ctpaidleave.org Open in urlscan Pro
96.43.152.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ctpaidleave.org/s/prepare-for-registration
Effective URL:
https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Submission: On May 17 via manual (May 17th 2022, 6:30:28 pm UTC) from US — Scanned from US

Summary HTTP 116 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 30 IPs in 2 countries across 28 domains to perform 116 HTTP transactions. The main IP is 96.43.152.48, located in United States and belongs to SALESFORCE, US. The main domain is ctpaidleave.org. The Cisco Umbrella rank of the primary domain is 593850.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on August 16th 2021. Valid for: a year.

This is the only time ctpaidleave.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 42	96.43.152.48 96.43.152.48	14340 (SALESFORCE) (SALESFORCE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1	99.84.37.36 99.84.37.36	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:210b:cc00:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1400:900... 2600:1400:9000::687e:74ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	52.26.14.45 52.26.14.45	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	13.225.213.71 13.225.213.71	16509 (AMAZON-02) (AMAZON-02)
4	3.210.129.57 3.210.129.57	14618 (AMAZON-AES) (AMAZON-AES)
9	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2607:f8b0:400... 2607:f8b0:4004:c06::69	15169 (GOOGLE) (GOOGLE)
1 3	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9b	15169 (GOOGLE) (GOOGLE)
1 2	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80a::2003	15169 (GOOGLE) (GOOGLE)
2 10	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	44.237.245.87 44.237.245.87	16509 (AMAZON-02) (AMAZON-02)
1 1	184.85.195.135 184.85.195.135	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
116	30

42 96.43.152.48 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: na21-1-chx.inst.siteforce.com

ctpaidleave.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-36.ewr52.r.cloudfront.net

public.tockify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:cc00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74ca (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.26.14.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-14-45.us-west-2.compute.amazonaws.com

10c74506-e543-446d-9c0f-434bc9d87771.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:22::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.213.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-213-71.ewr50.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.210.129.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-129-57.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81f::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2002 (Staten Island, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2006 (Staten Island, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2001 (Staten Island, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2016 (Staten Island, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80a::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.245.87 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-245-87.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.85.195.135 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ctpaidleave.org 1 redirects ctpaidleave.org — Cisco Umbrella Rank: 593850	3 MB
13	adsrvr.org 2 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 625 match.adsrvr.org — Cisco Umbrella Rank: 338	14 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	375 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	734 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 358 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	4 KB
6	google.com www.google.com — Cisco Umbrella Rank: 7	36 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 511 www.linkedin.com — Cisco Umbrella Rank: 616 px4.ads.linkedin.com — Cisco Umbrella Rank: 4745	4 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 jnn-pa.googleapis.com — Cisco Umbrella Rank: 276	53 KB
4	demdex.net 4 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	3 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3970	7 KB
4	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 14991 10c74506-e543-446d-9c0f-434bc9d87771.rlets.com	45 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	152 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	622 B
2	bing.com bat.bing.com — Cisco Umbrella Rank: 375	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 17600	556 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	498 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 551	540 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 714	40 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	903 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 458	846 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	15 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 211	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 939	3 KB
1	tockify.com public.tockify.com — Cisco Umbrella Rank: 60060	9 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	7 KB
116	28

	Domain	Requested by
42	ctpaidleave.org	1 redirects ctpaidleave.org
9	www.youtube.com	ctpaidleave.org www.youtube.com
8	match.adsrvr.org	ctpaidleave.org js.adsrvr.org
6	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
6	www.google.com	ctpaidleave.org www.youtube.com www.gstatic.com www.google.com
4	dpm.demdex.net	4 redirects
4	jnn-pa.googleapis.com	www.youtube.com
4	tags.srv.stackadapt.com	ctpaidleave.org tags.srv.stackadapt.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com ctpaidleave.org
3	fonts.gstatic.com	www.youtube.com www.google.com
3	px.ads.linkedin.com	3 redirects
3	10c74506-e543-446d-9c0f-434bc9d87771.rlets.com	cdn.rlets.com
3	www.googletagmanager.com	ctpaidleave.org
3	js.adsrvr.org	ctpaidleave.org match.adsrvr.org
2	ups.analytics.yahoo.com	2 redirects
2	insight.adsrvr.org	2 redirects
2	bat.bing.com	ctpaidleave.org
2	www.google-analytics.com	ctpaidleave.org www.google-analytics.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	www.facebook.com	ctpaidleave.org
2	p.adsymptotic.com	1 redirects ctpaidleave.org
2	connect.facebook.net	ctpaidleave.org connect.facebook.net
2	maxcdn.bootstrapcdn.com	ctpaidleave.org
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	tags.bluekai.com	1 redirects
1	www.googleadservices.com	ctpaidleave.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	cdn.rlets.com	ctpaidleave.org
1	public.tockify.com	ctpaidleave.org
1	cdnjs.cloudflare.com	ctpaidleave.org
1	ajax.googleapis.com	ctpaidleave.org
116	38

This site contains links to these domains. Also see Links.

Domain
login.ct.gov
ctpaidleave.my.salesforce.com
www.irs.gov
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.linkedin.com
ctpaidleave.medium.com

Subject Issuer	Validity	Valid
ctpaidleave.org RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-16` - `2022-09-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tockify.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.rlets.com Amazon	`2021-12-30` - `2023-01-28`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.reachlocalservices.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Frame ID: B7128AB05967A35F0E96212344D253D1
Requests: 71 HTTP requests in this frame

Frame: https://10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/static/storage.html
Frame ID: 7B9D081B221CC99F069A83234FA9F51D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/N3n-S66h42o
Frame ID: 54ECC6DE07EFA96471B411743D73F7C0
Requests: 20 HTTP requests in this frame

Frame: https://ctpaidleave.org/resource/1647563732000/recaptcha3Prod
Frame ID: 8A2D9743976137DB23EC45D506607E61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx&co=aHR0cHM6Ly9jdHBhaWRsZWF2ZS5vcmc6NDQz&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=v5i4bz5ytbb5
Frame ID: 2F60A89E31A5C1A6754F83679B2FEE9F
Requests: 8 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0
Frame ID: D7698556740AC83400E7EB0B752C074F
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0
Frame ID: B906F0B2BB1948A9712D6AD734574E9D
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 8F8C85FB8D8B1B799753E5119AF78753
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Frame ID: 49DB7056DF73381015166B4ED5379E94
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vg1FnWFE2uL7xmrUyQbtKQC75uNtbsQ-~A&gdpr=0&gdpr_consent=
Frame ID: 80D72227EC13830A2408BBFC5A038771
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 20C1F1819FC6F1DAD599EF34527E4953
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 1D77BFC6E179605B554D36E0F7770A4C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&google_gid=CAESEIfqPKF36sPAGkU9GEDcLQ4&google_cver=1
Frame ID: A3195652C1344BF5F9EF3BFFF96D0F72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prepare for Registration

Page URL History Show full URLs

https://ctpaidleave.org/s/prepare-for-registration HTTP 301
https://ctpaidleave.org/s/prepare-for-registration?language=en_US Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

116
Requests

97 %
HTTPS

60 %
IPv6

28
Domains

38
Subdomains

30
IPs

2
Countries

4742 kB
Transfer

13376 kB
Size

48
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://login.ct.gov/ctidentity/registration?goto=https://ctpaidleave.org/login
Title: Create Account

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000002aHp/0TTylJsWrYjJlNM8ADO2GGyk.aKbsxs1SXTyqb6CVpM
Title: EMPLOYER FACT SHEET Download Employer Fact Sheet PDF

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/#t00000004XRe/a/t00000002aGN/7Azh7AKJ3XvEkHynhJ4qx4zQaRf4SJsVwYeVpNygG3E
Title: EMPLOYEe FACT SHEET Download Employer Fact Sheet PDF

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000017vMh/FwJw9rrGVYALLPNRrycUpqcbHuWqS9QDw6T4yrfshmg
Title: Employer TOOLKIT Download Toolkit PDF

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t0000000qk2p/RbPBO6ziDD8QVQRKwy_aUptTZuXJrwMdiSWeiB7czg8
Title: HR TOOLKIT HR TOOLKIT

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000017vN1/2UwuuKW42dIuyQzGgCcU56x7gDWt_RIDtBSaxBUhPz0
Title: INFO CARD Download Info Card PDF

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000017vNG/HAdrafNSLw99uDP3SasnRAj8K4lW.wqwDtukduutsmo
Title: Paycheck MAILER Download Mailer PDF

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000017vPH/IYK_GaizuYSGI4PeNMl128HN2hn8O1vZ9diq3q7VKX8
Title: Poster Download Poster PDF

