goldleafnutritionals.com Open in urlscan Pro
54.85.179.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goldleafnutritionals.com/
Effective URL:
https://goldleafnutritionals.com/
Submission: On January 27 via api (January 27th 2024, 12:10:01 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 42 HTTP transactions. The main IP is 54.85.179.169, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is goldleafnutritionals.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on September 4th 2023. Valid for: a year.

This is the only time goldleafnutritionals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	100.25.72.217 100.25.72.217	14618 (AMAZON-AES) (AMAZON-AES)
17	54.85.179.169 54.85.179.169	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:10:... 2606:4700:10::ac43:15d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
42	5

1 100.25.72.217 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-72-217.compute-1.amazonaws.com

goldleafnutritionals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.85.179.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-179-169.compute-1.amazonaws.com

goldleafnutritionals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:15d8 (United States)

ASN13335 (CLOUDFLARENET, US)

nmhfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	goldleafnutritionals.com 1 redirects goldleafnutritionals.com	946 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	711 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2	96 KB
3	nmhfiles.com nmhfiles.com	2 KB
42	4

	Domain	Requested by
18	goldleafnutritionals.com	1 redirects goldleafnutritionals.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	nmhfiles.com www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
3	nmhfiles.com	goldleafnutritionals.com
42	5

This site contains links to these domains. Also see Links.

Domain
pro.goldleafnutruitionals.net
pro.solaireproducts.com
pro.solairehealth.org
privacyportal.onetrust.com

Subject Issuer	Validity	Valid
goldleafnutritionals.com Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://goldleafnutritionals.com/
Frame ID: C6A4850CDA2121F832D40A6E2D152F9D
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE&co=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=elsmekitdrqo
Frame ID: A94EF52E913DE835BB01DA18DAA9BE59
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE
Frame ID: F1D106FE65C60002E9DF210F5558C422
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome To Gold Leaf Nutritionals | Gold Leaf Nutritionals

Page URL History Show full URLs

http://goldleafnutritionals.com/ HTTP 301
https://goldleafnutritionals.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

42
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1754 kB
Transfer

2936 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pro.goldleafnutruitionals.net/m/2042501
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://pro.solaireproducts.com/m/1369822
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://pro.solairehealth.org/m/1975049
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/90ddaa87-9d70-4282-9d4f-d6cbd96bd224/19a1c531-31bd-4010-b4f5-7ecaebce990a
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goldleafnutritionals.com/ HTTP 301
https://goldleafnutritionals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goldleafnutritionals.com/
Redirect Chain

http://goldleafnutritionals.com/
https://goldleafnutritionals.com/

36 KB
11 KB

408ms
203ms

Document
text/html

54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 017c667aa71a784d64c87742446603eb9c00edae775529715d441e9c7ee12b4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 10866
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 12:09:56 GMT
expires: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Sat, 27 Jan 2024 04:42:58 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 27 Jan 2024 12:09:56 GMT
Expires: Sat, 27 Jan 2024 12:09:56 GMT
Location: https://goldleafnutritionals.com/
Server: nginx

GET
H2 200 app.css
goldleafnutritionals.com/wp-content/themes/lw/stylesheets/ 87 KB
11 KB 108ms
107ms Stylesheet
text/css 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6c04f2396128581e910906768833345d7ae9b644b7934d4addff890ef6875517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Mon, 12 Jul 2021 19:24:18 GMT
server: nginx
etag: W/"60ec96e2-15c14"
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 wp-supplement-facts.css
goldleafnutritionals.com/wp-content/themes/lw/stylesheets/ 10 KB
2 KB 210ms
209ms Stylesheet
text/css 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/wp-supplement-facts.css
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e1861818e9e78b3f4d46d21c602269d6186410e88e1bcf2c0b95c1f9c20ab1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Thu, 06 May 2021 20:06:19 GMT
server: nginx
etag: W/"60944c3b-29e9"
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 site-logo.png
goldleafnutritionals.com/wp-content/themes/lw/images/ 10 KB
10 KB 197ms
191ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/images/site-logo.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f35eadb3833010bc96b83a4304cf0b2a0ca1133faca61e617b056d2e564f37b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Fri, 06 Oct 2017 12:36:57 GMT
server: nginx
etag: "59d778e9-2702"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 9986
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 jquery.min.js Show response
goldleafnutritionals.com/wp-content/themes/lw/bower_components/jquery/dist/ 82 KB
28 KB 208ms
208ms Script
application/javascript 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/bower_components/jquery/dist/jquery.min.js
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: W/"583c9cd6-1499c"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 fastclick.js Show response
goldleafnutritionals.com/wp-content/themes/lw/bower_components/fastclick/lib/ 25 KB
7 KB 213ms
213ms Script
application/javascript 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/bower_components/fastclick/lib/fastclick.js
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: W/"583c9cd6-656d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 foundation.js Show response
goldleafnutritionals.com/wp-content/themes/lw/bower_components/foundation/js/foundation/ 20 KB
5 KB 197ms
191ms Script
application/javascript 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/bower_components/foundation/js/foundation/foundation.js
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1cef3081cb0269331a75673d39e11dda76ac88055a659ab9b0d5ce8b7be001c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: W/"583c9cd6-515f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 foundation.tab.js Show response
goldleafnutritionals.com/wp-content/themes/lw/bower_components/foundation/js/foundation/ 9 KB
2 KB 198ms
192ms Script
application/javascript 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/bower_components/foundation/js/foundation/foundation.tab.js
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 714a4d80908e3fe1ee585fb44937eb63345c05dcafbf199858bb3b034c95cb94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: br
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: W/"583c9cd6-2250"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 app.js Show response
goldleafnutritionals.com/wp-content/themes/lw/js/ 138 B
404 B 198ms
192ms Script
application/javascript 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/js/app.js
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 86e6f027509e02bf6f5f121a5b1c312abd54f651c421dd8475889755ad49c719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
content-encoding: gzip
last-modified: Fri, 06 Oct 2017 12:36:57 GMT
server: nginx
x-accel-version: 0.01
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 131
expires: Sun, 26 Jan 2025 12:09:56 GMT

