/gif
server
gnv03c
settings.js
dev.visualwebsiteoptimizer.com/
13 KB
4 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=793633&settings_type=1&vn=&eventArch=1&uuid=&ec=759621|876184&exc=31|53
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/cdn/edrv/va_gq-c254242f78225ffdfa86dd5ff4ce4baabr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra2 /
Resource Hash
52aaa9f0f12d6a4201aa94e5abaa8e9c19b0473e53ca6f22d86ebf7d15233bfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1728624543_EA"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:32 GMT
content-type
application/javascript; charset=UTF-8
server
gfra2
47a722f2-2bfd-44a4-b985-45e6e2b97d00
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/47a722f2-2bfd-44a4-b985-45e6e2b97d00
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27fcacfada9a1fdba451a84d124a18668989c4b9ea190bfab4e467e26c8f3524
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

access-control-max-age
7200
x-request-id
8cfd71d5db104750-SEA, 8cfd71d5db104750-SEA, 8cfd71d5db104750-SEA
access-control-expose-headers
content-encoding
br
cf-cache-status
HIT
etag
W/"27fcacfada9a1fdba451a84d124a1866"
age
19
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8s4%2BMhbQN76WQ6urFVtbFAusoBpEDlmoZ7Qesy5vCgIa02X%2BBX0fxk3pteUcqcgTbDvqRR6CwLatxtwziF6RY6eIKN4SD1J4ZMQ%2FKy3LD%2BEWBRnIbJNhsaNzxa%2ByK5K%2FyGU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.004449
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
cdn-cache-control
max-age=60
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d1a5ff798f2195e-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes, yes
x-xss-protection
1; mode=block
server
cloudflare
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-152-166.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sat, 12 Oct 2024 22:02:33 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
nc-8ed86ead95a6fdfaf523b0399e8d13bdbr.js
dev.visualwebsiteoptimizer.com/cdn/edrv/
17 KB
5 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/edrv/nc-8ed86ead95a6fdfaf523b0399e8d13bdbr.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1536512%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c30136c3d8d995e7c03fd43c0bf3c5a17c9747c0240e91ca7b636942436121f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://ochsner.perkspot.com
Referer
https://ochsner.perkspot.com/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=klNQfA==, md5=qqxGC9KiVIaKgKkUTn40SQ==
etag
"aaac460bd2a254868a80a9144e7e3449"
age
192206
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
5585
date
Thu, 10 Oct 2024 16:39:07 GMT
last-modified
Thu, 10 Oct 2024 15:57:31 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AHmUCY38W4rzWNDyfNvEwuAm-szMdJKgYm8KN6SRbhWAQvKhKOppMZzxk4-POZlqhbV7a5cREqo
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728575851151850
content-length
5585
content-language
en
server
UploadServer
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/
1 B
245 B
XHR
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-152-166.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/
X-Requested-With
XMLHttpRequest

Response headers

x-envoy-upstream-service-time
0
access-control-allow-credentials
true
dcname
prod-dal
access-control-allow-origin
https://ochsner.perkspot.com
nodeid
wscollector-5df4f448c7-9g4rt
content-length
1
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
istio-envoy
web-widget-main-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
435 KB
137 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=47a722f2-2bfd-44a4-b985-45e6e2b97d00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8466dbfb650cffcc9fc9c35553b8d2a79a0010b0b6865a7e5dd685188bd1b8ce
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"72049dd935c85d79f36a4c1e8d3451d7"
x-amz-version-id
g662SZJMn1WYbcBYeL2mA1rF0hVsTKup
age
470727
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftWF5tWP7bDf1xSzpKkeDlISXG5B4a%2BHK0Yf6QQcxM%2Bz0Wvg08sZJfnZcgS%2FbCedxSvShzPi83urEDE2yAngokkq6%2B76YE5D0LoD1XbJ9JhpKT7pVMfwJcC5BJyThorLcPgnrqE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:57 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:58 GMT
vary
Accept-Encoding
x-amz-id-2
2KaDxDwEUpHJSG7LD0iPawi/X5jYI2JwYeDFxAjoXPc4JaVaZjZurUaZSkFtNXxUErzknm9L1jY=
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1TTP64DAVV480TSW
cf-ray
8d1a5ff7d96e2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
en-us-json-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2BC2
22 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034e3e9fee331ffd6f57ca9caa698aad4f7d9a9fc4cec17d4283555f2252b87e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"71dc3fadb4ae9ca587d402d24f8b7307"
x-amz-version-id
TGUP1OecOPm0r4WTSXg3mfmW_fZFEyFn
age
163028
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FrI5E1DtUApza%2FbeTKsXQU9ClmZmMfP9Y59a5lnnPPkZie2tQAt8Wafb3kUdG9AhAFHLOQNKMHA1a%2FAYeqfAyOHBaUTEducTUO72bWscr33yE290PtY3soPyUpMJaY%2B1oavBJE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:58 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:59 GMT
vary
Accept-Encoding
x-amz-id-2
/kOdfARWl+EJhvsThrwOOxz2SESyOSGZt9vkV3/W47awDPI/qfk61aV4RNXCfHba81/AYjh15sbt6yVhxnkfpg==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5SXKABKXBYAKXP
cf-ray
8d1a5ff879ca2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-6471-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
140 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-6471-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9f5aa5c5fa6b091b723ddbb2c641f30e8be0d81aeaf3fe091bd9d2f2bd620b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"7f8a2f68ef915890c2bc1aa27d127c06"
x-amz-version-id
cbkM8L0JguVcqq3JRIkGp2iX9ioeReAB
age
470727
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnbBpQ5qfEwljc8uTOaE0OTlm%2FhcduPpx7yjKWkP5iTiW%2FNNureajEFKAfN6AHn4WXyK2ZFPfj2635D%2B9GrlHc%2BNIBeUQ9kXqP03TSrPELLMnBlqCV4i5bVdgLaT8YJWIerZFHc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:56 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:57 GMT
vary
Accept-Encoding
x-amz-id-2
V6M5mSX+P4hNXCegsqGy33IHkXpHIa5Xq0Z3coig8JWeu1lMNmgOm8Prrx5+mYYV2PFN2i5bYUULlCF5gVHLOw==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5HB2YEGVJ1WQTB
cf-ray
8d1a5ff879cc2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-7437-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
14 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-7437-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172825dc1b0c65b17b4b9ea902fba091e8dfa426e5780410fdccde55b474f1ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"3e4b7da2fe476e349e36828e2a424b99"
x-amz-version-id
fWNNMtYry4rUNqDo7dgVoXb4Bc0y6FaL
age
76463
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4u6aQu0V%2FbQTKo2TIw8i%2FF928%2F%2BsXNJ2%2BKUc0T7ZxGcZQHbJuuDR51t7qeFhMfL8oLd6z4Zy309MbniCIfUMydzju2UdxzYpL%2BsMz0NTfSC5rnTiEyhPU67Zkx4DlUWOGx7pr1U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:56 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:57 GMT
vary
Accept-Encoding
x-amz-id-2
jQsxzRt69Ol3LHDK0O9djJOTNtC60o/hTcuGQoKI+FeaOrn++6VHKMjKVmCpqQUxuS0B/Ig/0lY9x3MftkqwoyoItJVXk61k
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5Z6EB1H0ERQB97
cf-ray
8d1a5ff879cd2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-3190-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
14 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-3190-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29ab545fa809eb1e110057fe3fda8de08aaeaebe4789befa355aeca485f954a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"e35bbaefc57a2f17193994ba3d00da62"
x-amz-version-id
tTEe26u6YDtP893kE3dM3plfwwSz7YPv
age
470727
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOTaLCgJH1j2CBoB7YNXRvE33nJVXBvMrCc9ZbwSfHeH33%2BStAhId0fW0rbpGdwWWgo3UKuhesfbm4Rk1IYf%2BqawDNgvTeY2Ahw%2Fh4QLt3RSq4PWBJNVSZ%2BpadJP88Vv6d6UPnI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:56 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:57 GMT
vary
Accept-Encoding
x-amz-id-2
C+v5IMEKidLgKFxW0gKLr4VcNJLyEcPKU0P2dSt2FsngsZJR6zE1mOfY91R6UR2GA6rdb1PzYyef+46v+XwQ79PTDrmZkRiQ
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5V6ZD8CCZ816VX
cf-ray
8d1a5ff889cf2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-8173-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
10 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-8173-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"6ee6bafd5311611f1980bb49422bbfc9"
x-amz-version-id
ktz2zDEaGcpbSD1kqvmZCndHSE6Xoo9C
age
470727
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2B9yXtyf37Z8fVmQe%2FOMjdjOSVa2EqK9tHEfQex6a8NQjzjeE6hnvnVvtEUlT11vAYbaKuKwsL2Q5omtimWVxc428GafXj2Qt3j%2Bn4JihRxAKLlIs3BdLcB2%2FZErf%2Bl4FOzwR6o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:56 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:57 GMT
vary
Accept-Encoding
x-amz-id-2
R/ulgkzxAKSc/xD8j9UdcfwUmdLOb32oyii4S1R5yGJREKIfWhcHOlz0ureF0usbEjm33d+9vYqUwkI5qUOMYImKe0hJLgUA
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5Y6MXFXKY4D1E9
cf-ray
8d1a5ff889d02c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
web-widget-9961-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
13 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9961-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"175e50983bbd72fe9cb87b59f4ed07fc"
x-amz-version-id
QisDJYtOPP75ZYm1moDOWvycFEB9Xb2y
age
470727
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fztRFHRrN6BTldkjCS%2BS4xGOrt%2BoGFKDvgMLgAZbNzcSrEL%2FWH452LE5etit8brtn3TFl1ygISYCSkAtm3RpzL06d7RflUWClDqd8USj1rmvJqn%2By9c%2Ftw6EjPlzU6BqZklALK0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:57 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:58 GMT
vary
Accept-Encoding
x-amz-id-2
bb2+UCXRxPAcnl75wqzdZWK/1DyPbxlYTlnG96eaMF88suwdh9Rn6Rb77OuqYJU7teS8wz4KMRYLJ+Gy9oEu6g==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KP5YX91MBRXGZSE5
cf-ray
8d1a5ff889d12c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
pv
perkspot.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://perkspot.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8d1a5ff8d867dcac-FRA
date
Sat, 12 Oct 2024 22:02:34 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvwkWV5gfFeICZ%2B3vbiZVTuL4BlCamUcYo1I94eAa6DnuCKY8K7FcA5jHDnmj2q%2BoMoZ2oNJPI10yt%2Bxec%2FMzc2KZYW3QsIOp91HGj338lHPx0%2Bcgdj70QsYoKMqD8%2FVEPtUupXi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8d1a5ff8d867dcac-FRA
x-zendesk-zorg
yes
web-widget-2354-cbf609b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2BC2
7 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2354-cbf609b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d52036f15bab565f92865572df39ef3d31d34bff5e21ee510212127e7fdad5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
0
content-encoding
br
cf-cache-status
HIT
etag
W/"4b226d7433c38ab89112c69f79cbf2be"
x-amz-version-id
LXOSvv6egjST22j8O2QbUKPqytZj4gQ0
age
470726
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyPHykL7g4kz1dG72xThv1dAhQpFC%2Bx8mcoN6MZo2fn8Vb4jQqktdfkHFaggmgGjx2IEdoeNV70xi90kY%2B%2BGr3Epvgeg0fPnPKLzEp9BBPR3hSHvjZDecmQ6NOBElyKyf%2BJh128%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, HEAD
expires
Tue, 07 Oct 2025 10:15:56 GMT
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 10:15:57 GMT
vary
Accept-Encoding
x-amz-id-2
+zN2oujP2P3UrDlScD1kz4RsWLX8BJtRLkXoKOkXml0KKhlC1guBYEkNdfVV+Gq6EgbYCQyA49YDQq/zoeR+dg==
access-control-allow-headers
*
strict-transport-security
max-age=0
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MMJZM95J5NAHVZQW
cf-ray
8d1a5ff8b9ea2c20-FRA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
pv
perkspot.zendesk.com/frontendevents/ Frame 2BC2
0
0
Fetch
General
Full URL
https://perkspot.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

