mail.nitroblogger.com Open in urlscan Pro
71.19.248.80  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mail.nitroblogger.com/	267 B 509 B	2291ms 111ms	Document text/html	71.19.248.80 ESECUREDATA
General Check archive.org Show headers Download Go to Full URL https://mail.nitroblogger.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 71.19.248.80 Vancouver, Canada, ASN11831 (ESECUREDATA, CA), Reverse DNS server.elitemembercenter.com Software Apache / Resource Hash 01ceee669ee5441fd66313fbc377a4beeb092ca9fd8f585420ef6c8c506ceb29 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 267 Content-Type text/html Date Sun, 04 Jun 2023 07:23:54 GMT Keep-Alive timeout=5, max=100 Last-Modified Tue, 28 Sep 2021 07:07:59 GMT Server Apache
GET H2	200	/ Show response vipaccess.lpages.co/_/js/nitro-blogger/	249 KB 36 KB	225ms 77ms	Script text/html	35.202.21.90 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://vipaccess.lpages.co/_/js/nitro-blogger/ Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 90.21.202.35.bc.googleusercontent.com Software Leadpages / Resource Hash 504f46725dfc3d319e2877d5f8161640942d8e976bdccabaee33b61b1af9816c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT strict-transport-security max-age=15768000 content-encoding br last-modified Tue, 07 Dec 2021 07:39:20 GMT server Leadpages etag W/"8eaa1879e5b441afcd453bb94dac5d4c" vary Accept-Encoding x-cache MISS, HIT content-type text/html cache-control no-cache
GET H2	200	all.min.css static.leadpages.net/fonts/font-awesome/5.14.0/css/	58 KB 15 KB	85ms 11ms	Stylesheet text/css	34.107.203.240 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css Requested by Host: vipaccess.lpages.co URL: https://vipaccess.lpages.co/_/js/nitro-blogger/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 240.203.107.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 20 May 2023 06:12:56 GMT content-encoding gzip via 1.1 google server Google Frontend age 1300258 etag "S86klQ" vary Accept-Encoding content-type text/css access-control-allow-origin * x-cloud-trace-context 909ca52a845d3ae370aefec99f23e352 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14628 expires Sun, 19 May 2024 06:12:56 GMT
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	89ms 46ms	Stylesheet text/css	2607:f8b0:4020:805::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Requested by Host: vipaccess.lpages.co URL: https://vipaccess.lpages.co/_/js/nitro-blogger/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b4868481bb7965d17c0a6a0fa2aeb84afde4e428864c7b77532fda747cedb109 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 04 Jun 2023 07:23:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 04 Jun 2023 07:23:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Jun 2023 07:23:54 GMT
GET H2	200	center.js Show response js.center.io/	12 KB 5 KB	111ms 35ms	Script application/javascript	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/center.js Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:20:10 GMT content-encoding gzip server Google Frontend age 224 etag "OMWYXg" content-type application/javascript x-cloud-trace-context 9937d03bd45410398c5005de817affb7 cache-control public, max-age=300 content-length 5417 expires Sun, 04 Jun 2023 07:25:10 GMT
GET H2	200	embed.js Show response cdn.convertbox.com/convertbox/js/	3 KB 2 KB	102ms 24ms	Script application/javascript	138.199.40.58 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.convertbox.com/convertbox/js/embed.js Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-40-58.bunnyinfra.net Software BunnyCDN-NY1-885 / Resource Hash e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 04/19/2023 19:25:39 cdn-pullzone 53020 last-modified Sun, 02 Apr 2023 23:54:10 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"642a15a2-c3c" vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31 cache-control public, max-age=31919000 cdn-requestid 5406e67e3b1dae72c1e30214541b4995 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	s-UFrclvvQ4lekGytakpuph8lDDBglbhOLFC8uW9XqdrE5Os5XQR1Wmt9TfokAKxqkGg2Z1DetVzf67PCR4fTsuOZKDjK43CpQ=w16 lh3.googleusercontent.com/	460 B 757 B	175ms 118ms	Image image/png	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/s-UFrclvvQ4lekGytakpuph8lDDBglbhOLFC8uW9XqdrE5Os5XQR1Wmt9TfokAKxqkGg2Z1DetVzf67PCR4fTsuOZKDjK43CpQ=w16 Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f9aec71ae7422a95502053027cc8f8ae8e2572fe5ef07a031d93fb980f463289 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 460 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 05 Jun 2023 07:23:54 GMT
GET H2	200	Kwdqi9T7z1dvJW0T6oY4TLNr57DiDgj8sPhkXHQjwOFh_Oiix6d7le815vBFnX4T_5w9Wh0FMPRjyilxF0j_65s8mlbnchuzMQg=s0 lh3.googleusercontent.com/	29 KB 29 KB	262ms 205ms	Image image/gif	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/Kwdqi9T7z1dvJW0T6oY4TLNr57DiDgj8sPhkXHQjwOFh_Oiix6d7le815vBFnX4T_5w9Wh0FMPRjyilxF0j_65s8mlbnchuzMQg=s0 Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f5333c872651e55b89237f4b95c90afb0b3cd90220297a14134dbeb3bd529bdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29626 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 05 Jun 2023 07:23:54 GMT