GET
H2 200 ricepaper.png
goldleafnutritionals.com/wp-content/themes/lw/images/ 32 KB
33 KB 104ms
104ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/images/ricepaper.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e8e98b073b4dead7ac1da988433f6062f22b6667113bee63a9aa757da097b2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: "583c9cd6-81c6"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 33222
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 gotham-medium.woff
goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/ 28 KB
28 KB 109ms
105ms Font
application/font-woff 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/gotham-medium.woff
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c9694a0cb4e7e64c8edf8f923fed858f2497c975e8cbd8a03bbcad9c05a5e9e7

Request headers

Referer: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Origin: https://goldleafnutritionals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: "583c9cd6-6f48"
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28488
expires: Mon, 26 Feb 2024 12:09:56 GMT

GET
H2 200 gotham-bold.woff
goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/ 27 KB
27 KB 206ms
201ms Font
application/font-woff 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/gotham-bold.woff
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c2432ac9ff0481f64c6d857176bd55c21fcceffc9d50c865029091252966482f

Request headers

Referer: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Origin: https://goldleafnutritionals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: "583c9cd6-6b54"
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27476
expires: Mon, 26 Feb 2024 12:09:56 GMT

GET
H2 200 gotham-book.woff
goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/ 28 KB
28 KB 108ms
104ms Font
application/font-woff 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/fonts/gotham-book.woff
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 09fbc2220b47673be3b3b1569000ba6dedc92d4d538d4c231002cb13db44a637

Request headers

Referer: https://goldleafnutritionals.com/wp-content/themes/lw/stylesheets/app.css?v=1.1
Origin: https://goldleafnutritionals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 28 Nov 2016 21:08:38 GMT
server: nginx
etag: "583c9cd6-6eec"
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28396
expires: Mon, 26 Feb 2024 12:09:56 GMT

GET
H2 200 cvComplete-1.png
goldleafnutritionals.com/wp-content/uploads/2018/03/ 145 KB
146 KB 196ms
195ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/uploads/2018/03/cvComplete-1.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6e780f1d4c7ea72289ce1682868cb544358a8a840248df27a52ba1e2a2d30f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 24 Jan 2022 18:33:17 GMT
server: nginx
etag: "61eef0ed-244c6"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 148678
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 664SVIRA_Bottle_trans-1.png
goldleafnutritionals.com/wp-content/uploads/2019/10/ 316 KB
316 KB 199ms
198ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/uploads/2019/10/664SVIRA_Bottle_trans-1.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ced19db4e54a96f90c17bdbb58e59e79cbecf7e5e9371f848cb3e08df7fbacb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 24 Jan 2022 18:13:14 GMT
server: nginx
etag: "61eeec3a-4ef3a"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 323386
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 MemotexBottle_538x800-1.png
goldleafnutritionals.com/wp-content/uploads/2019/10/ 143 KB
144 KB 199ms
199ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/uploads/2019/10/MemotexBottle_538x800-1.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 33e12b4e906f40785844db1cd89194ce4233f9ddb755c081af7b8fc1b943ae3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 24 Jan 2022 18:37:00 GMT
server: nginx
etag: "61eef1cc-23cca"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 146634
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 RespinoxBottle-1.png
goldleafnutritionals.com/wp-content/uploads/2019/08/ 146 KB
146 KB 199ms
199ms Image
image/png 54.85.179.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goldleafnutritionals.com/wp-content/uploads/2019/08/RespinoxBottle-1.png
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.179.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-179-169.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 78c0f439f774e75e52c3acbf92f62fce8f25e5059a982b50a7b7703a7ca5631a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:56 GMT
last-modified: Mon, 24 Jan 2022 18:44:31 GMT
server: nginx
etag: "61eef38f-247a0"
content-type: image/png
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 149408
expires: Sun, 26 May 2024 12:09:56 GMT