x-request-id
8d1a5ffc3fbddcac-FRA
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GT3boIjNQ%2B8dVoF1IV5BkVUVUBkMkGqS%2FHiWHPO8Bu1UtpWf6ZQ8Hw0oPAYn5wr7q8l%2B2M89a3IjQ9uqVfaOAmewjUkzpkz7%2Fp3oT8v3YaNGp4xeEicEs3I0gwt3XXtV2SquxeeM"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1a5ffc3fbddcac-FRA
access-control-allow-origin
*
content-length
0
x-zendesk-zorg
yes
date
Sat, 12 Oct 2024 22:02:34 GMT
vary
Origin
server
cloudflare
config
perkspot.zendesk.com/embeddable/ Frame 2BC2
916 B
1 KB
Fetch
General
Full URL
https://perkspot.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33ba590f5334bba90889673ebe46c707f90decafc12432975fa72964145cc6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8d1a5f72eb31dbf0-ARN
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-69749f8ccf-cfvz7
cf-cache-status
HIT
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrTPB7Oqd7yYS1%2BhcD%2BfSaHZV6kZRFP%2Bvxrs6fsIPUhZYjM6fFi%2FmUmKbBRJI7PgQ6EwkRTGkzoqoVQz3DBQds0EDV9kBm4HsuEutQE%2Bd%2Fuo1%2Fv7jQMkwKJ6vyHqcpySs3hTUksr"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.002607
last-modified
Sat, 12 Oct 2024 22:02:12 GMT
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8d1a5ff8d86cdcac-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
MISS
server
cloudflare
66564a0db7555d16d52122f7
perkspot.zendesk.com/embeddable/campaigns/ Frame 2BC2
11 KB
2 KB
Fetch
General
Full URL
https://perkspot.zendesk.com/embeddable/campaigns/66564a0db7555d16d52122f7
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-cbf609b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6fc53eb5ad3e479ea7ff78ef22b1a3edd15ea3f777effd9170188dc6131527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
7200
x-request-id
8d1a5ff969cbdcac-FRA
access-control-expose-headers
x-zendesk-origin-server
embeddable-app-server-69749f8ccf-5tchs
cf-cache-status
EXPIRED
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6p7TlAgjQLwaxf3MPbVWrWV5wlJrfkbguktrQdzILsTE7NsgWYAEqJCmD0ptNy4ThD6K5gMmLNSBGlb04bu84UwJlY%2BI8x4sHs55%2BcRIlglAdc8UhWNoPlxpz18EH6EKbFSh9%2BSe"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.002037
last-modified
Sat, 12 Oct 2024 22:02:33 GMT
cache-control
max-age=15, public, stale-while-revalidate=600, stale-if-error=3600
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray
8d1a5ff969cbdcac-FRA
access-control-allow-origin
*
x-zendesk-zorg
yes
x-cached
STALE
server
cloudflare
collectorPost
lib-us-1.brilliantcollector.com/collector/
38 B
361 B
Fetch
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-152-166.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

X-TeaLeaf-Page-Url
/offer/1536512/none
X-PageId
P.SUXWWWN4SUXRNMEUWXHGRC4TKCA5
X-TealeafType
GUI
Referer
https://ochsner.perkspot.com/
Content-Encoding
gzip
X-Tealeaf
device (UIC) Lib/6.1.0.1989
X-Tealeaf-SaaS-AppKey
f6ce702d3c824416a11711d09caffe00
X-Tealeaf-SyncXHR
false
X-Tealeaf-SaaS-TLTSID
25706723010990674180216665209357
X-Requested-With
fetch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-Tealeaf-MessageTypes
1,2,12,14
Content-Type
application/json

Response headers

tltsid
25706723010990674180216665209357
cache-control
no-cache
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
dcname
prod-dal
expires
Fri, 31 Dec 1998 12:00:00 GMT
access-control-allow-origin
https://ochsner.perkspot.com
nodeid
wscollector-5df4f448c7-9g4rt
content-length
38
date
Sat, 12 Oct 2024 22:02:34 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
istio-envoy
collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-152-166.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods
POST
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Sat, 12 Oct 2024 22:02:33 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
5 KB
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico?v=69Pda6nAAr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"7060b14de1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
4286
date
Sat, 12 Oct 2024 22:02:34 GMT
content-type
image/x-icon
last-modified
Fri, 11 Oct 2024 18:49:29 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220233Z-17d475c956fvv28nvt2hke5gt8000000030000000000923d
x-frame-options
SAMEORIGIN
track
dc.services.visualstudio.com/v2/
317 B
421 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
ce2f5f717894e0800586a3fb5022ac8e8ea105d8a7dee912532b61d9a6fee7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Sat, 12 Oct 2024 22:02:33 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sat, 12 Oct 2024 22:02:33 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
5 KB
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"7060b14de1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
4286
date
Sat, 12 Oct 2024 22:02:34 GMT
content-type
image/x-icon
last-modified
Fri, 11 Oct 2024 18:49:29 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220234Z-17d475c956fvv28nvt2hke5gt8000000030000000000923y
x-frame-options
SAMEORIGIN
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
0
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

content-security-policy
frame-ancestors *.perkspot.com
etag
"7060b14de1cdb1:0"
x-content-security-policy
frame-ancestors *.perkspot.com
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
4286
date
Sat, 12 Oct 2024 22:02:34 GMT
content-type
image/x-icon
last-modified
Fri, 11 Oct 2024 18:49:29 GMT
x-powered-by
ASP.NET
x-azure-ref
20241012T220234Z-17d475c956fvv28nvt2hke5gt8000000030000000000923y
x-frame-options
SAMEORIGIN
policy
www.sjwoe.com/
47 B
468 B
Fetch
General
Full URL
https://www.sjwoe.com/policy
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:1600:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

cache-control
max-age=3600
x-amz-apigw-id
fhXy7G0PIAMEFmg=
age
60291
x-amzn-trace-id
Root=1-670a0678-6994367c27d27b6c2412964d;Parent=3258688ade3ec3e0;Sampled=0;Lineage=1:36ff8a84:0
x-amzn-requestid
ee4c78f2-948a-41ba-ad83-c5025d39eea5
via
1.1 bc841916063a49c638b48e73f77a28e8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
47
x-amz-cf-id
yzkAmFEm-rA0SkutqPBSwdO4SjGVjIiK9S4vskLZwZmLq0pjwI8tNQ==
date
Sat, 12 Oct 2024 05:17:44 GMT
content-type
application/json
x-amz-cf-pop
FRA60-P5
v1
clicks.tyuwq.com/
98 B
234 B
Fetch
General
Full URL
https://clicks.tyuwq.com/v1
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.182.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-182-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3561975f42ad260538e6695ce33c6aa2b97bba2d3b23323179b7f3a63ec38474

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ochsner.perkspot.com/

Response headers

x-request-id
b023cfdb88e511ef9a76754c6fccda7e
access-control-allow-origin
*
content-length
98
date
Sat, 12 Oct 2024 22:02:35 GMT
content-type
text/plain; charset=UTF-8
log
www.p.zjptg.com/
19 B
247 B
Ping
General
Full URL
https://www.p.zjptg.com/log
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/1850771/100001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-67.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ochsner.perkspot.com/

Response headers

via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
19
x-amz-cf-id
7fUPUypPspEB-8mlyEfMzPE8_-8d4uEAqOAIeiY_Ta0KagBRG32WYw==
date
Sat, 12 Oct 2024 22:02:35 GMT
x-amz-cf-pop
FRA56-P7
server
CloudFront
Primary Request firstleafpartners
page.firstleaf.com/
Redirect Chain
  • https://www.kqzyfj.com/click-2097062-15528858?sid=ET6UV20E02EHL52RWCXJCX06D
  • https://cj.dotomi.com/i8115mu21K/u05/JNNKQQNQ/KIRPIOK/I/I/I?v=sxni%3DJYBZa75J57JMQA7WbHcOHc5BI%3c%3cmyyux%3A%2F%2F111.pv43ko.htr%2Fhqnhp-75EC5B7-6AA7DDAD%3c%3cL%3cmyyux%3A%2F%2Fthmxsjw.ujwpxuty.htr...
  • https://www.emjcd.com/ee66uoxwG/ov-/DHHEKKHK/ECLJCIE/C/GCCGCHLELJDHLCCLHC:K25zZC_wPKmb/nCHFEmEIKKqHDDqrKDmpErKICmDKnKrL?l=mA0v%3DWlOmnKIWIKWZdNKjoUpbUpIOV%3cu16!FK7H-BJMu0y9O%3czBB7A%3A%2F%2FEEE.28...
  • https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+B...
116 KB
20 KB
Document
General
Full URL
https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/1850771/100001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b710b12fa42c858b3097f1690225836b05341d990b21dd78aae066c7ced975
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://ochsner.perkspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8d1a6007ca4465b6-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 12 Oct 2024 22:02:36 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
827
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Oct 2024 22:02:36 GMT
Expires
Sat, 12 Oct 2024 22:02:36 GMT
Location
https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Pragma
no-cache
Server
Resin/4.0.66
X-VC-HTTPS
On
track
dc.services.visualstudio.com/v2/
253 B
311 B
Fetch
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
sdk-context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Sat, 12 Oct 2024 22:02:34 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
collectorPost
lib-us-1.brilliantcollector.com/collector/
0
0
Ping
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.SUXWWWN4SUXRNMEUWXHGRC4TKCA5&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Foffer%2F1536512%2Fnone&X-Tealeaf-SyncXHR=false&X-Tealeaf-MessageTypes=1%2C2%2C7&X-Tealeaf-SaaS-AppKey=f6ce702d3c824416a11711d09caffe00&X-Tealeaf-SaaS-TLTSID=25706723010990674180216665209357&Content-Encoding=gzip
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.152.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-152-166.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ochsner.perkspot.com/

Response headers

utils.bcf03997485feb49f2c7.js
g.fastcdn.co/js/
59 KB
20 KB
Script
General
Full URL
https://g.fastcdn.co/js/utils.bcf03997485feb49f2c7.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec8cc724b3f5b0bca627bd9a42e7efad08983ebe6562a6a51f2fdb3d59de547

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=k6Mv5g==, md5=UtILkbkSp34nhVUop+fVTA==
etag
"52d20b91b912a77e27855528a7e7d54c"
age
988684
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
20154
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Tue, 01 Oct 2024 08:33:42 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljuz4p56FB5W8jDLNp0M76Cv2nsnda9bwqOh1Q_LpSPLU1OarxH_2LAAh_3dzYLJxgeMlIE
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600948a8dc64-FRA
accept-ranges
bytes
x-goog-generation
1727771622179202
content-length
20154
server
cloudflare
Cradle.904200e3dbc62d5b0155.js
g.fastcdn.co/js/
18 KB
4 KB
Script
General
Full URL
https://g.fastcdn.co/js/Cradle.904200e3dbc62d5b0155.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6b59f630dd3df5dcff0f6af131d1d94ebc050f3d38f61f40ef56e793093cd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=3+1u7Q==, md5=d8L1ce/8VC3UqNMdC2OrXQ==
etag
"77c2f571effc542dd4a8d31d0b63ab5d"
age
1680749
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
4266
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 10:27:12 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljui2x-BiE2crKrNfetNn0amIm5QxeQ_qfItbWaj3-NdWo8ToFQtXToH3D_xp093sqeWMp8
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a6009489ddc64-FRA
accept-ranges
bytes
x-goog-generation
1727087232830329
content-length
4266
server
cloudflare
css
fonts.googleapis.com/
32 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 22:02:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 12 Oct 2024 22:02:36 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
LegacyVendors.aafd8db3349a1bd00330.js
g.fastcdn.co/js/
88 KB
31 KB
Script
General
Full URL
https://g.fastcdn.co/js/LegacyVendors.aafd8db3349a1bd00330.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a657793caad0dd13ac8023261ea178ea6957cbf242c4fdc8b74912c5c662580