GET H/1.1	200 OK	user Show response app.convertbox.com/embed/	0 367 B	133ms 38ms	XHR text/html	34.232.30.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.convertbox.com/embed/user?uuid=aa7a872c-3ddb-4669-8edd-04cd683d8587 Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com/convertbox/js/embed.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.30.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-30-168.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Sun, 04 Jun 2023 07:23:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx/1.20.0 X-Frame-Options SAMEORIGIN Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, private Connection keep-alive Content-Length 20 X-XSS-Protection 1; mode=block
GET H2	200	identify.html Show response js.center.io/ Frame 3518	4 KB 2 KB	28ms 27ms	Document text/html	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://js.center.io/identify.html Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110 Request headers Referer https://mail.nitroblogger.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 11 cache-control public, max-age=300 content-encoding gzip content-length 2016 content-type text/html date Sun, 04 Jun 2023 07:23:43 GMT etag "OMWYXg" expires Sun, 04 Jun 2023 07:28:43 GMT server Google Frontend x-cloud-trace-context ac10276c1982fdbdab6dfbf8a3be63e6
GET H2	200	nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 fonts.gstatic.com/s/playfairdisplay/v30/	35 KB 35 KB	56ms 14ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 07:42:04 GMT x-content-type-options nosniff age 258110 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35764 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:06:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 May 2024 07:42:04 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	76ms 35ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Tue, 30 May 2023 17:29:53 GMT x-content-type-options nosniff age 395641 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 May 2024 17:29:53 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	71ms 32ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 11:57:30 GMT x-content-type-options nosniff age 242784 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 May 2024 11:57:30 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	80ms 41ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 17:08:20 GMT x-content-type-options nosniff age 51334 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 17:08:20 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	63ms 25ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sat, 03 Jun 2023 09:50:15 GMT x-content-type-options nosniff age 77619 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 02 Jun 2024 09:50:15 GMT
GET H2	200	1cXwaULHBpDMsHYW_ExBr1Q.woff2 fonts.gstatic.com/s/biorhyme/v13/	22 KB 23 KB	53ms 39ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/biorhyme/v13/1cXwaULHBpDMsHYW_ExBr1Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5768b25829172d755a6dbe9e20e6aacbfcc49e035576f8970177fb572d35ff6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 06:35:07 GMT x-content-type-options nosniff age 262127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23016 x-xss-protection 0 last-modified Tue, 02 May 2023 16:56:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 May 2024 06:35:07 GMT
GET H2	200	1cX3aULHBpDMsHYW_ET6ikGHocU.woff2 fonts.gstatic.com/s/biorhyme/v13/	23 KB 23 KB	40ms 27ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/biorhyme/v13/1cX3aULHBpDMsHYW_ET6ikGHocU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Playfair+Display:300,400,500,700|Poppins:300,400,500,700|BioRhyme:300,400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b6c4689927805a0501076a925eddf59a111109e96b377436a9d0239548b85ac3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Thu, 01 Jun 2023 09:39:01 GMT x-content-type-options nosniff age 251093 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23224 x-xss-protection 0 last-modified Tue, 02 May 2023 16:45:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 May 2024 09:39:01 GMT
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/events/	35 B 670 B	184ms 50ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=oLkmsQX32rabqAowWPx7RS&v=&e=&st=&lc=en-US&pid=vVHAqwQWtBPcHspQ4Z5AEe&uid=hEwLfZ4T7hs2nHULGqMcuM&sid=RbCvyTaWMXVnPxqRSEvVx3&cid=lp-oLkmsQX32rabqAowWPx7RS&uri=https%3A%2F%2Fmail.nitroblogger.com%2F&rf=&rx=1600&ry=1200&tz=%2B00%3A00 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Sun, 04 Jun 2023 07:23:55 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://mail.nitroblogger.com X-Forwarded-For 149.56.153.181 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01bdasvfi4jltvu0uea0