GET
H2 200 / Show response
nmhfiles.com/coreg/signups/ 2 KB
944 B 336ms
318ms Script
application/x-javascript 2606:4700:10::ac43:15d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nmhfiles.com/coreg/signups/?a=form
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d680aff02e572293c9c11921b72a7893de042db8e0ff7d3b1c090f61754f1eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84c0e3c21bac043a-FRA
x-powered-by: PleskLin
content-type: application/x-javascript

GET
H2 200 / Show response
nmhfiles.com/coreg/signups/ 0
128 B 336ms
317ms Script
application/x-javascript 2606:4700:10::ac43:15d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nmhfiles.com/coreg/signups/?a=message&rf=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb20v
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84c0e3c21bad043a-FRA
x-powered-by: PleskLin
content-length: 0
content-type: application/x-javascript

GET
H2 200 / Show response
nmhfiles.com/coreg/signups/ 2 KB
707 B 337ms
319ms Script
application/x-javascript 2606:4700:10::ac43:15d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nmhfiles.com/coreg/signups/?a=recaptcha
Requested by: Host: goldleafnutritionals.com
URL: https://goldleafnutritionals.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:15d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fbbb2715580b2aeb2c3359f2d377854f5bdecaea35780cb01c9785f12cac80ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84c0e3c21ba5043a-FRA
x-powered-by: PleskLin
content-type: application/x-javascript

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 170ms
61ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: nmhfiles.com
URL: https://nmhfiles.com/coreg/signups/?a=recaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f5b746c8722f148b376dd0456a89b462c1b16bc94117fae1c6be2946e3c7857

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goldleafnutritionals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 12:09:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ 485 KB
195 KB 159ms
51ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goldleafnutritionals.com/
Origin: https://goldleafnutritionals.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 11:43:44 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A94E 45 KB
29 KB 80ms
79ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE&co=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=elsmekitdrqo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

daf6bb40a03a1e9f4b396fc13f1bc131182aeb8098f44419648cc3c69a791f5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dTtwqbSJtcz0LfFrrpO4HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goldleafnutritionals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dTtwqbSJtcz0LfFrrpO4HQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 12:09:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame A94E 55 KB
24 KB 154ms
51ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE&co=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=elsmekitdrqo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 08:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 08:25:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame A94E 485 KB
194 KB 153ms
51ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 11:43:44 GMT

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame A94E 17 KB
7 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE&co=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=elsmekitdrqo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 14:31:28 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A94E 2 KB
2 KB 51ms
51ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:45:59 GMT
x-content-type-options: nosniff
age: 311039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Jan 2024 21:45:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A94E 15 KB
15 KB 189ms
66ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 132182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A94E 15 KB
16 KB 174ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 439310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 10:08:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A94E 102 B
135 B 67ms
66ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE&co=aHR0cHM6Ly9nb2xkbGVhZm51dHJpdGlvbmFscy5jb206NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&badge=bottomright&cb=elsmekitdrqo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 12:09:58 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F1D1 7 KB
1 KB 65ms
65ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7db310c9dc9604012d1ba9bfe25584473ed25b2f1c6d75aa56d06f13cd104628

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-V4q5opUE4C9qIwF6q15Npw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goldleafnutritionals.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-V4q5opUE4C9qIwF6q15Npw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 12:09:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame F1D1 55 KB
24 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 08:25:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 08:25:07 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame F1D1 485 KB
194 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198685
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 05:28:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Jan 2025 11:43:44 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F1D1 21 KB
15 KB 99ms
98ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f6a4b6d0faf9f91db73eb9115ad81862429a69ac4c8a8a3ea8bfd44e1a7fe2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sat, 27 Jan 2024 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 12:09:58 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame F1D1 600 B
624 B 51ms
51ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:44:15 GMT
x-content-type-options: nosniff
age: 303943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Jan 2024 23:44:15 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame F1D1 530 B
554 B 53ms
52ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 406346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 29 Jan 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame F1D1 665 B
689 B 52ms
51ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 174476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 01 Feb 2024 11:42:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F1D1 15 KB
15 KB 54ms
51ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 132182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F1D1 15 KB
15 KB 63ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 412552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 17:34:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F1D1 15 KB
15 KB 76ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 439310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 10:08:08 GMT