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=yZu76A==, md5=sJQxVcHP2HqOPn4n9EVtgA==
etag
"b0943155c1cfd87a8e3e7e27f4456d80"
age
1009341
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
31143
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 09:23:08 GMT
x-guploader-uploadid
AD-8ljuukUhbldpjr-O_9NoG9pAA8sV-zxjSzxbcbFV6dXIKCHy44i7Ztd3B-JsEDN2bdaUAZSvMQeke2w
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600948a4dc64-FRA
accept-ranges
bytes
x-goog-generation
1727688188313080
content-length
31143
server
cloudflare
caslon.css
d1hdjv7b05hja2.cloudfront.net/fonts/
0
0

fonts.css
cloud.typography.com/7410416/6307592/css/
0
0

64778737-0-firstleafl-logo.png
v.fastcdn.co/u/814df80e/
1 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64778737-0-firstleafl-logo.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=T18ZMw==, md5=EUimTb6nKaZCdqZZkPdxOg==
cf-bgj
imgq:85,h2pri
etag
"1148a64dbea729a64276a65990f7713a"
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
origFmt=png, origSize=3338
x-goog-stored-content-length
3338
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64778737-0-firstleafl-logo.webp"
vary
Accept
last-modified
Fri, 02 Feb 2024 18:57:25 GMT
x-guploader-uploadid
AD-8ljt_soL78xKar8gYXoxbhj1AaPOmwQ5k4zvEp99d8zbRsHUt4hIK5p0mM2odFH-DOoeRkuU
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600949ac71c1-FRA
x-goog-meta-expires
Tue, 25 Mar 2025 10:57:25 GMT
accept-ranges
bytes
x-goog-generation
1706900245356441
content-length
1306
server
cloudflare
64860673-0-PDP-Image-1-desktop.jpg
v.fastcdn.co/u/814df80e/
112 KB
113 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64860673-0-PDP-Image-1-desktop.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eead92c3e9cb274ec8c3b537c6c6da2714c3692c987f6644829e37157c1b84ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=vKd/RA==, md5=SlICX364wO5tAQdhzr/LgQ==
cf-bgj
imgq:85,h2pri
etag
"4a52025f7eb8c0ee6d010761cebfcb81"
age
131396
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=692475
x-goog-stored-content-length
692475
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64860673-0-PDP-Image-1-desktop.webp"
vary
Accept
last-modified
Mon, 18 Mar 2024 22:47:23 GMT
x-guploader-uploadid
AHmUCY182ayRXgMrpZYXmoiKLQuG7YP6nT6M8PN0vDN18pWhladdj__QCeMgm2Q6AigjkqHfkYDhMQCPNw
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600949ab71c1-FRA
x-goog-meta-expires
Fri, 09 May 2025 14:47:23 GMT
accept-ranges
bytes
x-goog-generation
1710802043273841
content-length
115116
server
cloudflare
64860672-0-PDP-Image-1-mobile.jpg
v.fastcdn.co/u/814df80e/
62 KB
63 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64860672-0-PDP-Image-1-mobile.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90375474ff774912013e44abb18b2d12dc39b54bd5991ccc045767817c43dbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=c5sL3Q==, md5=jJA8et1Mif5i3gr+r20oIw==
cf-bgj
imgq:85,h2pri
etag
"8c903c7add4c89fe62de0afeaf6d2823"
age
131398
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=317806
x-goog-stored-content-length
317806
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64860672-0-PDP-Image-1-mobile.webp"
vary
Accept
last-modified
Mon, 18 Mar 2024 22:47:21 GMT
x-guploader-uploadid
AHmUCY0suNZ4aJkR4AzYf6-NXJ7xWmqws7Fe9D_f7tVYY2XbEuSBLKkgmOw2mLMPkv_QfneX-3M
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600999d571c1-FRA
x-goog-meta-expires
Fri, 09 May 2025 14:47:21 GMT
accept-ranges
bytes
x-goog-generation
1710802041658780
content-length
63654
server
cloudflare
64703311-0-Trustpilot-Rating.png
v.fastcdn.co/u/814df80e/
3 KB
3 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64703311-0-Trustpilot-Rating.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d5844a30edf2c15420b17b1b14c47e910a7bfadf33cd93d1767aba1be29055

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=DrOBGA==, md5=nB5hz6myu48mrsl9zV1mGw==
cf-bgj
imgq:85,h2pri
etag
"9c1e61cfa9b2bb8f26aec97dcd5d661b"
age
175088
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
origFmt=png, origSize=4429
x-goog-stored-content-length
4429
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64703311-0-Trustpilot-Rating.webp"
vary
Accept
last-modified
Wed, 13 Dec 2023 12:30:33 GMT
x-guploader-uploadid
AHmUCY0GWZCmjjwljZD35OnhFXXavxzVxHoLnzEl43YVdfx-iKhn0sZ-AYjhaMtB9lY0vcg5cVUzaGNEUA
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a6009b9e671c1-FRA
x-goog-meta-expires
Sun, 02 Feb 2025 04:30:33 GMT
accept-ranges
bytes
x-goog-generation
1702470633788942
content-length
2678
server
cloudflare
64755236-0-circle-checked.png
v.fastcdn.co/u/814df80e/
6 KB
7 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64755236-0-circle-checked.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e3a6420847bb948355183c2fdcdfa9ce099ce7e4bcc9c28ebe41fed127186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=U1rsvg==, md5=oTBtMgz1MnCY5lmQ7o3uww==
cf-bgj
imgq:85,h2pri
etag
"a1306d320cf5327098e65990ee8deec3"
age
777775
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
origFmt=png, origSize=18848
x-goog-stored-content-length
18848
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64755236-0-circle-checked.webp"
vary
Accept
last-modified
Mon, 22 Jan 2024 14:14:32 GMT
x-guploader-uploadid
AD-8ljsV_vbVsgCTzqjC01IRaIbVYFdZJL0SR9dreCTSY69jpFC62DhBryheaG81h2zxtc0z2rk
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a6009c9f371c1-FRA
x-goog-meta-expires
Fri, 14 Mar 2025 06:14:32 GMT
accept-ranges
bytes
x-goog-generation
1705932872528315
content-length
6642
server
cloudflare
1707151343-64781102-150x150-firstleafl-logo.png
v.fastcdn.co/t/thumbnail/20240205/
1 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707151343-64781102-150x150-firstleafl-logo.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=wqJ4uQ==, md5=NEw/2Sb5B+wSxZWp2J128w==
cf-bgj
imgq:85,h2pri
etag
"344c3fd926f907ec12c595a9d89d76f3"
age
370426
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
origFmt=png, origSize=3317
x-goog-stored-content-length
3317
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="1707151343-64781102-150x150-firstleafl-logo.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 16:42:24 GMT
x-guploader-uploadid
AD-8ljvjWyDZR39Lm02GXtq_mIYKbEX5Ga4cXsWkCdxcRsveByH34_eJ_pM4sRfIJMhXHZX-AA
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
3317
cf-ray
8d1a6009fa1371c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 08:42:24 GMT
accept-ranges
bytes
x-goog-generation
1707151344434942
content-length
1306
server
cloudflare
LazyImage.77b7aec17419c3045fee.js
g.fastcdn.co/js/
3 KB
1 KB
Script
General
Full URL
https://g.fastcdn.co/js/LazyImage.77b7aec17419c3045fee.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2df39553fbf66c6fccdd2e81c522e0cb68799373b722bb3eaf044b94486858b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=YB4HYQ==, md5=/SmJpqUugEfap38+12ciOA==
etag
"fd2989a6a52e8047daa77f3ed7672238"
age
1680749
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
1216
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 10:27:13 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljug-CzpIu75XgAeeI0Yc_mI7hLxeLy1g2iC6QY9aoKVLCm2r_jEDHa7aptbTPTMxbmJnko3pc-PLg
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600a1b3bdc64-FRA
accept-ranges
bytes
x-goog-generation
1727087233383837
content-length
1216
server
cloudflare
Links.c1a9dcf75cfbd1ae01c0.js
g.fastcdn.co/js/
379 B
512 B
Script
General
Full URL
https://g.fastcdn.co/js/Links.c1a9dcf75cfbd1ae01c0.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e065b142374be24bcdfff600deccc28f6af18f5401cc224342fbe8fca3de357

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=WSORaQ==, md5=gTz6IfkZJU4iVSiHPNQlDA==
etag
"813cfa21f919254e225528873cd4250c"
age
1009065
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
285
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Mon, 30 Sep 2024 09:23:08 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8lju3ZHj40cnoP_s6M7VMp680cspEcbe3Cvx2PfuFFGzZXtrU1otPBAo3iOb6CnGqc7KH4Oji1eVUpQ
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a6009da5edc64-FRA
accept-ranges
bytes
x-goog-generation
1727688188490049
content-length
285
server
cloudflare
Slider.231ae482c4efd6a77d37.js
g.fastcdn.co/js/
11 KB
3 KB
Script
General
Full URL
https://g.fastcdn.co/js/Slider.231ae482c4efd6a77d37.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4653eb9a6bdb1074a5c298ec92708ed8f4bc6faf8bd66df267cf6635584143fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=BJIkAQ==, md5=aO1p5tEi5rfOVq/qxf4ZyQ==
etag
"68ed69e6d122e6b7ce56afeac5fe19c9"
age
1006800
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
2916
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 06:14:22 GMT
x-guploader-uploadid
AD-8ljv0-ahzEG6M3R6vJT-5wsqws73jYzxwfJq4mZ5RcXsSUEPkK1AA-cbsHpHcdYUW5W5H8v2xt4YcEw
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600a3b8adc64-FRA
accept-ranges
bytes
x-goog-generation
1727158462330141
content-length
2916
server
cloudflare
lib.js
heatmap-events-collector.instapage.com/static/
24 KB
9 KB
Script
General
Full URL
https://heatmap-events-collector.instapage.com/static/lib.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:96fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
285
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 22:02:51 GMT
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 11 Oct 2024 11:34:36 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=15552000; includeSubDomains
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control
public, must-revalidate, public
x-dns-prefetch-control
off
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d1a600a9a499208-FRA
x-xss-protection
0
server
cloudflare
gtm.js
www.googletagmanager.com/
400 KB
121 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aecca6a12b118063fd555ee40b7cc0175b1a8a59517e88eb01376b46d1342f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 12 Oct 2024 22:02:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 12 Oct 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122726
x-xss-protection
0
server
Google Tag Manager
it.js
cdn.instapagemetrics.com/t/js/3/
54 KB
54 KB
Script
General
Full URL
https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.17.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
etag
"eee931187060719ab17a352de2424e0c"
age
2918
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
55266
date
Sat, 12 Oct 2024 21:13:58 GMT
last-modified
Tue, 13 Jun 2023 11:21:34 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY3D-2JsUbi3XE3fkhaZerfhVrsmiBM4YrbkTOTVP-GYpFITIPUpuEATRXDlzzvlfDtT7zU
cache-control
public,max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1686655294888925
content-length
55266
server
UploadServer
sptw.051afd940be1c95d0063.js
g.fastcdn.co/js/
63 KB
20 KB
Script
General
Full URL
https://g.fastcdn.co/js/sptw.051afd940be1c95d0063.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c19d88d9366bfa36ffd12f6237c58322e91c1f2e57a896172a05f41318134a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=ddebnQ==, md5=bvf0kBfoGQ8io4n0oEYvrg==
etag
"6ef7f49017e8190f22a389f4a0462fae"
age
3484672
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
20505
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Mon, 02 Sep 2024 11:33:43 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljtdx1Vkye187C3aPcQSkvxjpWt4j8yqQhRkeLuTX6KTwFvUHkyej4WjFXHPrjLwQ0KSNwM
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600baecfdc64-FRA
accept-ranges
bytes
x-goog-generation
1725276823205082
content-length
20505
server
cloudflare
cm.js
g.fastcdn.co/js/
51 KB
18 KB
Script
General
Full URL
https://g.fastcdn.co/js/cm.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
etag
"8e466d98fa1f746c74b1b409d20a0cf3"
age
4122064
cf-cache-status
HIT
x-goog-stored-content-encoding
gzip
expires
Sun, 12 Oct 2025 22:02:36 GMT
x-goog-stored-content-length
17906
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Thu, 30 Jun 2022 02:12:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPpuBnJVPbAHoRQ8pzqSGloYEKfNNMKSFHSs3Ywslbz6mq-VbtjQvynuDVsYuH75ER_I4E6CNa8MIg
cache-control
public, max-age=31536000
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d1a600bdf2ddc64-FRA
accept-ranges
bytes
x-goog-generation
1656555137097208
content-length
17906
server
cloudflare
js
www.googletagmanager.com/gtag/
356 KB
111 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ddebc1e30087ac7ba975b72be58c531ef9c6db6f241573e4700414167dd08ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 12 Oct 2024 22:02:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
113219
x-xss-protection
0
server
Google Tag Manager
bat.js
bat.bing.com/
49 KB
15 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"803483b3aaadb1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4886E7B3B5A34165810A27B53AC71946 Ref B: FRAEDGE1720 Ref C: 2024-10-12T22:02:36Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14402
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:43:41 GMT
vary
Accept-Encoding
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1948
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 12 Oct 2024 23:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 21:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3TS4P88RE5&gtm=45je4a90v887522027z871863389za200zb71863389&_p=1728770556366&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=1012624709.1728770557&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728770556&sct=1&seg=0&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_PerkSpot_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252439.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Db0532a2688e511ef81ad2f860a18b8f9&dr=https%3A%2F%2Fochsner.perkspot.com%2F&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1313
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://page.firstleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
547 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3TS4P88RE5&cid=1012624709.1728770557&gtm=45je4a90v887522027z871863389za200zb71863389&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101671035~101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://page.firstleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3TS4P88RE5&cid=1012624709.1728770557&gtm=45je4a90v887522027z871863389za200zb71863389&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=1493051239
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 12 Oct 2024 22:02:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
5565374.js
bat.bing.com/p/action/
369 B
424 B
Script
General
Full URL
https://bat.bing.com/p/action/5565374.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5F7B2561551E417F8DA7CF9F91EA8543 Ref B: FRAEDGE1720 Ref C: 2024-10-12T22:02:37Z
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
collect
www.google-analytics.com/j/
3 B
423 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=716428949&t=pageview&_s=1&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_PerkSpot_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252439.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Db0532a2688e511ef81ad2f860a18b8f9&dr=https%3A%2F%2Fochsner.perkspot.com%2F&ul=de-de&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1558167158&gjid=1603531347&cid=1012624709.1728770557&tid=UA-68049103-4&_gid=1303718265.1728770557&_r=1&_slc=1&gtm=45He4a90n71TKCVNWv71863389za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101529666~101671035~101686685&npa=1&z=1815563372
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://page.firstleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
64755236-0-circle-checked.png
v.fastcdn.co/u/814df80e/
6 KB
0
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64755236-0-circle-checked.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e3a6420847bb948355183c2fdcdfa9ce099ce7e4bcc9c28ebe41fed127186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=U1rsvg==, md5=oTBtMgz1MnCY5lmQ7o3uww==
cf-bgj
imgq:85,h2pri
etag
"a1306d320cf5327098e65990ee8deec3"
age
777775
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:36 GMT
cf-polished
origFmt=png, origSize=18848
x-goog-stored-content-length
18848
date
Sat, 12 Oct 2024 22:02:36 GMT
content-type
image/webp
content-disposition
inline; filename="64755236-0-circle-checked.webp"
vary
Accept
last-modified
Mon, 22 Jan 2024 14:14:32 GMT
x-guploader-uploadid
AD-8ljsV_vbVsgCTzqjC01IRaIbVYFdZJL0SR9dreCTSY69jpFC62DhBryheaG81h2zxtc0z2rk
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a6009c9f371c1-FRA
x-goog-meta-expires
Fri, 14 Mar 2025 06:14:32 GMT
accept-ranges
bytes
x-goog-generation
1705932872528315
content-length
6642
server
cloudflare
64704234-0-Paste.png
v.fastcdn.co/u/814df80e/
15 KB
15 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64704234-0-Paste.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7050ce1af3ceb595099a9dc5828b44afb9e1d826564f12c1dc1c88694acac863