Search URL Search Domain Scan URL

URL: https://www.irs.gov/businesses/small-businesses-self-employed/lost-or-misplaced-your-ein
Title: Find My Number

Search URL Search Domain Scan URL

URL: https://ctpaidleave.my.salesforce.com/sfc/p/t00000004XRe/a/t00000017Xo7/6jAAC0cg4N9uKnPzkB03zr6i2XyrdN_BIP_BqdF8ZjQ
Title: Downloadthe Sole Proprietor Registration Checklist

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CTPaidLeave

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ctpaidleave/

Search URL Search Domain Scan URL

URL: https://twitter.com/CTPaidLeave

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCI77ghYG5cL60Zp307u4BRQ/featured?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ct-paid-leave/

Search URL Search Domain Scan URL

URL: https://ctpaidleave.medium.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ctpaidleave.org/s/prepare-for-registration HTTP 301
https://ctpaidleave.org/s/prepare-for-registration?language=en_US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2882372%26time%3D1652812221528%26url%3Dhttps%253A%252F%252Fctpaidleave.org%252Fs%252Fprepare-for-registration%253Flanguage%253Den_US%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true&liSync=true&e_ipv6=AQJ0mHEtn2EUBAAAAYDTSQ1WURfI2ontmCcR5wah_plbbmTHZQm9vcGo8PDk1RR9r7K9DWOR0lDpj2pgr2iqpJifW8ba HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951&_expected_cookie=efa81f10fdf8b3b93a912e33f3fac536

Request Chain 68

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 102

https://insight.adsrvr.org/track/up?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0

Request Chain 103

https://insight.adsrvr.org/track/up?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0

Request Chain 107

https://dpm.demdex.net/ibs:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 108

https://tags.bluekai.com/site/5386?id=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

Request Chain 109

https://ups.analytics.yahoo.com/ups/55953/sync?uid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vg1FnWFE2uL7xmrUyQbtKQC75uNtbsQ-~A&gdpr=0&gdpr_consent=

Request Chain 110

https://dpm.demdex.net/ibs:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 111

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjJkOWEwZTAtNjIzNy00NGFhLWFlOTEtZTFjMTlkZTZhYjk0&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&google_gid=CAESEIfqPKF36sPAGkU9GEDcLQ4&google_cver=1

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request prepare-for-registration Show response
ctpaidleave.org/s/
Redirect Chain

https://ctpaidleave.org/s/prepare-for-registration
https://ctpaidleave.org/s/prepare-for-registration?language=en_US

105 KB
28 KB

226ms
225ms

Document
text/html

96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

f296b4093b4f2a76815f1bf18ee47c2bcca86b16073606d98d527bc8eb40cd8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Tue, 17 May 2022 18:30:20 GMT
Expires: Mon, 17 May 2021 18:30:20 GMT
Last-Modified: Mon, 17 May 2021 18:30:20 GMT
Link: </s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js>;rel=preload;as=script;nopush
Referrer-Policy: origin-when-cross-origin
Server-Timing: Total;dur=194
Strict-Transport-Security: max-age=63072000; includeSubDomains
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Origin Accept-Encoding
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy: upgrade-insecure-requests
Date: Tue, 17 May 2022 18:30:20 GMT
Location: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aura_prod.js Show response
ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/ 756 KB
239 KB 68ms
50ms Script
text/javascript 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

16ea004407145077ab31e3c5aa44176e12bfd3a124a554ac28fdb0c26180f8a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server-Timing
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=14
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.js Show response
ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7... 2 MB
447 KB 197ms
96ms Script
text/javascript 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-2.5.13-236.5-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

5c15e0865e000559c8870b938c252322ddc6e1bb95b71ec52ff8e330f905dda1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET bootstrap.min.css
ctpaidleave.org/resource/bootstrapFrameworkv413/bootstrap413/dist/css/ 0
0

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/ 157 KB
25 KB 51ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 12568479
cdn-cachedat: 2021-06-08 14:32:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e323c73837534437c5aa49efabe18890
cf-ray: 70ce6c7d782d8c18-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 130ms
25ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 00:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 00:00:13 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 31ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6268829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6696
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FoERR6o7F%2B6mgl1KJ6LMW1hBHI%2BbrascKpbRTE8s%2FXDfssNpR71m3Hd0hiSCKKnag5sOLQoB68v9m1IJIoM4s4SlLl9341k5bXfW%2Bov0DBAOsvnvY9aKO%2FqeF5j9wEs5M7UK1AOp6ox668R69hBTe0X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70ce6c7e68ad17f5-EWR
expires: Sun, 07 May 2023 18:30:21 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/ 59 KB
15 KB 23ms
23ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 718, 718
age: 12568480
cdn-cachedat: 2021-04-27 10:27:09
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a48189d4c8739fe896a8d15eb9a6e4d3
cf-ray: 70ce6c7e8a768c18-EWR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 404
Not Found createLandmarks
ctpaidleave.org/s/sfsites/c/resource/ 0
0 55ms
54ms Script
text/html 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/c/resource/createLandmarks

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-gia.force.com/_/ContentDomainCSPNoAuth?type=communities
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 45ms
5ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 06:54:06 GMT
Via: 1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 41776
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: R-n1lyr0ndGqxQxQDELHKgouJEyvrDpEavGTV38NhsVetiiHDLXMiw==

GET
H2 200 embed.js Show response
public.tockify.com/browser/ 24 KB
9 KB 51ms
15ms Script
application/javascript 99.84.37.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.tockify.com/browser/embed.js
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-36.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 3a4fe89148ae8d3ef68a48b8f3b948f94e6af140f0c483edebb9afdac187938c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:29:46 GMT
content-encoding: br
last-modified: Thu, 12 May 2022 13:04:41 GMT
server: nginx
age: 36
etag: W/"627d05e9-602c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4d95e17a6f22c6bea5ad0f9769f73450.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: usnSoYDoWtobvkPcBjFSSeNMUT9csQ-lKMe0BNDag_I2T1fbQPPURA==
expires: Tue, 17 May 2022 18:30:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
71 KB 48ms
27ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54P36LD

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6a1b8573ffa10ecbc773003b3b7ff49dd349e75e2cf4a9332122e4462c42a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72420
x-xss-protection: 0
last-modified: Tue, 17 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 18:30:21 GMT

GET
H2 200 543446d9c0f434bc9d87771.js Show response
cdn.rlets.com/capture_configs/10c/745/06e/ 169 KB
42 KB 72ms
6ms Script
text/javascript 2600:9000:210b:cc00:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_configs/10c/745/06e/543446d9c0f434bc9d87771.js
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:cc00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbd9795facdf188928227928c0de1bd060a8e634fc9c9ee03c0307d99af31063

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 08:06:56 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 21:01:28 GMT
server: AmazonS3
age: 37940
etag: W/"7ebe7cff0370db2daf531e578f055073"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 4ce15cd7013298653f4333aa57416c80.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
x-amz-cf-id: mGdnO6PiqsmsWJKU6M6QpnWmcOaqCxtJ7kax-ewQvE4hvIz8JTSVYg==

GET
H/1.1 200
OK fonts.css
ctpaidleave.org/s/sfsites/runtimedownload/ 0
500 B 31ms
30ms Stylesheet
text/css 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/runtimedownload/fonts.css?lastMod=1623975550000&brandSet=ba963850-f26e-46cc-ba74-91b53d7a5194

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 18 Jun 2021 00:19:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public,max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Wed, 17 May 2023 18:30:21 GMT

GET
H/1.1 200
OK app.css
ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZms... 980 KB
121 KB 71ms
71ms Stylesheet
text/css 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22ONiFKBwYcZCAInhc3xfqZg%22%2C%22cuid%22%3A-884530132%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22ba963850-f26e-46cc-ba74-91b53d7a5194%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22246%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%2284ea1747-2d84-4b24-b20e-07e725e1588b%22%7D&2

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

9f0a1c2a1d4e5b95877622a2893bb2e6c7f8f325502013392864d03310b480bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,public,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK resources.js Show response
ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2F... 6 KB
2 KB 108ms
108ms Script
text/javascript 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