GET
H3 200 qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js Show response
www.google.com/js/bg/ Frame F1D1 17 KB
7 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:31:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6914
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 14:31:28 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame F1D1 36 KB
36 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4z8pWPxN3agXiHUnpf5lZr8HC1TEed0bIjORh7xrgI7-XrhWIlNlSmqHNMUevlzjVaM1dvuL79iLKeVr6sJCd3xeiHUfNlM2rZM40XSKt_wuJYKZ7md4uOIEgPSKCxbZEeQAdW0jMNXOyply53iCPTzzdGi2hNc0nbtCsBm7HHssh9gxpXQHbdNNOwKhFARiYdybBjpOqfJChoTYatvNiFTK6MaQ&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64fdde5787bf94d442e849f98bb0d7674d4ab115221f482e33b3cff255aa34f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6Ldbs1gnAAAAAMLXrHU2a36eQ7fEXyr2P9mxRxzE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 12:09:58 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 12:09:58 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 22:18:29	Name: _GRECAPTCHA Value: 09ACxQGKZLyqHD28s8RphiRefGiRf0XIY17cMYjRXZvCb9GruktMocKzMATGhRfkylJC6qvxKHjmCv9vOYMt81IfU

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
goldleafnutritionals.com
nmhfiles.com
www.google.com
www.gstatic.com
100.25.72.217
2606:4700:10::ac43:15d8
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
54.85.179.169
017c667aa71a784d64c87742446603eb9c00edae775529715d441e9c7ee12b4e
09fbc2220b47673be3b3b1569000ba6dedc92d4d538d4c231002cb13db44a637
1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cef3081cb0269331a75673d39e11dda76ac88055a659ab9b0d5ce8b7be001c2
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
33e12b4e906f40785844db1cd89194ce4233f9ddb755c081af7b8fc1b943ae3b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45f3e73f5b5d8f1accdba00c41a0ac3c0a6fdeee2f7e7d7f517296e8161188bc
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f6a4b6d0faf9f91db73eb9115ad81862429a69ac4c8a8a3ea8bfd44e1a7fe2e
64fdde5787bf94d442e849f98bb0d7674d4ab115221f482e33b3cff255aa34f6
6c04f2396128581e910906768833345d7ae9b644b7934d4addff890ef6875517
6e780f1d4c7ea72289ce1682868cb544358a8a840248df27a52ba1e2a2d30f4a
714a4d80908e3fe1ee585fb44937eb63345c05dcafbf199858bb3b034c95cb94
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78c0f439f774e75e52c3acbf92f62fce8f25e5059a982b50a7b7703a7ca5631a
7db310c9dc9604012d1ba9bfe25584473ed25b2f1c6d75aa56d06f13cd104628
7f5b746c8722f148b376dd0456a89b462c1b16bc94117fae1c6be2946e3c7857
86e6f027509e02bf6f5f121a5b1c312abd54f651c421dd8475889755ad49c719
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
904a9fb41a8def7934e36f12709f58182802250aaeec2d39b80e285941d47093
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
c2432ac9ff0481f64c6d857176bd55c21fcceffc9d50c865029091252966482f
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9694a0cb4e7e64c8edf8f923fed858f2497c975e8cbd8a03bbcad9c05a5e9e7
ced19db4e54a96f90c17bdbb58e59e79cbecf7e5e9371f848cb3e08df7fbacb6
d680aff02e572293c9c11921b72a7893de042db8e0ff7d3b1c090f61754f1eec
daf6bb40a03a1e9f4b396fc13f1bc131182aeb8098f44419648cc3c69a791f5c
e1861818e9e78b3f4d46d21c602269d6186410e88e1bcf2c0b95c1f9c20ab1b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e98b073b4dead7ac1da988433f6062f22b6667113bee63a9aa757da097b2eb
f35eadb3833010bc96b83a4304cf0b2a0ca1133faca61e617b056d2e564f37b3
fbbb2715580b2aeb2c3359f2d377854f5bdecaea35780cb01c9785f12cac80ab

goldleafnutritionals.com Open in urlscan Pro 54.85.179.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

67 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

1754 kBTransfer

2936 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goldleafnutritionals.com Open in urlscan Pro
54.85.179.169 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1754 kB
Transfer

2936 kB
Size

1
Cookies

42 HTTP transactions
0 data transactions