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://page.firstleaf.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=/6RAqA==, md5=JB/V47yOgVEoEnatIcy4OQ==
cf-bgj
imgq:85,h2pri
etag
"241fd5e3bc8e8151281276ad21ccb839"
age
82640
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=34147
x-goog-stored-content-length
34147
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64704234-0-Paste.webp"
vary
Accept
last-modified
Wed, 13 Dec 2023 20:57:30 GMT
x-guploader-uploadid
AHmUCY2dLvtbJk5iYR9__10_ot7olDpKIIAu7K6USKngDcQ3gvt01LhBEmVdVRINL0GagfibGvKoKYJocQ
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600f0d7971c1-FRA
x-goog-meta-expires
Sun, 02 Feb 2025 12:57:30 GMT
accept-ranges
bytes
x-goog-generation
1702501050105004
content-length
15476
server
cloudflare
60841371-0-USE-THIS-ONE-Firstle.png
v.fastcdn.co/u/814df80e/
53 KB
54 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/60841371-0-USE-THIS-ONE-Firstle.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8400be7d2d60d42fdac04aed87154d78843df12845c5ffb871d274ca8096006

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://page.firstleaf.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=O9LQ7g==, md5=9e8IT0q37+SBu6CHY5NwKg==
cf-bgj
imgq:85,h2pri
etag
"f5ef084f4ab7efe481bba0876393702a"
age
2423398
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origSize=189069, status=webp_bigger
x-goog-stored-content-length
189069
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/png
last-modified
Thu, 03 Feb 2022 22:42:58 GMT
vary
Accept-Encoding
x-guploader-uploadid
AD-8ljsuhthkeJkbdpqQs_cwMyEuHTtiCZdg895mmvgZI2bvDgbkPGOyFUXiCM-BqJnjQItibnk
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600f0d7b71c1-FRA
x-goog-meta-expires
Mon, 27 Mar 2023 14:42:58 GMT
accept-ranges
bytes
x-goog-generation
1643928178741488
content-length
54759
server
cloudflare
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://page.firstleaf.com
Referer
https://fonts.googleapis.com/

Response headers

age
394407
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:29:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:29:10 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
age
3193327
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230081-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1776
x-jsd-version
1.8.1
slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
3 KB
1013 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
age
2147014
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230081-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
928
x-jsd-version
1.8.1
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
42 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
age
798559
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230081-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
9994
x-jsd-version
1.8.1
fbevents.js
connect.facebook.net/en_US/
226 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4480, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
6Br2bc4Wwvhb3tsRNR7Wrjv/1acCon1yftCIj69MWr2O5J8NBYXUV1knFt+GB3agu4/8/R9COh5e+mSAhR7SqQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?1
ping.min.js
cdn.pdst.fm/
22 KB
22 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
age
2475
x-goog-stored-content-encoding
identity
expires
Sat, 12 Oct 2024 22:21:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
22096
date
Sat, 12 Oct 2024 21:21:22 GMT
last-modified
Tue, 25 Jun 2024 13:55:49 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY2K4-47z-X-5NUnhzswKqEFkIARTpv3rCXZeUtvarQ-Nw9Dfwwq1OsAxsE-e2wY0ILfsyY
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1719323749654301
content-length
22096
server
UploadServer
sp-at-v2-14-0.js
images.firstleaf.com/js/
98 KB
30 KB
Script
General
Full URL
https://images.firstleaf.com/js/sp-at-v2-14-0.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
cache-control
max-age=5356800
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"8dba669b94e3865c9205ef8fd15ee4d1"
via
1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
cf-ray
8d1a600f7a89973b-FRA
x-cache
Hit from cloudfront
x-amz-cf-id
hRuaCnqvrdmbnnE_6sJXwWLlTBePV5UqlwOiWi7iGCTAYwdi_gYdvw==
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/javascript
last-modified
Mon, 27 Jul 2020 04:28:00 GMT
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P11
fs.js
edge.fullstory.com/s/
285 KB
77 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
22b51d32f81198bf17ba485ac228d19d1bbf3ce436621a3cd9c15a2a006b1f8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://page.firstleaf.com
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
br
x-goog-hash
crc32c=ECakZA==, md5=PeeabY3P+ziute20s0me2w==
etag
"3de79a6d8dcffb38aeb5edb4b3499edb"
age
2214
x-goog-stored-content-encoding
br
expires
Sat, 12 Oct 2024 22:25:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
78488
date
Sat, 12 Oct 2024 21:25:43 GMT
last-modified
Wed, 09 Oct 2024 15:23:21 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2nrS6gSAxc9GXiJ9Mm0fnKMW56Acwu3Hy87n07S6ktDo_So7uLNkyFDILC5YvRmpDuYPQ
cache-control
public, max-age=3600,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728487400883091
content-length
78488
server
UploadServer
ppt=18168;g=landing_page;gid=41654;ord=1483900499;ip=45.141.152.76;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499;ip=45.141.152.76;cuidchk=1
42 B
721 B
Image
General
Full URL
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499;ip=45.141.152.76;cuidchk=1
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
HTTP/1.1
Server
95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Sun, 9 Nov 1980 12:58:00 GMT
Content-Length
42
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sat, 12 Oct 2024 22:02:37 GMT
Content-Type
image/gif

Redirect headers

Location
/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1483900499;ip=45.141.152.76;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Date
Sat, 12 Oct 2024 22:02:37 GMT
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Content-Type-Options
nosniff
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Server
2600:9000:26e8:c00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d35dec674eeb6ea303b01dbb26c4cf819a50d4f59ca0d2db2ffc00e9cf6ff2ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"c8515978dc28108fed1b0a29960dbcde"
age
2181
x-amz-meta-mtime
1728414440.51
x-cache
Hit from cloudfront
x-amz-cf-id
Lr7QdV4W96oiCqxMtv6Yf6rJhLPj2GePFqbvxSatrC4T5tFuupf6mQ==
date
Sat, 12 Oct 2024 21:26:17 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 19:07:23 GMT
cache-control
max-age=3600, public
via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1192
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors none;
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
referrer-policy
no-referrer-when-downgrade
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/html
server
nginx
x-frame-options
deny
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=71b67348696b454582c45b8a45b1a724&t=homepage
  • https://tags.w55c.net/rs?sccid=fb9d1665-a30a-0972-32b8-d8de3b1a5773&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
42 B
752 B
Image
General
Full URL
https://tags.w55c.net/rs?sccid=fb9d1665-a30a-0972-32b8-d8de3b1a5773&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
HTTP/1.1
Server
52.58.228.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-228-152.eu-central-1.compute.amazonaws.com
Software
Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-098a453d78f3e073c@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=2592000; includeSubDomains
Access-Control-Max-Age
3600
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,OPTIONS
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
42
Date
Sat, 12 Oct 2024 22:02:36 GMT
Content-Type
image/gif
Server
Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-098a453d78f3e073c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto

Redirect headers

Strict-Transport-Security
max-age=2592000; includeSubDomains
Access-Control-Max-Age
3600
Cache-Control
no-cache, must-revalidate
Location
https://tags.w55c.net/rs?sccid=fb9d1665-a30a-0972-32b8-d8de3b1a5773&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Methods
GET,POST,OPTIONS
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 12 Oct 2024 22:02:36 GMT
Server
Retargeting/v2.0.30-813-g905b2fc#rel-ec2-master i-098a453d78f3e073c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
4f1bd082-d454-42cb-bafd-026640e9800e
tag.simpli.fi/sifitag/
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-request-id
F_3TqZlsz55ztyD38M2B
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding
gzip
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
openresty
main.js
page.firstleaf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame FC0A
Redirect Chain
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB
Script
General
Full URL
https://page.firstleaf.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2200bd6220e76c93edb614bccb7245f81cddff52a231171b444d85edf322bb86
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15552000
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8d1a600f887e65b6-FRA
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare

Redirect headers

strict-transport-security
max-age=15552000
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
cf-ray
8d1a600f585e65b6-FRA
access-control-allow-origin
*
content-length
0
date
Sat, 12 Oct 2024 22:02:37 GMT
server
cloudflare
0
bat.bing.com/action/
0
119 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=d309fcca-0662-444e-8f8c-41cac1a0fb94&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&kw=wine,%20wine%20club&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_PerkSpot_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252439.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Db0532a2688e511ef81ad2f860a18b8f9&r=https%3A%2F%2Fochsner.perkspot.com%2F&lt=1739&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=781807
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 653309B89DF346F0AC6368100B9051EE Ref B: FRAEDGE1720 Ref C: 2024-10-12T22:02:37Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:36 GMT
0
bat.bing.com/action/
0
176 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=d309fcca-0662-444e-8f8c-41cac1a0fb94&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=gtm.js&en=Y&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&sw=1600&sh=1200&sc=24&evt=custom&asc=D&cdb=AQAY&rn=119690
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D48E4140B03340B2B6188607ED5F99AF Ref B: FRAEDGE1720 Ref C: 2024-10-12T22:02:37Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:36 GMT
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3TS4P88RE5&gtm=45je4a90v887522027za200zb71863389&_p=1728770556366&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&cid=1012624709.1728770557&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728770556&sct=1&seg=0&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_PerkSpot_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252439.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Db0532a2688e511ef81ad2f860a18b8f9&dr=https%3A%2F%2Fochsner.perkspot.com%2F&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&en=scroll&epn.percent_scrolled=90&_et=12&tfd=1760
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://page.firstleaf.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/
35 B
58 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=716428949&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_PerkSpot_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252439.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Db0532a2688e511ef81ad2f860a18b8f9&dr=https%3A%2F%2Fochsner.perkspot.com%2F&ul=de-de&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page&ea=Template1-quality&el=%2Ffirstleafpartners&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1012624709.1728770557&tid=UA-68049103-4&_gid=1303718265.1728770557&gtm=45He4a90n71TKCVNWv71863389za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101529666~101671035~101686685&npa=1&z=1671318192
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

age
48890
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 08:27:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
tag.js
www.mczbf.com/tags/11334/
55 KB
17 KB
Script
General
Full URL
https://www.mczbf.com/tags/11334/tag.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a800:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
30fe270866f4f883509b9203c1003759aa31458115a608c16a0f899b675de816