7f307f90f8c4d18709aecf97708362ddbdf8291f03eb3d4beaf1a3e48bd1d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000,private,immutable
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 53ms
7ms Script
application/x-javascript 2600:1400:9000::687e:74ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54P36LD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000::687e:74ca New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=72178
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 16ms
5ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: kl20n3Kj0eLehs73a067YQL5YT5gvRrNLfavmEPgSxrI46DGRbOXqQ/Hym2klrQrJciS9u7nfUIc+/rkqm+Z9g==
x-fb-trip-id: 1512268381
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 17 May 2022 18:30:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 storage.html Show response
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/static/ Frame 7B9D 2 KB
2 KB 298ms
92ms Document
text/html 52.26.14.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/10c/745/06e/543446d9c0f434bc9d87771.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.14.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-14-45.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f4a9e44108a6f4fc9f4913d61136eb30f556f4feb17c6dc6ea16195a3755707d

Request headers

Referer: https://ctpaidleave.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 2076
content-type: text/html
date: Tue, 17 May 2022 18:30:21 GMT
last-modified: Thu, 21 Apr 2022 16:13:58 GMT

GET
H3 200 352340779162873 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/352340779162873?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f189e803804dd9bb6f484b6e9a1e61770118c038992b3b736b2d42877fe1025b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88802
x-xss-protection: 0
pragma: public
x-fb-debug: 61BUl9aNJuNdUjtNQWxGHo+0eR2UNTuxOB9qekHomcmvIsPPCefZGoc0xomLfIV2zAU6XeRN5xCU8NOz8b+fvw==
x-frame-options: DENY
date: Tue, 17 May 2022 18:30:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2882372%26time%3D1652812221528%26url%3Dhttps%253A%252F%252Fctpaidleave.org%252Fs%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2882372&time=1652812221528&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&cookiesTest=true&liSync=true&e_ipv...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951&_expected_cookie=efa81f10fdf8b3b93a912e33...

43 B
142 B

25ms
24ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951&_expected_cookie=efa81f10fdf8b3b93a912e33f3fac536
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Protocol: H2
Server: 104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 70ce6c830c38190e-EWR
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=a9952795-9623-4446-bfcd-8d7655bdb951&_expected_cookie=efa81f10fdf8b3b93a912e33f3fac536
date: Tue, 17 May 2022 18:30:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 70ce6c82dbd4190e-EWR
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK bootstrap.js Show response
ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2F... 660 KB
126 KB 282ms
282ms Script
text/javascript 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22jLgHYnTxNgZU26ub1uYutA%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%221730203071%22%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22ba963850-f26e-46cc-ba74-91b53d7a5194%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22246%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%2284ea1747-2d84-4b24-b20e-07e725e1588b%22%7D

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

a9d67b9786c355d9d37eee08fe54959622313bcf57492f12ff55e10496620b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 17ms
5ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352340779162873&ev=PageView&dl=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&rl=&if=false&ts=1652812221707&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1652812221705.829957762&it=1652812221502&coo=false&rqm=GET

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 17 May 2022 18:30:21 GMT

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 36 B
556 B 195ms
194ms XHR
application/json 13.225.213.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/10c/745/06e/543446d9c0f434bc9d87771.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.213.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-71.ewr50.r.cloudfront.net
Software: /
Resource Hash: 9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3

Request headers

Referer: https://ctpaidleave.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 17 May 2022 18:30:22 GMT
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: b23c44b3-0248-4429-9baa-922ae7a71141
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6283e9be-6638633a21962ba408843ca5;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: SSF1uEcMvHcFW3A=
content-length: 36
x-amz-cf-id: sll50KBI5JbfU9K-_6aQHSDQzuz6Ywsy6v6xK58YUcJqPrgu1jFWSA==
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 116ms
68ms Preflight
application/json 13.225.213.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.213.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-213-71.ewr50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ctpaidleave.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 17 May 2022 18:30:21 GMT
via: 1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
x-amz-apigw-id: SSF1sHf7PHcF_5w=
x-amz-cf-id: doxH_AjK4Nk833bpPA-GtjewdHo34ISY9eqwYTu9voRrENvWObKfdg==
x-amz-cf-pop: EWR50-C1
x-amzn-requestid: de50fb10-d535-48e5-873f-02c1e69a4914
x-cache: Miss from cloudfront

GET
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 423 KB
67 KB 246ms
246ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22a4a8ae1a-9c36-4762-83cc-b8e8fbba5ee1%22%2C%22routeType%22%3A%22custom-prepare-for-registration%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22viewid%22%3A%22337ee5b4-205e-4919-833e-52e5a4f003b8%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A246%2C%22brandingSetId%22%3A%22ba963850-f26e-46cc-ba74-91b53d7a5194%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22apck%22%3A%22jLgHYnTxNgZU26ub1uYutA%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

fbbcb736a9eed942f219572b43d28743ef188212f99c5bd7e8843f5a42c24b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 74 KB
20 KB 144ms
144ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=1&ui-comm-runtime-components-aura-components-siteforce-controller.PubliclyCacheableComponentLoader.getAudienceTargetedPageComponent=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

2a545f7f986f44daf38dba3cd8d5753bc960f55c0428c783e6fab0045f5b23d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=113
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
38 KB 40ms
27ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-177129997-1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7d9c246005c3f4e8ddd4c1e4540dc8e97eef4dbd7a15fc2e8377f6e879c4139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39379
x-xss-protection: 0
last-modified: Tue, 17 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 18:30:22 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 975 KB
230 KB 99ms
98ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=2&aura.Component.getComponentDef=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

d3677747b3b438fbbd263fb33a659893cc0fb17f5c190e3c43b3e7e0a9c9d956

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 1720500000e479125b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H/1.1 200
OK CTPLParentLogo
ctpaidleave.org/file-asset/ 108 KB
109 KB 108ms
108ms Image
image/jpeg 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/file-asset/CTPLParentLogo?v=1&height=300&width=300

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

4fd93fcb52613fe2a9430be5a995a6507a28521bcdaf315374e0073cbd069507

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 3 Dec 2020 16:55:17 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=3888000
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="CTPLParentLogo.jpg"; filename*=utf-8''CTPLParentLogo.jpg
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Content-Length: 111024
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK Ubuntu
ctpaidleave.org/s/sfsites/c/resource/ 38 KB
39 KB 82ms
82ms Font
application/font-woff 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/c/resource/Ubuntu?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

ffbe818be4c8336352f14d6b780c37bf26660aeaed256cd5c44ced9792043ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Origin: https://ctpaidleave.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/font-woff
Content-Length: 39164
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK facebookIconWhite
ctpaidleave.org/sfsites/c/resource/ 8 KB
8 KB 252ms
89ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/facebookIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

16f22256e0ab41c0d42f8c89f3e3181750411920febf66fec55e70c002cf6d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 7976
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK instagramIconWhite
ctpaidleave.org/sfsites/c/resource/ 10 KB
11 KB 483ms
46ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/instagramIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

205b40e3f15cd7e4c84a1233d257ec9f903eef6e8e2df5e27211351b0d73b523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 10382
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK twitterIconWhite
ctpaidleave.org/sfsites/c/resource/ 10 KB
10 KB 156ms
61ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/twitterIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

ed8a49d768b2b748234755726fc113bedd6469c569fe73734ae02f0a68873b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:44 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 10047
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK youtubeIconWhite
ctpaidleave.org/sfsites/c/resource/ 8 KB
8 KB 151ms
56ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/youtubeIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

5849bd683874914451197f0fff8dc0304f7315c763749dd3d2abfef3607ce77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:45 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 8174
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK LinkedInIconWhite
ctpaidleave.org/sfsites/c/resource/ 682 KB
683 KB 143ms
88ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/LinkedInIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

fd23c65f8b65e68a62147a08150445d17a9c09bca0d8338e7419251952a23ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 22 Apr 2022 00:51:38 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 698862
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK MediumIconWhite
ctpaidleave.org/sfsites/c/resource/ 682 KB
683 KB 149ms
115ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/MediumIconWhite?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

3e09999e6e8ce931992be61389cf7e1c8156b03aad85cca211904bd964b9d527

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 22 Apr 2022 00:51:38 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 698862
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK FooterLogo
ctpaidleave.org/sfsites/c/resource/ 6 KB
6 KB 150ms
50ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/FooterLogo?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

56881a16e6973888dea2b9d26003c9521a078100d82acd6418c2adb33e4a5d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 5751
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 17 KB
6 KB 79ms
14ms Script
text/javascript 3.210.129.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.129.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-129-57.compute-1.amazonaws.com
Software: /
Resource Hash: 2f7fe8e9c9bad9b91948326df0b71dfae1cc953da258766b1f1b6c6b463e458b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Cache-Control: max-age=5
Content-Length: 5410
Connection: keep-alive
Content-Type: text/javascript