GET H2	200	s-UFrclvvQ4lekGytakpuph8lDDBglbhOLFC8uW9XqdrE5Os5XQR1Wmt9TfokAKxqkGg2Z1DetVzf67PCR4fTsuOZKDjK43CpQ=w200 lh3.googleusercontent.com/	10 KB 10 KB	28ms 27ms	Image image/png	2607:f8b0:4020:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/s-UFrclvvQ4lekGytakpuph8lDDBglbhOLFC8uW9XqdrE5Os5XQR1Wmt9TfokAKxqkGg2Z1DetVzf67PCR4fTsuOZKDjK43CpQ=w200 Requested by Host: mail.nitroblogger.com URL: https://mail.nitroblogger.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 34a89c71faa21fcdb7514bc372204fe0d1cd4804a693d9f8ae5d29dc8e2a2c28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9942 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 05 Jun 2023 07:23:54 GMT
GET H/1.1	200 OK	mix-manifest.json Show response app.convertbox.com/	4 KB 1 KB	24ms 23ms	XHR application/json	34.232.30.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.convertbox.com/mix-manifest.json?1685863435 Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com/convertbox/js/embed.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.30.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-30-168.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Sun, 04 Jun 2023 07:23:54 GMT Content-Encoding gzip Last-Modified Thu, 25 May 2023 08:51:55 GMT Server nginx/1.20.0 ETag W/"646f21ab-f99" Content-Type application/json Access-Control-Allow-Origin * Connection keep-alive Content-Length 1016
GET H/1.1	200 OK	capture api.leadpages.io/analytics/v1/observations/	35 B 356 B	121ms 41ms	Image image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,1929,111,2292,1,2297,2599,2600,2916,2916 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Sun, 04 Jun 2023 07:23:55 GMT Server Stargate Transfer-Encoding chunked X-Forwarded-For 149.56.153.181 Content-Type image/gif access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01bdasvl3936h2uu5250
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	101 B 675 B	36ms 11ms	Script text/javascript	2a04:4e42:a00::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com/convertbox/js/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 04 Jun 2023 07:23:54 GMT age 2235706 detected-user-agent Chrome Mobile/114.0.0 useragent_normaliser chrome/114.0.0 server-timing HIT, fastly;desc="Edge time";dur=0 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin last-modified Wed, 03 May 2023 00:17:37 GMT fastly_service_version 195 vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=UTF-8 access-control-allow-origin * normalized-user-agent chrome/114.0.0 cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	embed-core.js Show response cdn.convertbox.com//convertbox/js/	519 KB 138 KB	24ms 24ms	Script application/javascript	138.199.40.58 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838 Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com/convertbox/js/embed.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-40-58.bunnyinfra.net Software BunnyCDN-NY1-885 / Resource Hash 1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:54 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 09/19/2022 12:40:19 cdn-pullzone 53020 last-modified Sun, 17 Jul 2022 22:18:40 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.02 cdn-requestpullcode 200 etag W/"62d48ac0-81cb8" vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31 cache-control public, max-age=31919000 cdn-requestid ed0256c71b445b199ab406eb6067aed0 cdn-requestcountrycode CA cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bars-preview.css cdn.convertbox.com//static/css/	114 KB 15 KB	24ms 24ms	Stylesheet text/css	138.199.40.58 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182 Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS 138-199-40-58.bunnyinfra.net Software BunnyCDN-NY1-885 / Resource Hash fd01293520ca2a39e862bab2c2631a3ce64199e16856a42709061126b6121e28 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:55 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 12/07/2022 00:35:03 cdn-pullzone 53020 last-modified Thu, 01 Dec 2022 05:48:59 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.03 cdn-requestpullcode 200 etag W/"6388404b-1c694" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-requestid f8d7fa5171f6900007b7cc343de83b6c cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
POST H/1.1	404 Not Found	box Show response app.convertbox.com/embed/	825 B 794 B	54ms 54ms	XHR text/html	34.232.30.168 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.convertbox.com/embed/box Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.232.30.168 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-232-30-168.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash f2e4f47cc2cf1de34d89cb729989ca17fcb8b418146b26ce032507b25af424a4 Request headers Referer https://mail.nitroblogger.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryHzMtLtZS5wa52lkQ Response headers date Sun, 04 Jun 2023 07:23:55 GMT Content-Encoding gzip Server nginx/1.20.0 allow POST Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, private Connection keep-alive Content-Length 521