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
X-Robots-Tag
noindex, nofollow
X-Request-ID
b0da4f5a-88e5-11ef-aaca-99b3ff48cd4a
Cache-Control
max-age=1800
Content-Encoding
gzip
Age
1
Connection
keep-alive
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
JHTCyfS4pChDmEPp7B0qx3lizwpbRtQY3LwA__mKBEcK_FNp7pbqXA==
Date
Sat, 12 Oct 2024 22:02:36 GMT
Content-Type
application/javascript; charset=UTF-8
X-Amz-Cf-Pop
FRA2-C1
Server
nginx
0
bat.bing.com/action/
0
120 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=d309fcca-0662-444e-8f8c-41cac1a0fb94&el=%2Ffirstleafpartners&ec=Page&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=Template1-quality&en=Y&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&sw=1600&sh=1200&sc=24&evt=custom&asc=D&cdb=AQAY&rn=590337
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED461BA6629544B2B61E8B9AB3FE8FD2 Ref B: FRAEDGE1720 Ref C: 2024-10-12T22:02:37Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 12 Oct 2024 22:02:36 GMT
64733725-0-Slider4.jpg
v.fastcdn.co/u/814df80e/
67 KB
68 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64733725-0-Slider4.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea60f766281949bc2177c91021568b584ff6058d917f8c3bb4a61ae1b13216d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://page.firstleaf.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=8yso2g==, md5=JflM+dmisIBUjexaP/XPgw==
cf-bgj
imgq:85,h2pri
etag
"25f94cf9d9a2b080548dec5a3ff5cf83"
age
20776
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=118013
x-goog-stored-content-length
118013
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64733725-0-Slider4.webp"
vary
Accept
last-modified
Mon, 08 Jan 2024 17:41:25 GMT
x-guploader-uploadid
AHmUCY0yFInxHH10o218EOR-E-pEjgtAA_4zDhZUSnxHaKnUFP9g44NrYa0ir-OF9YF86YDcvw
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600f9dde71c1-FRA
x-goog-meta-expires
Fri, 28 Feb 2025 09:41:25 GMT
accept-ranges
bytes
x-goog-generation
1704735685372383
content-length
68974
server
cloudflare
64531533-0-Exclusive-member-per.png
v.fastcdn.co/u/814df80e/
0
0

63866125-0-HQ-LP-Image-05.jpg
v.fastcdn.co/u/814df80e/
291 KB
292 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/63866125-0-HQ-LP-Image-05.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91aa9a6c203eab189b868e22be75095642a4a3bc6313cf170b6462e96a4fa069

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://page.firstleaf.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=HXn0iw==, md5=AFMjlSIBG2sbXJgWm6s0Vw==
cf-bgj
imgq:85,h2pri
etag
"0053239522011b6b1b5c98169bab3457"
age
1678717
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=2048470
x-goog-stored-content-length
2048470
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="63866125-0-HQ-LP-Image-05.webp"
vary
Accept
last-modified
Thu, 30 Mar 2023 16:01:20 GMT
x-guploader-uploadid
AD-8ljtU9myU4Fj-OdgNDiAc_QkvGGqhNgcpsFDk7PL5dGIMVeuHSoIbpM28Fjns7ASfA7NfX_p8Sh-WVw
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600f9de271c1-FRA
x-goog-meta-expires
Mon, 20 May 2024 08:01:20 GMT
accept-ranges
bytes
x-goog-generation
1680192080772125
content-length
298378
server
cloudflare
ajax-loader.gif
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
4 KB
4 KB
Image
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

Response headers

access-control-expose-headers
*
etag
W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
age
1793925
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/gif
x-served-by
cache-fra-eddf8230081-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4178
x-jsd-version
1.8.1
1706636044-64770417-150x150-arrow-prev.png
v.fastcdn.co/t/thumbnail/20240130/
0
0

1706636042-64770416-150x150-arrow-next.png
v.fastcdn.co/t/thumbnail/20240130/
314 B
662 B
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240130/1706636042-64770416-150x150-arrow-next.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915cbb7f07c967c0ba968097886ee2b4dd64e6cc216b43a11d06401dddf8faeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://page.firstleaf.com/

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=x3ggkw==, md5=gjeVMZXYfRfSPPOZa9JU3g==
cf-bgj
imgq:85,h2pri
etag
"8237953195d87d17d23cf3996bd254de"
age
1057529
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=748
x-goog-stored-content-length
748
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1706636042-64770416-150x150-arrow-next.webp"
vary
Accept
last-modified
Tue, 30 Jan 2024 17:34:02 GMT
x-guploader-uploadid
AD-8ljt3mChu1xF3EbKvViDAbuNUs8kIhkadCVtXasnyFyTJ75b3cbDxu5XI2d1crWZ1kMBVtkY
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
748
cf-ray
8d1a600fade871c1-FRA
x-goog-meta-expires
Sat, 22 Mar 2025 09:34:02 GMT
accept-ranges
bytes
x-goog-generation
1706636042939540
content-length
314
server
cloudflare
1707143370-64780733-150x150-France.png
v.fastcdn.co/t/thumbnail/20240205/
2 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143370-64780733-150x150-France.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844ba7cf297ced245b9a3240cab82df42038cbf35d7936cf430790854a019f7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=08dAcQ==, md5=nJvsrarApLzQjiF3Ld/7og==
cf-bgj
imgq:85,h2pri
etag
"9c9becadaac0a4bcd08e21772ddffba2"
age
82639
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=3485
x-goog-stored-content-length
3485
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143370-64780733-150x150-France.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:29:31 GMT
x-guploader-uploadid
AHmUCY0B7_XS4e1x4coBWjNUS7DVJpoEUqqCCfbEYLomaA0kGN95R1ciS2C6TO_tFOP1du9OcvhTPlyrtA
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
3485
cf-ray
8d1a600fadf771c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:31 GMT
accept-ranges
bytes
x-goog-generation
1707143371351963
content-length
1914
server
cloudflare
1707143409-64780737-150x150-Silver.png
v.fastcdn.co/t/thumbnail/20240205/
10 KB
10 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143409-64780737-150x150-Silver.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54caf1fa6a1edc50ba279842ba65958d3dfc27ccdd12aa87c20ee5521cc3c0b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=gbtA4Q==, md5=J4TQgLbCG9RnCFzgP6uUeQ==
cf-bgj
imgq:85,h2pri
etag
"2784d080b6c21bd467085ce03fab9479"
age
131397
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=15899
x-goog-stored-content-length
15899
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143409-64780737-150x150-Silver.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:10 GMT
x-guploader-uploadid
AHmUCY1Gl99lSePykWwumhcSsh5KpeaIiIz7crhDY8pajpvrD6VgVWBGyAmH4tdAwVpX65SKJ9k
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
15899
cf-ray
8d1a600fbdf871c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:09 GMT
accept-ranges
bytes
x-goog-generation
1707143409971942
content-length
10078
server
cloudflare
64780745-0-St.-Audette.png
v.fastcdn.co/u/814df80e/
202 KB
203 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780745-0-St.-Audette.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79fe59f1583a5788084bea3eac291649744d146441c558657af89a199ef935

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=SY/wCw==, md5=c5ub8bp9V2UHe56DUHZc2A==
cf-bgj
imgq:85,h2pri
etag
"739b9bf1ba7d5765077b9e8350765cd8"
age
131397
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=316356
x-goog-stored-content-length
316356
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780745-0-St.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:41 GMT
x-guploader-uploadid
AHmUCY2w6mZqXxMSvY5yTO-2XHAUQ7PNdiXQn2fShIzHFpyAZj2MX-6YeW-eA3q6TaUqmcoQnS0
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbdf971c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:41 GMT
accept-ranges
bytes
x-goog-generation
1707143441645687
content-length
207230
server
cloudflare
64781322-0-Like.png
v.fastcdn.co/u/814df80e/
1 KB
1 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64781322-0-Like.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460535d21cb0765795ffa52442ac0e6e1d5051bc31407f5e77dac1afa077edcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=wvjrCg==, md5=xlUywlAelnXdd4wGAMemNg==
cf-bgj
imgq:85,h2pri
etag
"c65532c2501e9675dd778c0600c7a636"
age
1056734
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=2643
x-goog-stored-content-length
2643
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64781322-0-Like.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 18:36:18 GMT
x-guploader-uploadid
AD-8lju6Ya4Rp_YweYNcW55BjXaBWfRywS2SE89063kGWoEBl_XH7ruVotJEhIqnK89YHHaeB2s
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbdfa71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 10:36:17 GMT
accept-ranges
bytes
x-goog-generation
1707158178033044
content-length
1078
server
cloudflare
1707143372-64780734-150x150-Chile.png
v.fastcdn.co/t/thumbnail/20240205/
2 KB
3 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143372-64780734-150x150-Chile.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efcdc6c80c020c85311ffd5ff5bd87183932775ac92802bac0b223ee4e8b156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=qA45TA==, md5=BmHO2RoIBPoltiLZ3/zBGw==
cf-bgj
imgq:85,h2pri
etag
"0661ced91a0804fa25b622d9dffcc11b"
age
3136486
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=4069
x-goog-stored-content-length
4069
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143372-64780734-150x150-Chile.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:29:33 GMT
x-guploader-uploadid
AD-8ljsNoS8bZnXCryBb6e2IyuExt9WEI0A2yezBu1txJee62B787xhl71sHLlOkbpAm5dSbLg
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
4069
cf-ray
8d1a600fbdfb71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:33 GMT
accept-ranges
bytes
x-goog-generation
1707143373181907
content-length
2256
server
cloudflare
1707143411-64780738-150x150-Gold.png
v.fastcdn.co/t/thumbnail/20240205/
10 KB
11 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143411-64780738-150x150-Gold.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8486a3f9ae75406b6ca3afd7774fc851165a682a248dd28c275de379224135a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=tEK44Q==, md5=fIknrD+rpgTaKwO4f2CS5Q==
cf-bgj
imgq:85,h2pri
etag
"7c8927ac3faba604da2b03b87f6092e5"
age
72299
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=15143
x-goog-stored-content-length
15143
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143411-64780738-150x150-Gold.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:11 GMT
x-guploader-uploadid
AHmUCY0K-pzXbIBbfz3ZwCIzcBSv3zmslZ7A6mRSMvP-bs4kU1PVJy07WqknkGw-HO61tiSIvcCjxJerQQ
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
15143
cf-ray
8d1a600fbdfc71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:11 GMT
accept-ranges
bytes
x-goog-generation
1707143411784579
content-length
10450
server
cloudflare
64780748-0-25-Degrees.png
v.fastcdn.co/u/814df80e/
194 KB
195 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780748-0-25-Degrees.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59dcd2d919153d915a5a2c47d1294158186372dfc4901cccff7ce02834aeb73d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=S8SjFA==, md5=U5hwppQ4i1NywEHRgKSy9w==
cf-bgj
imgq:85,h2pri
etag
"539870a694388b5372c041d180a4b2f7"
age
829014
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=301965
x-goog-stored-content-length
301965
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780748-0-25-Degrees.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:51 GMT
x-guploader-uploadid
AD-8ljuQ0e4e3nDz1Mls4c2wjUQGVlvjMSgsloB0uTnI-yZYyfrknhvQ1R79iDuCa1IvQmGRGwE
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbdfe71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:51 GMT
accept-ranges
bytes
x-goog-generation
1707143451122651
content-length
198736
server
cloudflare
1707143367-64780729-150x150-USA.png
v.fastcdn.co/t/thumbnail/20240205/
4 KB
4 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143367-64780729-150x150-USA.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a12b438b92f44bc2016f691548ce0632e07415b802954f7671222ef17253ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=hh19iQ==, md5=gYtydGein0qWp1q/yEfqsw==
cf-bgj
imgq:85,h2pri
etag
"818b727467a29f4a96a75abfc847eab3"
age
3136486
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=6420
x-goog-stored-content-length
6420
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143367-64780729-150x150-USA.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:29:28 GMT
x-guploader-uploadid
AD-8ljsQut8-HtguitX3_qXwcH59n5MUabROSzWryF2Ov5SnkCOhS4F_GsG0cmbzcTZeS1SOGw
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
6420
cf-ray
8d1a600fbe0071c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:27 GMT
accept-ranges
bytes
x-goog-generation
1707143368007390
content-length
3658
server
cloudflare
1707143412-64780740-150x150-Double-Gold.png
v.fastcdn.co/t/thumbnail/20240205/
0
0