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 116 KB
33 KB 324ms
253ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=3&aura.Component.getComponent=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=2&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=2&ui-communities-components-aura-components-forceCommunity-themeHeader.ThemeHeader.getHeaderConfig=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

c99e08f1494bf6d1455d3ec779a7ca540a593a08452f7da8de6eb63f31853f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 1832690000223c6c05
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=218
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 207 KB
42 KB 258ms
242ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=4&aura.Component.getComponentDef=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=9

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

04c7186b50648108bbb6b8a0c073f6d365643a89c3773af176ee94c7381945f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 1913190000a13e8092
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=183
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 42 KB
9 KB 261ms
246ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.communities.components.aura.components.forceCommunity.managedContent.ManagedContentComponentController%2FACTION%24getRenderData%22%2C%22callingDescriptor%22%3A%22markup%3A%2F%2FforceCommunity%3AmanagedContent%22%2C%22params%22%3A%7B%22contentItemUrlNameIds%22%3A%5B%5D%2C%22contentItemContentKeys%22%3A%5B%22MCWWTGFTNTKJD4TPI4YIMWMSXVV4%22%5D%7D%2C%22version%22%3A%2254.0%22%2C%22storable%22%3Atrue%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%222yRFfs4WfGnFrNGn9C_dGg%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22PAjEh9HEIZmsDpK-Y8SVTg%22%7D%2C%22apck%22%3A%22jLgHYnTxNgZU26ub1uYutA%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

bc350db2fcc08b8af32903faef7283a9d5c707ece8060576028d54f9ca66cf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 19153900008c8ea9b2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 16 May 2022 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600,public
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H/1.1 200
OK AndoRegular
ctpaidleave.org/s/sfsites/c/resource/ 22 KB
22 KB 81ms
60ms Font
application/font-woff 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/c/resource/AndoRegular?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

4ad4453322a296867777e5da6f3c661eb638af90b7e9a4d357e926ebe4de2804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Origin: https://ctpaidleave.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Aug 2020 11:08:43 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/font-woff
Content-Length: 22136
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H2 200 N3n-S66h42o Show response
www.youtube.com/embed/ Frame 54EC 62 KB
27 KB 99ms
57ms Document
text/html 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/N3n-S66h42o

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

160d4a7431853a52638f18c095b81fb2473d62201bffb59c096622b73ff9d46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctpaidleave.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 17 May 2022 18:30:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 161ms
74ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=6&aura.ApexAction.execute=2&aura.Component.reportFailedAction=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

e9abd2e42aaf0f565b67ceb209bad494527b88dcd1ad4f448842a578eb25c174

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 2025590000bd1ad19d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=44
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H/1.1 200
OK icon_Num1
ctpaidleave.org/resource/1608229016000/ 2 KB
2 KB 138ms
60ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/resource/1608229016000/icon_Num1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

a8eea6fcbd631dba13db3f61bdfc61b60009571041fdb3a1266aa3512c9e07f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 18:16:56 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 2043
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK icon_Num2
ctpaidleave.org/resource/1608229026000/ 2 KB
3 KB 184ms
45ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/resource/1608229026000/icon_Num2

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

a46678929f631077206819b195bc552f2de9597529c3b4e7eefdc0af194fc127

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 18:17:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 2485
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK icon_Num3
ctpaidleave.org/resource/1608229035000/ 2 KB
3 KB 182ms
39ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/resource/1608229035000/icon_Num3

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

adc68dd868801098fe2d24ba517dad9c624df07acebe37be4916eb3ea7e97c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 18:17:15 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 2554
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK icon_Envelope
ctpaidleave.org/resource/1607998091000/ 5 KB
5 KB 168ms
39ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/resource/1607998091000/icon_Envelope

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

e2649e2b8fa98033cec27a33a9e70f0e03f6cbafa46c6dcb38f7ea2a4b7478f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 15 Dec 2020 02:08:11 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 4972
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK solePropCheckBox
ctpaidleave.org/sfsites/c/resource/ 427 B
879 B 80ms
79ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/solePropCheckBox?

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

eddc19f5547ee7331968f5915b2360b6e80e0599be9a108f0e6e34cefa48e5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 30 Oct 2020 22:04:08 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 427
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

GET
H/1.1 200
OK headerLogo
ctpaidleave.org/sfsites/c/resource/ 108 KB
109 KB 83ms
82ms Image
image/jpeg 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/sfsites/c/resource/headerLogo

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

4fd93fcb52613fe2a9430be5a995a6507a28521bcdaf315374e0073cbd069507

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sat, 31 Oct 2020 11:28:10 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/jpeg
Content-Length: 111024
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jul 2022 18:30:22 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 157ms
39ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=7&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.getAllowedPostMessageOrigins=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

78c0b9e8c3fe38b804fa6b63ce7d7a97771f9aa37fd997747e5237471ba3ef9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 20660900007d459da6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=11
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 319ms
192ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=8&aura.ApexAction.execute=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

36cbd544f0d727ca6b1841d155d9bbeb75dc4051841f60a4e2ed3f82aa1345b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 206869000064a789fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=164
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
8ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6181
date: Tue, 17 May 2022 16:47:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 17 May 2022 18:47:21 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 13ms
12ms Stylesheet
text/css 3.210.129.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.129.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-129-57.compute-1.amazonaws.com
Software: /
Resource Hash: fbe6ce558b8d2b1062b3d05fe590a199c89cd936721e6c5cd948a7b99afd1c99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 17 May 2022 18:30:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 58ms
13ms Fetch
image/jpeg 3.210.129.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.129.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-129-57.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 17 May 2022 18:30:22 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H3 200 www-player.css
www.youtube.com/s/player/00e475bf/ Frame 54EC 335 KB
46 KB 19ms
5ms Stylesheet
text/css 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f1cb47d54f352c17e03a3aaedba81558123b3fdcc0ca4c48694e57efa56158c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 14 May 2022 12:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47181
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 May 2023 12:03:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/00e475bf/www-embed-player.vflset/ Frame 54EC 280 KB
86 KB 22ms
10ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e70228a4c8e96a3d0824f76e11053163e75275ddfe8db684fd85fb8a9dcf9198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 444349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88038
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:04:33 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/ Frame 54EC 2 MB
527 KB 25ms
13ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b111cd3b254af7d6d1523fb9aee239283058a75e8525259115fa7a045d157e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 540054
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 17 May 2023 17:59:12 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/00e475bf/fetch-polyfill.vflset/ Frame 54EC 9 KB
3 KB 28ms
16ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 444349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:04:33 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 226ms
220ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=9&aura.ApexAction.execute=1&ui-comm-runtime-components-aura-components-siteforce-qb.Quarterback.getAllowedPostMessageOrigins=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

4e654ec1d65df653e2b40dee28f49ec84c06fa401a736324b4736c3400716b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 2199290000cb6ecfbe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=193
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54EC 15 KB
16 KB 26ms
6ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 24528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 11:41:34 GMT

GET
H/1.1 200
OK recaptcha3Prod Show response
ctpaidleave.org/resource/1647563732000/ Frame 8A2D 2 KB
1 KB 37ms
36ms Document
text/html 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/resource/1647563732000/recaptcha3Prod

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

a2b4953a91081a3afb9195dfdf376cb16526444a6512c12da644e40bac736711

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: public,max-age=3888000,immutable
Content-Encoding: gzip
Content-Length: 738
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'self'
Content-Type: text/html;charset=UTF-8
Date: Tue, 17 May 2022 18:30:22 GMT
Expires: Fri, 01 Jul 2022 18:30:22 GMT
Last-Modified: Fri, 18 Mar 2022 00:35:32 GMT
P3P: CP="CUR OTR STA"
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK f9x_2hOHeNfUR1viu2tzC04_olXVXKsMWKfYWXKaOTI=
ctpaidleave.org/cms/delivery/media/ 8 KB
8 KB 104ms
104ms Image
image/png 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ctpaidleave.org/cms/delivery/media/f9x_2hOHeNfUR1viu2tzC04_olXVXKsMWKfYWXKaOTI=?width=450&height=150

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

4409f21fa5d51255acb60dc055fb6099a8e28f6ac515701a97c3e3ad5102789b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sat, 15 Aug 2020 01:23:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3600
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="Download_CTPL Icon 100x100px-22.png"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Content-Length: 8149
X-XSS-Protection: 1; mode=block
Expires: Tue, 17 May 2022 19:30:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 79ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F110D87D1B6A4E5F9837C13A8CA025A5 Ref B: EWR30EDGE0411 Ref C: 2022-05-17T18:30:22Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 17 May 2022 18:30:22 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 27ms
26ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-407103705