GET H2	200	css fonts.bunny.net/	23 KB 2 KB	77ms 24ms	Stylesheet text/css	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu Requested by Host: cdn.convertbox.com URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 140f9d0084e313f4256de5a079834bfa0f3f61e87db88691493f2e8da081b8f9 Request headers accept-language en-CA,en;q=0.9 Referer https://cdn.convertbox.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:55 GMT content-encoding br cdn-edgestorageid 885 x-do-app-origin 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7 x-do-orig-status 200 cdn-cachedat 05/09/2023 18:49:30 cdn-pullzone 781720 last-modified Tue, 09 May 2023 18:49:30 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid b711b36aa0c99b93049c3c07203543db cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	lato-latin-400-normal.woff2 fonts.bunny.net/lato/files/	23 KB 24 KB	197ms 97ms	Font font/woff2	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/lato/files/lato-latin-400-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Request headers Referer https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:55 GMT cdn-edgestorageid 885 cdn-storageserver NY-427 cdn-cachedat 03/10/2023 18:49:28 cdn-pullzone 781720 content-length 23580 last-modified Fri, 10 Mar 2023 04:04:44 GMT server BunnyCDN-NY1-885 cdn-fileserver 354 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "640aac5c-5c1c" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid c5b0aa991e36b2f0c7967f1d24c425e0 accept-ranges bytes cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	roboto-latin-400-normal.woff2 fonts.bunny.net/roboto/files/	15 KB 16 KB	192ms 98ms	Font font/woff2	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Request headers Referer https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu Origin https://mail.nitroblogger.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Sun, 04 Jun 2023 07:23:55 GMT cdn-edgestorageid 885 cdn-storageserver NY-346 cdn-cachedat 03/10/2023 18:49:28 cdn-pullzone 781720 content-length 15744 last-modified Fri, 10 Mar 2023 06:03:03 GMT server BunnyCDN-NY1-885 cdn-fileserver 427 cdn-requestpullcode 200 cdn-proxyver 1.03 etag "640ac817-3d80" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid c935fc9dcd6717e1e5efaf363788d937 accept-ranges bytes cdn-requestcountrycode CA access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	capture Show response api.leadpages.io/analytics/v1/observations/	35 B 445 B	43ms 42ms	XHR image/gif	35.192.151.63 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=kQXBKvKGZuqzT9njvKKUmU&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=114.5,95.4000015258789,1,184.5 Requested by Host: js.center.io URL: https://js.center.io/center.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 63.151.192.35.bc.googleusercontent.com Software Stargate / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language en-CA,en;q=0.9 Referer https://mail.nitroblogger.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Sun, 04 Jun 2023 07:23:59 GMT Server Stargate Transfer-Encoding chunked access-control-max-age 600 Content-Type image/gif access-control-allow-origin https://mail.nitroblogger.com X-Forwarded-For 149.56.153.181 access-control-expose-headers LP-Security-Token access-control-allow-credentials true Connection keep-alive x-request-id 01bdatv4un9l3ef0q4b0

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| LeadPagesCenterObject function| center object| sup object| cbox function| setImmediate function| clearImmediate function| _ object| regeneratorRuntime function| HowlerGlobal object| Howler function| Howl function| Sound

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.api.leadpages.io/analytics/v1/events/capture	1970-01-20 12:19:09	Name: view.vVHAqwQWtBPcHspQ4Z5AEe.oLkmsQX32rabqAowWPx7RS Value: 1685863435000
			js.center.io/	1970-01-20 21:53:43	Name: centerVisitorId Value: hEwLfZ4T7hs2nHULGqMcuM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.convertbox.com/embed/box Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
app.convertbox.com
cdn.convertbox.com
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
js.center.io
lh3.googleusercontent.com
mail.nitroblogger.com
polyfill.io
static.leadpages.net
vipaccess.lpages.co
138.199.40.58
2001:4860:4802:32::15
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2a02:6ea0:c454::1
2a04:4e42:a00::282
34.107.203.240
34.232.30.168
35.192.151.63
35.202.21.90
71.19.248.80
01ceee669ee5441fd66313fbc377a4beeb092ca9fd8f585420ef6c8c506ceb29
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
140f9d0084e313f4256de5a079834bfa0f3f61e87db88691493f2e8da081b8f9
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
34a89c71faa21fcdb7514bc372204fe0d1cd4804a693d9f8ae5d29dc8e2a2c28
504f46725dfc3d319e2877d5f8161640942d8e976bdccabaee33b61b1af9816c
5768b25829172d755a6dbe9e20e6aacbfcc49e035576f8970177fb572d35ff6f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd
b4868481bb7965d17c0a6a0fa2aeb84afde4e428864c7b77532fda747cedb109
b6c4689927805a0501076a925eddf59a111109e96b377436a9d0239548b85ac3
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84
f2e4f47cc2cf1de34d89cb729989ca17fcb8b418146b26ce032507b25af424a4
f5333c872651e55b89237f4b95c90afb0b3cd90220297a14134dbeb3bd529bdd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9aec71ae7422a95502053027cc8f8ae8e2572fe5ef07a031d93fb980f463289
fd01293520ca2a39e862bab2c2631a3ce64199e16856a42709061126b6121e28