64780747-0-Thisle--Quail.png
v.fastcdn.co/u/814df80e/
226 KB
227 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780747-0-Thisle--Quail.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673f9d011800204dd6d79b0607fcc635e3be028bcc76308625a65cf678bf1cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=E/F8+Q==, md5=d2QtVgdO9KJZSSvdOVQ72w==
cf-bgj
imgq:85,h2pri
etag
"77642d56074ef4a259492bdd39543bdb"
age
777775
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=346925
x-goog-stored-content-length
346925
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780747-0-Thisle--Quail.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:47 GMT
x-guploader-uploadid
AD-8ljvfjT70OchWO1X-BlQ4eulUMhDIsfUZaKtQV5sa0tExI2Q3sffonVB73E9WXxwrPzEhTYc
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbe0671c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:47 GMT
accept-ranges
bytes
x-goog-generation
1707143447761744
content-length
231494
server
cloudflare
64780744-0-Whale-Light.png
v.fastcdn.co/u/814df80e/
234 KB
234 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780744-0-Whale-Light.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
628834657c267940312e1a8ffa1443276b646ed8cd8509f7f8c6ab284e832bd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=GEB6RQ==, md5=2S0hrWU9C8IAqGoP5s8QNg==
cf-bgj
imgq:85,h2pri
etag
"d92d21ad653d0bc200a86a0fe6cf1036"
age
2009711
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=371059
x-goog-stored-content-length
371059
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780744-0-Whale-Light.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:39 GMT
x-guploader-uploadid
AD-8ljvFj7AnyElKK0YaXWIL-zDB7fe_n170ghXM_wFydXRfwRui0xeI6HubcgvoShFLpRNzrLM
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbe0871c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:39 GMT
accept-ranges
bytes
x-goog-generation
1707143439299735
content-length
239154
server
cloudflare
64780746-0-Castillo-Quebrado.png
v.fastcdn.co/u/814df80e/
261 KB
0
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780746-0-Castillo-Quebrado.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=/EypCA==, md5=tJ8at7YbQO97jR1qKQ0OIg==
cf-bgj
imgq:85,h2pri
etag
"b49f1ab7b61b40ef7b8d1d6a290d0e22"
age
243976
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=405580
x-goog-stored-content-length
405580
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780746-0-Castillo-Quebrado.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:44 GMT
x-guploader-uploadid
AHmUCY22hjGonCZNXOApCzLpOZpg6FeWvZVbJ4Odc0qhJ8Xw7hcrN5JtWOHTD0biL3rsgLVMxk7wXkdUog
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbe0a71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:44 GMT
accept-ranges
bytes
x-goog-generation
1707143444947362
content-length
269942
server
cloudflare
1707143369-64780731-150x150-South-Africa.png
v.fastcdn.co/t/thumbnail/20240205/
4 KB
4 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143369-64780731-150x150-South-Africa.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10dad0283c64a3ce558080e000850d6635c96244e1140770ea285296f88af1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=htGdnQ==, md5=s36St42wdamLb/5zL6p8Xw==
cf-bgj
imgq:85,h2pri
etag
"b37e92b78db075a98b6ffe732faa7c5f"
age
72299
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=6148
x-goog-stored-content-length
6148
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="1707143369-64780731-150x150-South-Africa.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:29:29 GMT
x-guploader-uploadid
AHmUCY09UlyE-u-_F-vD7EP8ascIG2hlVLv1g5Lbg_4bDZY23Rlc4TUFRJgVmogf3GPAT6JO2orIxwop3A
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
6148
cf-ray
8d1a600fbe0b71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:29 GMT
accept-ranges
bytes
x-goog-generation
1707143369856055
content-length
3690
server
cloudflare
64780743-0-Wisdom-Point.png
v.fastcdn.co/u/814df80e/
216 KB
217 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780743-0-Wisdom-Point.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36448550261e964217811600224a54578479bb9f0c417ac213a84b597ff178e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
2
x-goog-hash
crc32c=1TeQcQ==, md5=C/GGxCUdm6j3OxGJyayfNQ==
cf-bgj
imgq:85,h2pri
etag
"0bf186c4251d9ba8f73b1189c9ac9f35"
age
2009711
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Tue, 10 Oct 2034 22:02:37 GMT
cf-polished
origFmt=png, origSize=340628
x-goog-stored-content-length
340628
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
image/webp
content-disposition
inline; filename="64780743-0-Wisdom-Point.webp"
vary
Accept
last-modified
Mon, 05 Feb 2024 14:30:36 GMT
x-guploader-uploadid
AD-8ljsEpYlPHvXOgj7c1hAsw7gH9FArShBYi03HJTmEdgUBl9is98k63yG446qDfl64j36lK6B-6TA49Q
cache-control
public, max-age=315360000
x-goog-storage-class
STANDARD
x-goog-meta-content-length
0
cf-ray
8d1a600fbe0c71c1-FRA
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:36 GMT
accept-ranges
bytes
x-goog-generation
1707143436213411
content-length
221124
server
cloudflare
1669030446688031
connect.facebook.net/signals/config/
0
0

ingest
pixels.spotify.com/v1/
52 B
271 B
Fetch
General
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
70466ab4ea33c0e8b4ef42de95eb6a04f2f3c413695c2c49e4bd55d8e76d42f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
grpc-status
0
content-encoding
gzip
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
via
HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding
gzip,x-snappy-framed
access-control-allow-origin
https://page.firstleaf.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/json
vary
Accept-Encoding
grpc-encoding
identity
server
envoy
ingest
pixels.spotify.com/v1/ Frame
0
0
Preflight
General
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://page.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://page.firstleaf.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 12 Oct 2024 22:02:37 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
web
edge.fullstory.com/s/settings/134SPF/v1/
10 KB
3 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/134SPF/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6c7f3ff8ccc5ce2ecf76874a348ecedc3780794eecb42addbbe20a0ae745442

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=TMlMpA==, md5=5PdARtdADkVdcmi0UA5RSw==
etag
"e4f74046d7400e455d7268b4500e514b"
x-goog-stored-content-encoding
gzip
expires
Sat, 12 Oct 2024 22:17:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2338
date
Sat, 12 Oct 2024 22:02:37 GMT
last-modified
Sat, 12 Oct 2024 22:00:47 GMT
content-type
application/json
x-guploader-uploadid
AHmUCY23rrEzC7eys2dLnDWXstNjRCahy_FBwZXa2mfegg0PuTPKTVDogMwymqMKg32_9LDdsPetAu_qkA
cache-control
public,max-age=900,no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1728770447203919
content-length
2338
server
UploadServer
8d1a6007ca4465b6
page.firstleaf.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FC0A
0
625 B
XHR
General
Full URL
https://page.firstleaf.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d1a6007ca4465b6
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

strict-transport-security
max-age=15552000
cf-ray
8d1a6010793265b6-FRA
content-length
0
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
pipeline
ct.firstleaf.com/prh/ Frame
0
0

pipeline
ct.firstleaf.com/prh/
0
0

seteventid.png
www.mczbf.com/tags/images/b0532a2688e511ef81ad2f860a18b8f9/11334/1713813d-4fe8-4ac9-be9a-767a473091f7/
68 B
994 B
Image
General
Full URL
https://www.mczbf.com/tags/images/b0532a2688e511ef81ad2f860a18b8f9/11334/1713813d-4fe8-4ac9-be9a-767a473091f7/seteventid.png?hasConsent=true&cjConsent=MXxZfDB8WXww
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a800:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

X-Robots-Tag
noindex, nofollow
X-Request-ID
b14e6d49-88e5-11ef-9637-89adbd1e2b5c
Cache-Control
no-store
Connection
keep-alive
Via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
X-Cache
Miss from cloudfront
Content-Length
68
X-Amz-Cf-Id
0dJNT977OpGzB-BVNAvGVYeI_yvdl2EcU-05XLuYyKlxL8Lwo7SNzg==
Date
Sat, 12 Oct 2024 22:02:37 GMT
Content-Type
image/png
X-Amz-Cf-Pop
FRA2-C1
Server
nginx
pageInfo
www.mczbf.com/11334/
68 B
713 B
Fetch
General
Full URL
https://www.mczbf.com/11334/pageInfo
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a800:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded

Response headers

X-Robots-Tag
noindex, nofollow
X-Request-ID
b151534b-88e5-11ef-b761-d116b5172028
Cache-Control
no-store
Connection
keep-alive
Via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Content-Length
68
X-Amz-Cf-Id
4lLmmpVLJS8_DOFArLff8S0FzM9v5EvJ4bmbajuaGAE9HDqFfDKssw==
Date
Sat, 12 Oct 2024 22:02:37 GMT
Content-Type
image/png
X-Amz-Cf-Pop
FRA2-C1
Server
nginx
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/
11 KB
4 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"6866a400e135f757d0d00c3e9c032d3b"
age
356007
x-amz-meta-mtime
1728414440.5
x-cache
Hit from cloudfront
x-amz-cf-id
15M14O845qsmv82SOqQA8CiSRcMXyvVsIsHOHQQdMzXhSFBpYVQdIQ==
date
Tue, 08 Oct 2024 19:09:11 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2024 19:07:27 GMT
cache-control
max-age=2592000, public
via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
3876
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
widget.js
d2mjzob2nc713b.cloudfront.net/widget/
145 KB
0
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=9dfd28d
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"ebd23a99ae7f85cf9e45b89747a7b01d"
age
356008
x-amz-meta-mtime
1728414438.65
x-cache
Hit from cloudfront
x-amz-cf-id
2mU2MkR817seMFJsPeBu85SDVLqImyFQF9fLpf_hkndpDiB8jYc_pQ==
date
Tue, 08 Oct 2024 19:09:10 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2024 19:07:25 GMT
cache-control
max-age=2592000, public
via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
50165
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
page
rs.fullstory.com/rec/
85 B
285 B
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f26c05357ed85c3387446a15d003a2a5a0401b84b2248bcae4a7ee420ae1349
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
https://page.firstleaf.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
text/plain; charset=utf-8
lightbox_speed.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
960 B
984 B
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1728770557808
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1536512/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
79768b04e95f10c852e7d6dc51d9dd30852fcf67a94e27bd6c217e9dc310bd4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
RuNUZhf34mJPhLvpt6vDcQ==
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
content-encoding
br
expires
Sat, 12 Oct 2024 22:03:38 GMT
cf-polished
origSize=1355
date
Sat, 12 Oct 2024 22:02:38 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 21:18:20 GMT
vary
Accept-Encoding
cache-control
public, max-age=60
x-ms-request-id
418a018d-201e-003c-2090-04aceb000000
cf-ray
8d1a60127e72d348-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
user.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
133 KB
21 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/user.js?cb=638616862753296322
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1728770557808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
99120a1f60d459279fb7ddad2a5e78ae75180153d2d304871c25d966505a2855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
rj2S0onYmyYfNTR4KEEYgg==
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
257709
content-encoding
br
expires
Sun, 12 Oct 2025 22:02:38 GMT
date
Sat, 12 Oct 2024 22:02:38 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 21:17:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
39dde0e1-a01e-0062-4490-045fe8000000
cf-ray
8d1a60139938d348-FRA
x-ms-blob-type
BlockBlob
server
cloudflare
digibox.gif
www.lightboxcdn.com/z9g/
35 B
274 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1728770558014&h=page.firstleaf.com&e=p&u=44194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
KNaBTzCeoon4R8ac+RGUxg==
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
etag
0x8DAD3F8864E2F29
x-ms-version
2009-09-19
cf-cache-status
HIT
age
1444071
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
date
Sat, 12 Oct 2024 22:02:38 GMT
content-type
image/gif
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
vary
Accept-Encoding
x-ms-request-id
0ac763a0-b01e-0054-17e2-73f2ba000000
cf-ray
8d1a6013993bd348-FRA
accept-ranges
bytes
content-length
35
x-ms-blob-type
BlockBlob
server
cloudflare
main.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
491 KB
122 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/main.js?cb=2F1C9ADB05D43D6A2713692234CCBD82
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/user.js?cb=638616862753296322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
754d293c0e7491ec7bacde4851073407ddf3e419c6d571c4afc4ebbc3296ff47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Lxya2wXUPWonE2kiNMy9gg==
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
257709
content-encoding
br
expires
Sun, 12 Oct 2025 22:02:38 GMT
cf-polished
origSize=502592
date
Sat, 12 Oct 2024 22:02:38 GMT
content-type
application/javascript
last-modified
Wed, 11 Sep 2024 21:17:54 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-ms-request-id
e0c5750d-a01e-000f-2990-04f5c6000000
cf-ray
8d1a6013c99ad348-FRA
x-ms-blob-type
BlockBlob
server
cloudflare
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=20240725
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/main.js?cb=2F1C9ADB05D43D6A2713692234CCBD82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9e71 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-md5
q4B4xYJoZwx9ikt94o1nCA==
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
404655
content-encoding
br
expires
Tue, 12 Nov 2024 22:02:38 GMT
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
date
Sat, 12 Oct 2024 22:02:38 GMT
content-type
text/css
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
vary
Accept-Encoding
cache-control
public, max-age=2678400
x-ms-request-id
8024737a-001e-0020-53c2-e174fc000000
cf-ray
8d1a60144a76d348-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
z
api.lightboxcdn.com/z9gd/44194/page.firstleaf.com/jsonp/
769 B
1 KB
Script
General
Full URL
https://api.lightboxcdn.com/z9gd/44194/page.firstleaf.com/jsonp/z?cb=1728770558125&dre=l&callback=jQuery1124010609512066648863_1728770558114&_=1728770558115
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/main.js?cb=2F1C9ADB05D43D6A2713692234CCBD82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9b97f8330cead368a6b235423fb9a63a227bf4cc52f5ddf944900ce861226bca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