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

430d7ac122791f309bc5df732e7e8433395fb911307437200fb5a83274f4f3a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42967
x-xss-protection: 0
last-modified: Tue, 17 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 17 May 2022 18:30:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
19ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1005254884&t=pageview&_s=1&dl=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&dp=%2Fs%2Fprepare-for-registration&ul=en-us&de=UTF-8&dt=Prepare%20for%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=889596129&gjid=1242381193&cid=1005684619.1652812223&tid=UA-177129997-1&_gid=1913439879.1652812223&_r=1&gtm=2ou5g0&z=746876430

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ctpaidleave.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 17 May 2022 18:30:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ctpaidleave.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 207ms
206ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=10&aura.ApexAction.execute=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

209d583aab779bed54f13b497ef76b6a4b2341dce281fb69d7489d9f7f6cf020

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 2466290000a6221198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=178
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 8A2D 884 B
1000 B 52ms
25ms Script
text/javascript 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/resource/1647563732000/recaptcha3Prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05a96687c6fdedacb11bf555ce54113cbbfac5d730811bc5e0a074fdabe4926d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 54EC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
20ms

XHR
application/json

2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Server

2607:f8b0:4006:81f::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e90794241208b565e838b22b923d7c5c93681017ef6b0bc72d1f7b1d14ff84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 May 2022 18:30:23 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 54EC 29 B
587 B 25ms
7ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:26:44 GMT
x-content-type-options: nosniff
age: 219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 May 2022 18:41:44 GMT

POST
H2 200 visits Show response
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/api/v1/ 142 B
558 B 104ms
104ms XHR
application/json 52.26.14.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/api/v1/visits

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/10c/745/06e/543446d9c0f434bc9d87771.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.14.45 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-14-45.us-west-2.compute.amazonaws.com

Software

Resource Hash

73003a09b1024a5de1f2169209b3268ac8c5e7e7e94829e9a605323dc2cbea7b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://ctpaidleave.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: application/json

Response headers

x-runtime: 0.005111
date: Tue, 17 May 2022 18:30:23 GMT
etag: W/"73003a09b1024a5de1f2169209b3268a"
x-frame-options: ALLOWALL
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-headers: Content-Type
x-request-id: 611fdf97-34b3-4860-baf9-6c9ff0ba8828

OPTIONS
H2 200 visits
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/api/v1/ Frame 0
0 276ms
95ms Preflight
text/html 52.26.14.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/api/v1/visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.26.14.45 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-26-14-45.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ctpaidleave.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html
date: Tue, 17 May 2022 18:30:23 GMT
x-frame-options: ALLOWALL
x-request-id: eecfd675-1dec-4223-881b-11513cbcd1e2
x-runtime: 0.001909

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 41ms
20ms Preflight
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 17 May 2022 18:30:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 54EC 45 KB
22 KB 42ms
28ms XHR
application/json+protobuf 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cb9b761d6ca8d0937a8da537084ba0379a04dea3857f10914ff2a8782b75b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22364
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/ Frame 54EC 119 KB
37 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64bfaa70abd84314a2080a4b2a23c82fad53110a8e00ab83bd17bbb65ff944b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 14:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37633
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 17 May 2023 14:31:04 GMT

GET
H3 200 -3-XyAWa1HgdiqhLiSoq_LaxuJzgZSCTKbANWeqlcVg.js Show response
www.google.com/js/th/ Frame 54EC 35 KB
13 KB 39ms
13ms Script
text/javascript 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-3-XyAWa1HgdiqhLiSoq_LaxuJzgZSCTKbANWeqlcVg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7f97c8059ad4781d8aa84b892a2afcb6b1b89ce065209329b00d59eaa57158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 17:32:20 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/ Frame 54EC 27 KB
8 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada8a728bc7d67bc76cba128f46a1082e9d1157f0b7bdcfaec54d2e822f2c0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 15:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 444350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8034
x-xss-protection: 0
last-modified: Thu, 12 May 2022 00:17:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 12 May 2023 15:04:33 GMT

GET
DATA 200
OK truncated
/ Frame 54EC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRIs98uxAnZ2_QmbwlSLad7TwNb8cU9ybvChtg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 54EC 3 KB
3 KB 27ms
5ms Image
image/jpeg 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRIs98uxAnZ2_QmbwlSLad7TwNb8cU9ybvChtg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b90e5a01857b46f3846d374d6cc5b929f36fde21d46a0eecf1b98e5b2b10bc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 15:30:01 GMT
x-content-type-options: nosniff
age: 10822
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2694
x-xss-protection: 0
server: fife
etag: "v3a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 23:04:30 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/N3n-S66h42o/ Frame 54EC 14 KB
15 KB 45ms
6ms Image
image/webp 2607:f8b0:4006:80a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/N3n-S66h42o/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/N3n-S66h42o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2016 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43634a11c95ba01f4eebcbce421faa89fff0101e8f5fd01c9c70493bea378d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:35:21 GMT
x-content-type-options: nosniff
age: 3302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14480
x-xss-protection: 0
server: sffe
etag: "1619378142"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 May 2022 19:35:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 48ms
20ms XHR
text/plain 2607:f8b0:4004:c17::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-177129997-1&cid=1005684619.1652812223&jid=889596129&gjid=1242381193&_gid=1913439879.1652812223&_u=YEBAAUAAAAAAAC~&z=190952425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ctpaidleave.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 17 May 2022 18:30:23 GMT
content-type: text/plain
access-control-allow-origin: https://ctpaidleave.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
177 B 260ms
260ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17548008&Ver=2&mid=e141b458-48d5-4e18-bc61-c2f461face7e&sid=69e73400d60f11ec912355bb66555836&vid=69e74ec0d60f11ec83cb97df97676042&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Prepare%20for%20Registration&p=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&r=&lt=1795&evt=pageLoad&msclkid=N&sv=1&rn=101609

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 548F37862CB245C7AEFB37D1AC4F6778 Ref B: EWR30EDGE0411 Ref C: 2022-05-17T18:30:23Z
date: Tue, 17 May 2022 18:30:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 163 B
467 B 13ms
13ms XHR
text/plain 3.210.129.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=ARKaMTPQE9RQrT4GJlETaQ&is_js=true&landing_url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&t=Prepare%20for%20Registration&tip=NQRZ3lhIicFcp77ZbRh3zccruAv7zNkv4GTwBdFVTlc&host=https://ctpaidleave.org&sa_conv_data_css_value=%20%220-d32ba4a9-69e8-4605-5b93-573a1b10a225%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd99ce0d2a9c63746374343007708da9a4e05b5ea86&sa-user-id-v2=s%253A0-d32ba4a9-69e8-4605-5b93-573a1b10a225%2524ip%25245.181.234.134.K3e4RhUdbmQ6xwT4812BRyhzeiUfo%252BY6DNH324OeXBY&sa-user-id=s%253A0-d32ba4a9-69e8-4605-5b93-573a1b10a225.nTw7OkySNPoWGyNZEzWkDjqlPlK7FTOqdjA0o4xcqBQ
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.129.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-129-57.compute-1.amazonaws.com
Software: /
Resource Hash: 7fde3e08345ae55e5382e9ff49c10b82274a93ebf8d5357adbaa5cc7299994f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 18:30:23 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ctpaidleave.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 163

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 90ms
89ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=11&aura.ApexAction.execute=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

f25efc357b192ee3fef9000e7a7df249d6036dee527e5102027d42df63d52dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 26535900003b3bf91f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:23 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=61
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:23 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 48ms
29ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14870
x-xss-protection: 0
server: cafe
etag: 5318846328053810925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 8A2D 361 KB
143 KB 26ms
6ms Script
text/javascript 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ctpaidleave.org/
Origin: https://ctpaidleave.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146043
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 03:00:02 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 141ms
140ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=12&aura.ApexAction.execute=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

5ea96b7cdde49015a2b294a502a70b00b79288ffad9017951736793270a7947e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 2674500000da79fbed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:23 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=105
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:23 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2F60 41 KB
21 KB 37ms
36ms Document
text/html 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx&co=aHR0cHM6Ly9jdHBhaWRsZWF2ZS5vcmc6NDQz&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=v5i4bz5ytbb5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bf256fbb025b8ee3a7f303d1285bacad47fde23a34d456a41fca60d0267a37e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HX37QhmQPj9Traxq6iXtTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21907
content-security-policy: script-src 'report-sample' 'nonce-HX37QhmQPj9Traxq6iXtTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:30:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 54EC 4 KB
2 KB 41ms
28ms Script
text/javascript 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 54EC 0
9 B 6ms
5ms Image
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?3ZivWg
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/N3n-S66h42o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/407103705/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/407103705/?random=1652812223393&cv=9&fst=1652812223393&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&tiba=Prepare%20for%20Registration&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146e4e3237b49d122445a92879370fcf269ac13a8ddc819e78dda4803e722b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1037
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 13ms
5ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352340779162873&ev=Microdata&dl=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&rl=&if=false&ts=1652812223401&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Prepare%20for%20Registration%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1652812221705.829957762&it=1652812221502&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 2F60 51 KB
24 KB 8ms
7ms Stylesheet
text/css 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx&co=aHR0cHM6Ly9jdHBhaWRsZWF2ZS5vcmc6NDQz&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=v5i4bz5ytbb5