date
Sat, 12 Oct 2024 22:02:37 GMT
content-type
application/javascript
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ochsner.perkspot.com
URL
blob:https://ochsner.perkspot.com/2abe629b-87f6-4e79-8e0e-1cc33cda8ee8
Domain
d1hdjv7b05hja2.cloudfront.net
URL
https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Domain
cloud.typography.com
URL
https://cloud.typography.com/7410416/6307592/css/fonts.css
Domain
v.fastcdn.co
URL
https://v.fastcdn.co/u/814df80e/64531533-0-Exclusive-member-per.png
Domain
v.fastcdn.co
URL
https://v.fastcdn.co/t/thumbnail/20240130/1706636044-64770417-150x150-arrow-prev.png
Domain
v.fastcdn.co
URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143412-64780740-150x150-Double-Gold.png
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1669030446688031?v=2.9.170&r=stable&domain=page.firstleaf.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Domain
ct.firstleaf.com
URL
https://ct.firstleaf.com/prh/pipeline
Domain
ct.firstleaf.com
URL
https://ct.firstleaf.com/prh/pipeline

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setupGTM object| dataLayer object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator boolean| __new_tracker object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement object| webpackChunk function| $ function| ijQuery function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __eventBus function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_5de12f345a object| uetq object| gaplugins object| gaData function| setGTMPage function| updateQueryStringParameter function| getQueryWithLink function| setLinks number| interval boolean| mobileStickyActive function| stickyLogic function| fbq function| _fbq function| pdst function| snowplow string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| AddShoppersWidgetOptions object| unknown object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady object| cj string| cookieName string| cookieValue number| expirationTime string| date number| dateTimeNow string| test_page function| instapageAnchorClick function| spdt string| _fs_loaded function| _fs_shutdown object| sifi_att_1179950 function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| CJApi object| cjApi object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers function| AddShoppersTriggerRunner

50 Cookies

Domain/Path Name / Value
.pslogin.perkspot.com/ Name: TiPMix
Value: 52.72298488692023
.pslogin.perkspot.com/ Name: x-ms-routing-name
Value: self
.perkspot.com/ Name: perkspot-auth
Value: eyJhY2Nlc3NUb2tlbiI6eyJhdXRoZW50aWNhdGlvbk1vZGUiOjAsInZhbHVlIjoiZXlKaGJHY2lPaUFpVWxNeU5UWWlMQ0FpZEhsd0lqb2dJa3BYVkNJc0lDSnJhV1FpT2lBaWFIUjBjSE02THk5d2N5MXdjbTlrTFd0bGVYWmhkV3gwTG5aaGRXeDBMbUY2ZFhKbExtNWxkQzlyWlhsekwxTjViblJvWlhScFkxUnZhMlZ1TFRBdlptUTNaalJtT1dZell6QTVORGc0WlRsa01UQXdNVGc0Wm1Zell6UmtabVVpZlEuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMM2QzZHk1d1pYSnJjM0J2ZEM1amIyMGlMQ0pqYVdRaU9pSjJjRGw2YkRSbU9IZDZlV054TjJGek0yMWthU0lzSW1OdmRXNTBjbmxmYVdRaU9qTXpMQ0pqYjIxdGRXNXBkSGxmYVdRaU9qRXdOekFzSW1GMWRHaGxiblJwWTJGMGFXOXVUVzlrWlNJNk1Dd2lkWE5sY2w5cFpDSTZNelV3TlRnNE9EVXNJbVZ0WVdsc0lqb2liV1ZoWjJGdUxtWnZiblJsYm05MFFHOWphSE51WlhJdWIzSm5JaXdpYzNWaUlqb2liV1ZoWjJGdUxtWnZiblJsYm05MFFHOWphSE51WlhJdWIzSm5JaXdpYVdGMElqb3hOekk0Tnpjd05UVXhMQ0psZUhBaU9qRTRNak16TnpnMU5URXNJbXRwWkNJNmJuVnNiSDAuMUcyQXJDT1JqRE04TzBxLUVmSTNTT2VaSFU4N2drQnRTdFhEZElIekY4M05QamNkN00wSndHLWJTeVhWd2hLSndnMnFmZzh4bk5PdGNsN1U3bVUyTzRnYkM1aFVZOXgwdkxnazB1cGJrLUVkUDVTRHlSeTFnQ2xoOVhzQUJYQnI3dW1qS3ZNUEExaVRuN0FSS2RSX0FMYnJENGlmb2lBVFg0Z0F3VUQyUFFHZzdpeWxzZGNJYVpDLS1nc1FyUGpuSzBxX1FGWnNLa3ZaUFR4M01IVUM5Z0RKOU5PeVJsd2J1TElqQktXb09RTU0yRTVhWEVtelM5OERabXRQdWdjdjN5NVN4VmJmUFE3VTVIc1JGQ1B1NzdTWVpfbEZsQ3FNcExKNVV6UmlDY3RwNF8zZy1uTjVTYy1KVU5rYUxINmxYZ003bmhZRTAxMUFUU1lUeGxxbTNBIiwiZXhwaXJhdGlvbiI6IjIwMjctMTAtMTJUMjI6MDI6MzErMDA6MDAiLCJpc0V4cGlyZWQiOmZhbHNlfSwicmVmcmVzaFRva2VuIjpudWxsLCJjbGllbnRJZCI6InZwOXpsNGY4d3p5Y3E3YXMzbWRpIiwidXNlcklkIjozNTA1ODg4NSwidXNlckVtYWlsIjoibWVhZ2FuLmZvbnRlbm90QG9jaHNuZXIub3JnIiwiY291bnRyeUlkIjozMywiY29tbXVuaXR5SWQiOjEwNzAsImtpZCI6Imh0dHBzOi8vcHMtcHJvZC1rZXl2YXVsdC52YXVsdC5henVyZS5uZXQva2V5cy9TeW50aGV0aWNUb2tlbi0wL2ZkN2Y0ZjlmM2MwOTQ4OGU5ZDEwMDE4OGZmM2M0ZGZlIn0=
pslogin.perkspot.com/ Name: communityId
Value: 1070
pslogin.perkspot.com/ Name: SessionHolder
Value: b08b84bf-616b-47de-89cf-d59ff03474a2
pslogin.perkspot.com/ Name: ps_sid
Value: b08b84bf-616b-47de-89cf-d59ff03474a2
.ochsner.perkspot.com/ Name: TiPMix
Value: 2.321844758748526
.ochsner.perkspot.com/ Name: x-ms-routing-name
Value: self
ochsner.perkspot.com/ Name: SessionHolder
Value: a825cdc7-ebab-44c0-98b6-8293eafcfbd0
ochsner.perkspot.com/ Name: ps_sid
Value: a825cdc7-ebab-44c0-98b6-8293eafcfbd0
ochsner.perkspot.com/ Name: __RequestVerificationToken
Value: ZZfj_s75Rjq2yxTyILW4ShODbbeMBOlXwhV2suCC5X7dw1F8sHnz7OS6Xbf7w0RybGdZyqPxndvpEv64rX6rb7Sm4D23c6UbNK3GqfCUHvYCdk1elYkTMfNyq1qkDF2GLIU9izI2hKZJexCTcTclDQ2
.ochsner.perkspot.com/ Name: _vwo_uuid_v2
Value: D72A90253FE1FB795F6093234CF54EC54|f5fdc6007a3773cb23751872ea4be094
ochsner.perkspot.com/ Name: ai_user
Value: 0KHDDrz5pmRPm7BQhHo+Ak|2024-10-12T22:02:33.208Z
.perkspot.com/ Name: _vwo_uuid
Value: D72A90253FE1FB795F6093234CF54EC54
.perkspot.com/ Name: _vwo_ds
Value: 3%241728770552%3A67.07616751%3A%3A
.perkspot.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.perkspot.com/ Name: _vis_opt_s
Value: 1%7C
.perkspot.com/ Name: _vis_opt_test_cookie
Value: 1
.perkspot.com/ Name: TLTSID
Value: 25706723010990674180216665209357
ochsner.perkspot.com/ Name: ai_session
Value: KN1V9LOPmyrKdHZBnzsqet|1728770553559|1728770553559
ochsner.perkspot.com/ Name: cjConsent
Value: 0|0:1728770555532|0
.dotomi.com/ Name: CJSession
Value: 04548051-7c27-4e90-b2d0-5ccba625e651
.dotomi.com/ Name: cjae
Value: 8runN0_kD8aP
.dotomi.com/ Name: DotomiUser
Value: 400405929715900950$0$1
.dotomi.com/ Name: LCLK
Value: cjo!x2pz-t14cigr6
.emjcd.com/ Name: S
Value: 400405929715900950:8runN0_kD8aP
.emjcd.com/ Name: LCLK
Value: cjo!x2pz-t14cigr6
.emjcd.com/ Name: CJSession
Value: 04548051-7c27-4e90-b2d0-5ccba625e651
.page.firstleaf.com/ Name: __cf_bm
Value: VWRy2UPxphUD7DJARPOD13WF7SekPwMlHgB6_6LYI30-1728770556-1.0.1.1-dJwZiCqMWSuubRZmna_OL.yI__Im4GY2NBZTR6ew1b4KxiqjUc8iPRRO2OnBgIvlVKtrlB15whC_oO4a_YzXCg
.instapage.com/ Name: __cf_bm
Value: QHlLpJbYXQRGxKtkzbl17P.b_03KXJnqCa8sGRM5mFo-1728770556-1.0.1.1-X9TuY63hpifb6pTDBTjTEqP.TIzrGhdwoyDNhxLeCQ.nHjLcAJ8d0paW6U7vAKc.1lKCmVQS_0aseeiemVod2g
.firstleaf.com/ Name: _gcl_au
Value: 1.1.108762444.1728770557
.firstleaf.com/ Name: _ga
Value: GA1.2.1012624709.1728770557
.firstleaf.com/ Name: _gid
Value: GA1.2.1303718265.1728770557
.firstleaf.com/ Name: _gat_UA-68049103-4
Value: 1
.firstleaf.com/ Name: query
Value: ?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_PerkSpot_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2439.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=b0532a2688e511ef81ad2f860a18b8f9
.firstleaf.com/ Name: CJEVENT
Value: b0532a2688e511ef81ad2f860a18b8f9
.trkn.us/ Name: barometric[cuid]
Value: cuid_670af1fd-9cd0-4170-9212-85acd2796313
.firstleaf.com/ Name: _ga_3TS4P88RE5
Value: GS1.1.1728770556.1.0.1728770557.59.0.0
.simpli.fi/ Name: suid
Value: 8019A9D1AB094DBF8082296CC0A113CD
.w55c.net/ Name: wfivefivec
Value: ntK6FdNZ1SZKc52
page.firstleaf.com/ Name: __pdst
Value: 08e3d75a8e8542da94dc1d033ade64ea
.firstleaf.com/ Name: _sp_ses.bd58
Value: *
.firstleaf.com/ Name: _sp_id.bd58
Value: 8d3ac0ef-36f0-4c86-9d65-6ad034f54ce9.1728770558.1.1728770558.1728770558.2e5a0fb5-afae-4d09-8cc1-3963c0beb5e8
.firstleaf.com/ Name: cjConsent
Value: MXxZfDB8WXww
.firstleaf.com/ Name: cjUser
Value: 1713813d-4fe8-4ac9-be9a-767a473091f7
.firstleaf.com/ Name: cjevent_dc
Value: b0532a2688e511ef81ad2f860a18b8f9
.mczbf.com/ Name: cjevent_sc
Value: b0532a2688e511ef81ad2f860a18b8f9
.mczbf.com/ Name: cjConsent
Value: MXxZfDB8WXww
.mczbf.com/ Name: cjUser
Value: 1713813d-4fe8-4ac9-be9a-767a473091f7
.page.firstleaf.com/ Name: cf_clearance
Value: 7LiRsHvpWGc2FtwIWtNGBsBSGsUd0bCJclbj3QRk.J0-1728770557-1.2.1.1-E5XDEH8XQp3wvPLKBvtk5KXD7OOCWvlcOpGEe4rvpx_yPwWVpA9NQGGqwJHTWZPU2BqspKEKBUGSSLQs4nVZRh5JPZoJzI7zjPey._KTcdWI0cO1fZjTt8_ckLY16pLamyZ3pmJW646EB7BkfhxTMVNXZb4BKI1treBC.F3dgHVcz9RiKNwes9v5dOJGLUg5TZTGZpKzbJZ69QbEx_MNzRR6XSyKKJzasOtmQ3cZi2Ii.E_yn8GraqR9_HMIKgUKg7J3hRYji.UG6QiWrhAr.bIRDSprJsd0x1fgnYHHs8fbG6.rVsrPcm4GS0R7ClRMciNaIpnsj8U1ruNs1182D4yKFjY8jMkhMPOVxp2SP7ley0qXF0HIo7fPubAaNXCL