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 03:03:42 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ Frame 2F60 361 KB
143 KB 9ms
8ms Script
text/javascript 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 03:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146043
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:02:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 03:00:02 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/101/ Frame 54EC 52 KB
15 KB 15ms
14ms Script
text/javascript 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/101/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15395
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 19:36:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 18 May 2022 16:36:02 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/407103705/ 42 B
64 B 25ms
24ms Image
image/gif 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/407103705/?random=1652812223393&cv=9&fst=1652810400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa5g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&tiba=Prepare%20for%20Registration&async=1&fmt=3&is_vtc=1&random=1478101165&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ctpaidleave.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 May 2022 18:30:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 54EC 98 B
142 B 28ms
27ms XHR
application/json+protobuf 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab008259bcd9c94e62bde02e695ce59dd63f092bded5f84cf2eddbdfc233002a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 21ms
21ms Preflight
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 17 May 2022 18:30:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2F60 2 KB
2 KB 6ms
6ms Image
image/png 2607:f8b0:4006:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 29373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 24 May 2022 10:20:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F60 15 KB
15 KB 19ms
6ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 11:41:34 GMT
x-content-type-options: nosniff
age: 24529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 11:41:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F60 15 KB
15 KB 20ms
7ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 19:40:58 GMT
x-content-type-options: nosniff
age: 514165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 11 May 2023 19:40:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2F60 102 B
134 B 25ms
25ms Other
text/javascript 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e80a5bf86d3d027ba9579ffa4548530efc67bd0533533d3408e23e4665e2a790

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx&co=aHR0cHM6Ly9jdHBhaWRsZWF2ZS5vcmc6NDQz&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=v5i4bz5ytbb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame D769
Redirect Chain

https://insight.adsrvr.org/track/up?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0

887 B
1 KB

20ms
12ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 94c68780b0ed18f5a4fddb8ada432128338deb3fad1e6c06f8d0acbbfe2403e9

Request headers

Referer: https://ctpaidleave.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:30:23 GMT
location: https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame B906
Redirect Chain

https://insight.adsrvr.org/track/up?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0

975 B
1 KB

20ms
13ms

Document
text/html

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0
Requested by: Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 55deb3339b3f289f8231cdf79d1ff0a0813a5c1460faea718b8c5feee8c6b33b

Request headers

Referer: https://ctpaidleave.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 17 May 2022 18:30:23 GMT
location: https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame D769 487 B
964 B 5ms
5ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=iwhzc0y&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=lf2yrgd&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 07:26:48 GMT
Via: 1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 39816
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: ToOW_MwPkzGFsIS9vHRIqZb7vMCJ2JD-xtlYVjeiiZ3s_wCzG6UV-w==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 2F60 42 B
62 B 27ms
27ms XHR
application/json 2607:f8b0:4004:c06::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

277893d5902305af04b109e5e07627627519805523e8a083c325a77e6b21dfe3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfe-TkbAAAAALcPxdb67p417Rcv-vkSS9E3K1wx&co=aHR0cHM6Ly9jdHBhaWRsZWF2ZS5vcmc6NDQz&hl=en&v=0aeEuuJmrVqDrEL39Fsg5-UJ&size=invisible&cb=v5i4bz5ytbb5
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 17 May 2022 18:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 17 May 2022 18:30:23 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame B906 487 B
964 B 7ms
7ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=cc5itup&ref=https%3A%2F%2Fctpaidleave.org%2Fs%2Fprepare-for-registration%3Flanguage%3Den_US&upid=pbfw8q0&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 17 May 2022 07:26:48 GMT
Via: 1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 39816
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: EWR52-C2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 4hcdTgosvZC3TkhdzwR8hbyUyEUeRhX6qkONVOez8axoX3GsP4h7bw==

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8F8C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

70 B
569 B

12ms
12ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
DCS: dcs-prod-usw2-2-v028-089b43256.edge-usw2.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ddXdwtclTuc=

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 49DB
Redirect Chain

https://tags.bluekai.com/site/5386?id=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai

70 B
569 B

12ms
12ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

BK-Server: 5352
Connection: keep-alive
Content-Length: 0
Date: Tue, 17 May 2022 18:30:23 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 80D7
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vg1FnWFE2uL7xmrUyQbtKQC75uNtbsQ-~A&gdpr=0&gdpr_consent=

70 B
569 B

13ms
12ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vg1FnWFE2uL7xmrUyQbtKQC75uNtbsQ-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Tue, 17 May 2022 18:30:23 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vg1FnWFE2uL7xmrUyQbtKQC75uNtbsQ-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 20C1
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

70 B
569 B

20ms
20ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
DCS: dcs-prod-usw2-1-v028-0777484c4.edge-usw2.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: X/0I5QB3Qio=

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 1D77
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
569 B

15ms
15ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame A319
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NjJkOWEwZTAtNjIzNy00NGFhLWFlOTEtZTFjMTlkZTZhYjk0&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&google_gid=CAESEIfqPKF36sPAGkU9GEDcLQ4&google_cver=1

70 B
569 B

12ms
12ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&google_gid=CAESEIfqPKF36sPAGkU9GEDcLQ4&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 17 May 2022 18:30:23 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 May 2022 18:30:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=62d9a0e0-6237-44aa-ae91-e1c19de6ab94&google_gid=CAESEIfqPKF36sPAGkU9GEDcLQ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 2 KB
1 KB 165ms
114ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=13&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

7574c1367055c939cf012dfd4b350fa5165a5305b204882b816882f950bd1c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 3275590000eb342fc0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:23 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=112
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:23 GMT

POST
H/1.1 200
OK aura Show response
ctpaidleave.org/s/sfsites/ 1 KB
1 KB 40ms
39ms XHR
application/json 96.43.152.48
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://ctpaidleave.org/s/sfsites/aura?r=14&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1

Requested by

Host: ctpaidleave.org
URL: https://ctpaidleave.org/s/sfsites/auraFW/javascript/2yRFfs4WfGnFrNGn9C_dGg/aura_prod.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.43.152.48 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

na21-1-chx.inst.siteforce.com

Software

Resource Hash

2f0a26be9e8b72688f6b5082b2695756866c0228c26fd9e67f7a7784d1e63979

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ctpaidleave.org/s/prepare-for-registration?language=en_US
X-SFDC-Page-Cache: 0d1920471982aee6
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: ab54a507-4150-4b37-9e1a-a797748490f3
X-SFDC-Request-Id: 32820900002c5709c7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 May 2022 18:30:23 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 17 May 2021 18:30:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Server-Timing: Total;dur=12
Timing-Allow-Origin: *
Vary: Origin, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 17 May 2021 18:30:23 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 54EC 28 B
50 B 27ms
27ms XHR
application/json 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/00e475bf/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/N3n-S66h42o
X-YouTube-Client-Version: 1.20220511.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtMU1M3SkYxQmJwOCi-04-UBg%3D%3D
X-YouTube-Ad-Signals: dt=1652812222960&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C596%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 17 May 2022 18:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ctpaidleave.org
URL: https://ctpaidleave.org/resource/bootstrapFrameworkv413/bootstrap413/dist/css/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ctpaidleave.org/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%2284ea1747-2d84-4b24-b20e-07e725e1588b%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22ba963850-f26e-46cc-ba74-91b53d7a5194%22%2C%22audienceIds%22%3A%226Aut0000000blPt%2C6Aut0000000k9eM%22%7D
ctpaidleave.org/	1970-01-20 11:52:28	Name: CookieConsentPolicy Value: 0:1
ctpaidleave.org/	1970-01-20 11:52:28	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.ctpaidleave.org/	1970-01-20 11:52:28	Name: CookieConsentPolicy Value: 0:0
.ctpaidleave.org/	1970-01-20 11:52:28	Name: LSKey-c$CookieConsentPolicy Value: 0:0
.ctpaidleave.org/	1970-01-20 05:16:28	Name: _gcl_au Value: 1.1.1360008273.1652812221
.linkedin.com/	1970-01-20 05:16:28	Name: li_sugr Value: a9952795-9623-4446-bfcd-8d7655bdb951
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 20:38:46	Name: bcookie Value: "v=2&bbe6e92d-a173-486c-80fb-b7445af6d2ad"
.linkedin.com/	1970-01-20 03:08:18	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2309:u=1:x=1:i=1652812221:t=1652898621:v=2:sig=AQH6jHItxvVDaKyqp9eeaCx8ZLdIj2tv"
.ctpaidleave.org/	1970-01-20 05:16:28	Name: _fbp Value: fb.1.1652812221705.829957762
.linkedin.com/	1970-01-20 03:50:04	Name: UserMatchHistory Value: AQLwYiwiJ9rwegAAAYDTSQ0SW9J7I4jxrRd-TQUfJTFPkcfYucP1z2A9_ssMJz2oqcvfrKgMCglMpA
.linkedin.com/	1970-01-20 03:50:04	Name: AnalyticsSyncHistory Value: AQKblqhYPSMYhAAAAYDTSQ0ShzktjomOk7Pgbyy7enCd7kQaCaBy-QbumdOVZ7ZaCiBVxf9Hh9e-rxCtjXTbWg
.facebook.com/	1970-01-20 05:16:28	Name: fr Value: 0R9vsCu227c5W5xeT..Big-m9...1.0.Big-m9.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 20:38:46	Name: bscookie Value: "v=1&2022051718302198c18899-4aa9-4e9e-8e8c-4ba116a55b77AQGsB-OUdW8k4QsZZYaYtADoFmFI_Uic"
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/	1970-01-20 03:08:18	Name: test Value: test
.adsymptotic.com/	1970-01-20 05:16:28	Name: U Value: efa81f10fdf8b3b93a912e33f3fac536
tags.srv.stackadapt.com/	1970-01-20 11:52:28	Name: sa-user-id Value: s%3A0-d32ba4a9-69e8-4605-5b93-573a1b10a225.nTw7OkySNPoWGyNZEzWkDjqlPlK7FTOqdjA0o4xcqBQ
.srv.stackadapt.com/	1970-01-20 11:52:28	Name: sa-user-id-v2 Value: s%3A0yukqWnoRgVbk1c6GxCiJQW16oY.t%2BcXH3CAUqhBvAYk6EZ7Ce5MnmeOXvczmq4D6J8qBao
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5RO1Elavjtg
.youtube.com/	1970-01-20 07:26:04	Name: VISITOR_INFO1_LIVE Value: LSS7JF1Bbp8
ctpaidleave.org/	1970-01-20 11:52:28	Name: sa-user-id Value: s%253A0-d32ba4a9-69e8-4605-5b93-573a1b10a225.nTw7OkySNPoWGyNZEzWkDjqlPlK7FTOqdjA0o4xcqBQ
ctpaidleave.org/	1970-01-20 11:52:28	Name: sa-user-id-v2 Value: s%253A0-d32ba4a9-69e8-4605-5b93-573a1b10a225%2524ip%25245.181.234.134.K3e4RhUdbmQ6xwT4812BRyhzeiUfo%252BY6DNH324OeXBY
.ctpaidleave.org/	1970-01-20 20:38:04	Name: _ga Value: GA1.2.1005684619.1652812223
.ctpaidleave.org/	1970-01-20 03:08:18	Name: _gid Value: GA1.2.1913439879.1652812223
.ctpaidleave.org/	1970-01-20 03:06:52	Name: _gat_gtag_UA_177129997_1 Value: 1
.bing.com/	1970-01-20 12:28:28	Name: MUID Value: 1E9B73AC91276CF01FAD620B90556DBF
.bat.bing.com/	1970-01-20 03:16:57	Name: MR Value: 0
ctpaidleave.org/	1969-12-31 23:59:59	Name: rl_visitor_history Value: fb6b8988-125a-405f-ab10-7b2aa450e84e
ctpaidleave.org/	1969-12-31 23:59:59	Name: sifi_user_id Value: undefined
.ctpaidleave.org/	1970-01-20 03:08:18	Name: _uetsid Value: 69e73400d60f11ec912355bb66555836
.ctpaidleave.org/	1970-01-20 12:28:28	Name: _uetvid Value: 69e74ec0d60f11ec83cb97df97676042
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/	1970-01-23 18:42:52	Name: visitor_id Value: fb6b8988-125a-405f-ab10-7b2aa450e84e
10c74506-e543-446d-9c0f-434bc9d87771.rlets.com/	1970-01-23 18:42:52	Name: sifi_user_id Value:
.adsrvr.org/	1970-01-20 11:52:28	Name: TDID Value: 62d9a0e0-6237-44aa-ae91-e1c19de6ab94
.yahoo.com/	1970-01-20 11:52:49	Name: A3 Value: d=AQABBL_pg2ICEMkhjRIeTGO3tBo4X-7uPF8FEgEBAQE7hWKNYgAAAAAA_eMAAA&S=AQAAAu1e6LEtltDQ7Msa3EGsH18
ctpaidleave.org/	1970-01-20 11:52:28	Name: pctrk Value: 63627c47-6b6f-4d56-98fc-8121c5ea7ad8
.rubiconproject.com/	1970-01-20 11:52:28	Name: khaos Value: L3AHQ1VY-M-8ML0
.rubiconproject.com/	1970-01-20 11:52:28	Name: audit Value: 1\|4wJmOqv4onKRgRcW7Z45zQWvzFS3wyqdt2+C3Co0t1NGXlzst0zOc5V7PAzkK5dEYXfFzPX08k/dcuVnQi+ATffq0lRWg1JcpX+27h+c8oyr2R1wgDeQY6sPpVmyl7aADagU818Q2FSSUgn3p09nwZLps7qxaf/whEtZT8gQU1NA19Uy18rCHHvP52PeI+dpTjbsxdxTQ5bDGh6be8AxUuYKY0xKXIv2BplwajK/o1u5PVrRjiekRCDzwQ8ksA7X6Hb7liXo8URO+SITq6Q0XxqOcBxvXnxDzkBo8GvWj1Y=
.doubleclick.net/	1970-01-20 20:38:04	Name: IDE Value: AHWqTUmOki5z6umjlQn8i35c_cc-ff-TrWCwrSE7LenBetc5FwihssjhFA635zP7wT8
.analytics.yahoo.com/	1970-01-20 11:52:28	Name: IDSYNC Value: 1769~24xu
.bluekai.com/	1970-01-20 07:26:04	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 07:26:04	Name: bkpa Value: KJy5iaLvyM9x9WIEd3VwoWqpWDuxU3BLLtLqSC2LPL2FW/RjZYR7GKjiqIbK1eiecko3+Ewt3FLKx9w8Ek1UmTdARwJ2BKwJG4N7M1KKSj5x1VciL/izV5Zc1ABC9TknejM80dUOzN7YWB4urntvj23JDNHtW1chEvMLzlodS/U69yv61EA=
.bluekai.com/	1970-01-20 07:26:04	Name: bku Value: YCD99ndoQt/NpWX0
.dpm.demdex.net/	1970-01-20 07:26:04	Name: dpm Value: 14027771610079746840657733613627881203
.demdex.net/	1970-01-20 07:26:04	Name: demdex Value: 14027771610079746840657733613627881203
.adsrvr.org/	1970-01-20 11:52:28	Name: TDCPM Value: CAESEgoDYWFtEgsIyKm87aqP3DoQBRIWCgdydWJpY29uEgsIyKm87aqP3DoQBRIVCgZnb29nbGUSCwjIqbztqo_cOhAFGAUgBCgDMgsIyKG_msGP3DoQBTgBQgQiAggBWgdjYzVpdHVwYAE.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ctpaidleave.org/s/prepare-for-registration?language=en_US Message: Refused to apply style from 'https://ctpaidleave.org/resource/bootstrapFrameworkv413/bootstrap413/dist/css/bootstrap.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://ctpaidleave.org/s/sfsites/c/resource/createLandmarks Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10c74506-e543-446d-9c0f-434bc9d87771.rlets.com
ajax.googleapis.com
bat.bing.com