1 Console Messages

Source Level URL
Text
network error URL: https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lightboxcdn.com
az416426.vo.msecnd.net
bat.bing.com
cdn.instapagemetrics.com
cdn.jsdelivr.net
cdn.pdst.fm
cdn.rollbar.com
cj.dotomi.com
clicks.tyuwq.com
cloud.typography.com
connect.facebook.net
ct.firstleaf.com
d1hdjv7b05hja2.cloudfront.net
d2mjzob2nc713b.cloudfront.net
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
edge.fullstory.com
ekr.zdassets.com
email.perkspot.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
images.firstleaf.com
js.go2sdk.com
lib-us-1.brilliantcollector.com
ochsner.perkspot.com
page.firstleaf.com
perkspot.zendesk.com
pixels.spotify.com
pslogin.perkspot.com
psprods3ep.azureedge.net
region1.analytics.google.com
rs.fullstory.com
shop.pe
static.zdassets.com
stats.g.doubleclick.net
tag.simpli.fi
tags.w55c.net
trkn.us
unpkg.com
url1941.psmark.perkspot.com
v.fastcdn.co
www.emjcd.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.kqzyfj.com
www.lightboxcdn.com
www.mczbf.com
www.p.zjptg.com
www.sjwoe.com
cloud.typography.com
connect.facebook.net
ct.firstleaf.com
d1hdjv7b05hja2.cloudfront.net
ochsner.perkspot.com
v.fastcdn.co
104.18.70.113
104.18.72.113
108.138.26.67
13.107.253.51
13.33.187.48
18.153.182.205
18.66.102.5
20.40.202.0
20.50.88.244
2001:4860:4802:34::36
216.198.53.1
2600:1901:1:7c5::
2600:9000:20eb:a800:16:4ed5:12c0:93a1
2600:9000:2646:1600:7:f1a3:af00:93a1
2600:9000:26e8:c00:d:370a:51c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::ac43:8e4
2606:4700:4400::6812:29da
2606:4700:4400::ac40:9226
2606:4700:4400::ac40:95d5
2606:4700:4400::ac40:96fb
2606:4700::6811:9e71
2606:4700::6811:f9cb
2620:1ec:33::10
2620:1ec:bdf::64
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9b
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:600::485
3.234.152.166
34.36.17.181
34.96.102.137
35.186.194.58
35.201.112.186
35.227.244.1
35.234.162.151
35.244.142.80
52.58.228.152
89.207.16.75
95.101.111.153
034e3e9fee331ffd6f57ca9caa698aad4f7d9a9fc4cec17d4283555f2252b87e
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
0a837a16374198c6233ca32292dde824cbc4c4367222725189cb5bc3166a2263
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1436939ed29c528098b948903ff835b1f1066a45afc277c43053a25964d1761c
143facb143d219ecd0daa5774d09c24b92354cc68c01dabd36118811efb9b76e
172825dc1b0c65b17b4b9ea902fba091e8dfa426e5780410fdccde55b474f1ec
190e3a6420847bb948355183c2fdcdfa9ce099ce7e4bcc9c28ebe41fed127186
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
2200bd6220e76c93edb614bccb7245f81cddff52a231171b444d85edf322bb86
22b51d32f81198bf17ba485ac228d19d1bbf3ce436621a3cd9c15a2a006b1f8a
22d5844a30edf2c15420b17b1b14c47e910a7bfadf33cd93d1767aba1be29055
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
27fcacfada9a1fdba451a84d124a18668989c4b9ea190bfab4e467e26c8f3524
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf
2b6ba0e6eed66ab5345210b7d09665ad5ab7e8b737b6f6cb0ae65d267372cc44
2df39553fbf66c6fccdd2e81c522e0cb68799373b722bb3eaf044b94486858b9
2e065b142374be24bcdfff600deccc28f6af18f5401cc224342fbe8fca3de357
2f26c05357ed85c3387446a15d003a2a5a0401b84b2248bcae4a7ee420ae1349
30fe270866f4f883509b9203c1003759aa31458115a608c16a0f899b675de816
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
3561975f42ad260538e6695ce33c6aa2b97bba2d3b23323179b7f3a63ec38474
36448550261e964217811600224a54578479bb9f0c417ac213a84b597ff178e9
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
460535d21cb0765795ffa52442ac0e6e1d5051bc31407f5e77dac1afa077edcc
4653eb9a6bdb1074a5c298ec92708ed8f4bc6faf8bd66df267cf6635584143fa
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
470bf3f1c1c57d07c7de0523efa3fc852f6102ff6b704486e146e59573da6244
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4a657793caad0dd13ac8023261ea178ea6957cbf242c4fdc8b74912c5c662580
4c9f5aa5c5fa6b091b723ddbb2c641f30e8be0d81aeaf3fe091bd9d2f2bd620b
4efcdc6c80c020c85311ffd5ff5bd87183932775ac92802bac0b223ee4e8b156
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
52aaa9f0f12d6a4201aa94e5abaa8e9c19b0473e53ca6f22d86ebf7d15233bfe
54caf1fa6a1edc50ba279842ba65958d3dfc27ccdd12aa87c20ee5521cc3c0b5
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5
59dcd2d919153d915a5a2c47d1294158186372dfc4901cccff7ce02834aeb73d
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
5ddebc1e30087ac7ba975b72be58c531ef9c6db6f241573e4700414167dd08ac
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
628834657c267940312e1a8ffa1443276b646ed8cd8509f7f8c6ab284e832bd3
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864
65d52036f15bab565f92865572df39ef3d31d34bff5e21ee510212127e7fdad5
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
673f9d011800204dd6d79b0607fcc635e3be028bcc76308625a65cf678bf1cfa
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
70466ab4ea33c0e8b4ef42de95eb6a04f2f3c413695c2c49e4bd55d8e76d42f2
7050ce1af3ceb595099a9dc5828b44afb9e1d826564f12c1dc1c88694acac863
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
754d293c0e7491ec7bacde4851073407ddf3e419c6d571c4afc4ebbc3296ff47
764ab7d0b07ecf326e83b47494588e9e1c5d2bccc97eac9a51fc58cd2bc41904
79768b04e95f10c852e7d6dc51d9dd30852fcf67a94e27bd6c217e9dc310bd4d
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ba7cf297ced245b9a3240cab82df42038cbf35d7936cf430790854a019f7c
8466dbfb650cffcc9fc9c35553b8d2a79a0010b0b6865a7e5dd685188bd1b8ce
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
915cbb7f07c967c0ba968097886ee2b4dd64e6cc216b43a11d06401dddf8faeb
91aa9a6c203eab189b868e22be75095642a4a3bc6313cf170b6462e96a4fa069
94c7924b975fe9b0165bd088077e9aeeeb829d69a18032b9e366eadbb7a01d1e
99120a1f60d459279fb7ddad2a5e78ae75180153d2d304871c25d966505a2855
9b97f8330cead368a6b235423fb9a63a227bf4cc52f5ddf944900ce861226bca
9d6b59f630dd3df5dcff0f6af131d1d94ebc050f3d38f61f40ef56e793093cd5
a14792366d25338a05d84f06ee7b1317767be34640a1fbf90672491caac2e7bb
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
a8400be7d2d60d42fdac04aed87154d78843df12845c5ffb871d274ca8096006
ac37996ea31bb4a1009ab93325cd2e100f3a04159a10ba7d7335f8f9b6d8a430
ad79fe59f1583a5788084bea3eac291649744d146441c558657af89a199ef935
aecca6a12b118063fd555ee40b7cc0175b1a8a59517e88eb01376b46d1342f55
af6fc53eb5ad3e479ea7ff78ef22b1a3edd15ea3f777effd9170188dc6131527
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
b6b710b12fa42c858b3097f1690225836b05341d990b21dd78aae066c7ced975
b828d32445a345d885fce5981f71dcafd56ba090f89ab77b68109ac50bc1aed3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
c14117f777cb68fc4afc7be60160853bb2b9b9f86723c8be5565a6ccbcdc088c
c1a12b438b92f44bc2016f691548ce0632e07415b802954f7671222ef17253ef
c30136c3d8d995e7c03fd43c0bf3c5a17c9747c0240e91ca7b636942436121f3
c33ba590f5334bba90889673ebe46c707f90decafc12432975fa72964145cc6e
c90375474ff774912013e44abb18b2d12dc39b54bd5991ccc045767817c43dbe
c9c19d88d9366bfa36ffd12f6237c58322e91c1f2e57a896172a05f41318134a
ce2f5f717894e0800586a3fb5022ac8e8ea105d8a7dee912532b61d9a6fee7be
cf9a4c09eafaca75b6f22c46fbff83eb82cb10a70bca691fb39691847d0a44c6
d10dad0283c64a3ce558080e000850d6635c96244e1140770ea285296f88af1f
d29ab545fa809eb1e110057fe3fda8de08aaeaebe4789befa355aeca485f954a
d35dec674eeb6ea303b01dbb26c4cf819a50d4f59ca0d2db2ffc00e9cf6ff2ce
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d4b821d2b6d83ce0869a8fea875d4627bc4824afe37e7efd6c410455e99332b6
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
d6b6e98b85f8c643cc8a1c28e197b81329465e9da317fc62c90f233ceaaddf7e
d6c7f3ff8ccc5ce2ecf76874a348ecedc3780794eecb42addbbe20a0ae745442
d8486a3f9ae75406b6ca3afd7774fc851165a682a248dd28c275de379224135a
d8af4966c94bfa4e9ae22b7a1cc7fc8c6c30d2ed7149bfdb5f29922c19843a17
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec8cc724b3f5b0bca627bd9a42e7efad08983ebe6562a6a51f2fdb3d59de547
e1c1595da56ccf5a9005795c8d6ebafe118b906769a7547b08e85ff2f47a59ee
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9adf2a6db275f76dd17c5cc08dd6cfbee0c73fbb08de34127ac159ca9107763
ea60f766281949bc2177c91021568b584ff6058d917f8c3bb4a61ae1b13216d9
eead92c3e9cb274ec8c3b537c6c6da2714c3692c987f6644829e37157c1b84ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629