capture-api.reachlocalservices.com
cdn.rlets.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
ctpaidleave.org
dpm.demdex.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
insight.adsrvr.org
jnn-pa.googleapis.com
js.adsrvr.org
match.adsrvr.org
maxcdn.bootstrapcdn.com
p.adsymptotic.com
pixel.rubiconproject.com
public.tockify.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.doubleclick.net
stats.g.doubleclick.net
tags.bluekai.com
tags.srv.stackadapt.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
yt3.ggpht.com
ctpaidleave.org
104.18.102.194
13.107.42.14
13.225.213.71
142.251.40.162
143.204.138.162
15.197.193.217
184.85.195.135
2600:1400:9000::687e:74ca
2600:9000:210b:cc00:6:9a19:88c0:93a1
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c06::69
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::9b
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80a::2016
2607:f8b0:4006:80c::2001
2607:f8b0:4006:816::2006
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::200a
2607:f8b0:4006:823::200e
2620:1ec:22::14
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.210.129.57
44.237.245.87
52.26.14.45
52.45.33.138
8.43.72.97
96.43.152.48
99.84.37.36
04c7186b50648108bbb6b8a0c073f6d365643a89c3773af176ee94c7381945f0
05a96687c6fdedacb11bf555ce54113cbbfac5d730811bc5e0a074fdabe4926d
0bf256fbb025b8ee3a7f303d1285bacad47fde23a34d456a41fca60d0267a37e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146e4e3237b49d122445a92879370fcf269ac13a8ddc819e78dda4803e722b03
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
160d4a7431853a52638f18c095b81fb2473d62201bffb59c096622b73ff9d46a
16ea004407145077ab31e3c5aa44176e12bfd3a124a554ac28fdb0c26180f8a4
16f22256e0ab41c0d42f8c89f3e3181750411920febf66fec55e70c002cf6d0b
1b111cd3b254af7d6d1523fb9aee239283058a75e8525259115fa7a045d157e6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
205b40e3f15cd7e4c84a1233d257ec9f903eef6e8e2df5e27211351b0d73b523
209d583aab779bed54f13b497ef76b6a4b2341dce281fb69d7489d9f7f6cf020
277893d5902305af04b109e5e07627627519805523e8a083c325a77e6b21dfe3
2a545f7f986f44daf38dba3cd8d5753bc960f55c0428c783e6fab0045f5b23d0
2f0a26be9e8b72688f6b5082b2695756866c0228c26fd9e67f7a7784d1e63979
2f7fe8e9c9bad9b91948326df0b71dfae1cc953da258766b1f1b6c6b463e458b
36cbd544f0d727ca6b1841d155d9bbeb75dc4051841f60a4e2ed3f82aa1345b1
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3a4fe89148ae8d3ef68a48b8f3b948f94e6af140f0c483edebb9afdac187938c
3e09999e6e8ce931992be61389cf7e1c8156b03aad85cca211904bd964b9d527
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
423da8631ba1344684bd6adadcd25f2932e128a8f656f80aea6beac58a0ef579
430d7ac122791f309bc5df732e7e8433395fb911307437200fb5a83274f4f3a9
43634a11c95ba01f4eebcbce421faa89fff0101e8f5fd01c9c70493bea378d9b
4409f21fa5d51255acb60dc055fb6099a8e28f6ac515701a97c3e3ad5102789b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ad4453322a296867777e5da6f3c661eb638af90b7e9a4d357e926ebe4de2804
4e654ec1d65df653e2b40dee28f49ec84c06fa401a736324b4736c3400716b58
4fd93fcb52613fe2a9430be5a995a6507a28521bcdaf315374e0073cbd069507
55deb3339b3f289f8231cdf79d1ff0a0813a5c1460faea718b8c5feee8c6b33b
56881a16e6973888dea2b9d26003c9521a078100d82acd6418c2adb33e4a5d20
5849bd683874914451197f0fff8dc0304f7315c763749dd3d2abfef3607ce77b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c15e0865e000559c8870b938c252322ddc6e1bb95b71ec52ff8e330f905dda1
5ea96b7cdde49015a2b294a502a70b00b79288ffad9017951736793270a7947e
64bfaa70abd84314a2080a4b2a23c82fad53110a8e00ab83bd17bbb65ff944b9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f1cb47d54f352c17e03a3aaedba81558123b3fdcc0ca4c48694e57efa56158c
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
73003a09b1024a5de1f2169209b3268ac8c5e7e7e94829e9a605323dc2cbea7b
7574c1367055c939cf012dfd4b350fa5165a5305b204882b816882f950bd1c82
78c0b9e8c3fe38b804fa6b63ce7d7a97771f9aa37fd997747e5237471ba3ef9d
7f307f90f8c4d18709aecf97708362ddbdf8291f03eb3d4beaf1a3e48bd1d500
7f39b732af0f6e45633254b79890ccb989c3b441dbe87e4847365a6b73d7959b
7fde3e08345ae55e5382e9ff49c10b82274a93ebf8d5357adbaa5cc7299994f9
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94c68780b0ed18f5a4fddb8ada432128338deb3fad1e6c06f8d0acbbfe2403e9
9cb9b761d6ca8d0937a8da537084ba0379a04dea3857f10914ff2a8782b75b30
9f0a1c2a1d4e5b95877622a2893bb2e6c7f8f325502013392864d03310b480bc
9f4598a86a420a96418a5ab9e10a368fa49c379c2459637a219641b01536daf3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b4953a91081a3afb9195dfdf376cb16526444a6512c12da644e40bac736711
a46678929f631077206819b195bc552f2de9597529c3b4e7eefdc0af194fc127
a6a1b8573ffa10ecbc773003b3b7ff49dd349e75e2cf4a9332122e4462c42a2b
a8eea6fcbd631dba13db3f61bdfc61b60009571041fdb3a1266aa3512c9e07f2
a9d67b9786c355d9d37eee08fe54959622313bcf57492f12ff55e10496620b65
ab008259bcd9c94e62bde02e695ce59dd63f092bded5f84cf2eddbdfc233002a
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ada8a728bc7d67bc76cba128f46a1082e9d1157f0b7bdcfaec54d2e822f2c0ef
adc68dd868801098fe2d24ba517dad9c624df07acebe37be4916eb3ea7e97c06
b90e5a01857b46f3846d374d6cc5b929f36fde21d46a0eecf1b98e5b2b10bc8e
bbd9795facdf188928227928c0de1bd060a8e634fc9c9ee03c0307d99af31063
bc350db2fcc08b8af32903faef7283a9d5c707ece8060576028d54f9ca66cf14
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c7d9c246005c3f4e8ddd4c1e4540dc8e97eef4dbd7a15fc2e8377f6e879c4139
c99e08f1494bf6d1455d3ec779a7ca540a593a08452f7da8de6eb63f31853f38
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3677747b3b438fbbd263fb33a659893cc0fb17f5c190e3c43b3e7e0a9c9d956
d6e90794241208b565e838b22b923d7c5c93681017ef6b0bc72d1f7b1d14ff84
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2649e2b8fa98033cec27a33a9e70f0e03f6cbafa46c6dcb38f7ea2a4b7478f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70228a4c8e96a3d0824f76e11053163e75275ddfe8db684fd85fb8a9dcf9198
e80a5bf86d3d027ba9579ffa4548530efc67bd0533533d3408e23e4665e2a790
e9abd2e42aaf0f565b67ceb209bad494527b88dcd1ad4f448842a578eb25c174
ed8a49d768b2b748234755726fc113bedd6469c569fe73734ae02f0a68873b4e
eddc19f5547ee7331968f5915b2360b6e80e0599be9a108f0e6e34cefa48e5a7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f189e803804dd9bb6f484b6e9a1e61770118c038992b3b736b2d42877fe1025b
f25efc357b192ee3fef9000e7a7df249d6036dee527e5102027d42df63d52dff
f296b4093b4f2a76815f1bf18ee47c2bcca86b16073606d98d527bc8eb40cd8b
f4a9e44108a6f4fc9f4913d61136eb30f556f4feb17c6dc6ea16195a3755707d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb7f97c8059ad4781d8aa84b892a2afcb6b1b89ce065209329b00d59eaa57158
fbbcb736a9eed942f219572b43d28743ef188212f99c5bd7e8843f5a42c24b94
fbe6ce558b8d2b1062b3d05fe590a199c89cd936721e6c5cd948a7b99afd1c99
fd23c65f8b65e68a62147a08150445d17a9c09bca0d8338e7419251952a23ab7
ffbe818be4c8336352f14d6b780c37bf26660aeaed256cd5c44ced9792043ef3

ctpaidleave.org Open in urlscan Pro 96.43.152.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

97 %HTTPS

60 %IPv6

28 Domains

38 Subdomains

30 IPs

2 Countries

4742 kBTransfer

13376 kBSize

48 Cookies

16 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ctpaidleave.org Open in urlscan Pro
96.43.152.48 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

97 %
HTTPS

60 %
IPv6

28
Domains

38
Subdomains

30
IPs

2
Countries

4742 kB
Transfer

13376 kB
Size

48
Cookies

116 HTTP transactions
1 data transactions