leadingresponse.com Open in urlscan Pro
8.34.217.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://leadingresponse.com/
Effective URL:
https://leadingresponse.com/
Submission: On July 21 via api (July 21st 2022, 12:17:25 pm UTC) from CH — Scanned from DE

Summary HTTP 120 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 21 domains to perform 120 HTTP transactions. The main IP is 8.34.217.162, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is leadingresponse.com. The Cisco Umbrella rank of the primary domain is 883955.
TLS certificate: Issued by R3 on May 26th 2022. Valid for: 3 months.

This is the only time leadingresponse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	8.34.217.162 8.34.217.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	65.9.94.123 65.9.94.123	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3034::ac43:9689	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	107.162.156.70 107.162.156.70	55002 (DEFENSE-NET) (DEFENSE-NET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	23.205.237.4 23.205.237.4	16625 (AKAMAI-AS) (AKAMAI-AS)
14	23.253.188.26 23.253.188.26	19994 (RACKSPACE) (RACKSPACE)
7	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:a800:f:496c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
1	107.162.137.162 107.162.137.162	55002 (DEFENSE-NET) (DEFENSE-NET)
2	108.138.17.103 108.138.17.103	16509 (AMAZON-02) (AMAZON-02)
120	29

24 8.34.217.162 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 162.217.34.8.bc.googleusercontent.com

leadingresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lrdevsite2.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.leadingresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-123.prg50.r.cloudfront.net

d31y97ze264gaa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:9689 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.162.156.70 (United States)

ASN55002 (DEFENSE-NET, US)

st1.dialogtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.237.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-237-4.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.253.188.26 (United States)

ASN19994 (RACKSPACE, US)

developer.livehelpnow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:a800:f:496c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

aqua.venusrevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

087-xca-117.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

v40.venusrevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.162.137.162 (United States)

ASN55002 (DEFENSE-NET, US)

st2.dialogtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-103.fra56.r.cloudfront.net

cdn.livehelpnow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	leadingresponse.com 1 redirects leadingresponse.com — Cisco Umbrella Rank: 883955 go.leadingresponse.com	802 KB
16	livehelpnow.net developer.livehelpnow.net — Cisco Umbrella Rank: 33089 cdn.livehelpnow.net — Cisco Umbrella Rank: 40869	113 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	486 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10	23 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	755 B
7	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	139 KB
6	venusrevival.com aqua.venusrevival.com — Cisco Umbrella Rank: 124442 v40.venusrevival.com — Cisco Umbrella Rank: 116651	30 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5701	757 B
5	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 117 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	271 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 344	12 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1888 ka-f.fontawesome.com — Cisco Umbrella Rank: 4402	23 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	18 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3301	6 KB
2	dialogtech.com st1.dialogtech.com — Cisco Umbrella Rank: 12428 st2.dialogtech.com — Cisco Umbrella Rank: 13213	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2907	416 B
1	mktoresp.com 087-xca-117.mktoresp.com	318 B
1	wpengine.com lrdevsite2.wpengine.com
1	cloudfront.net d31y97ze264gaa.cloudfront.net	26 KB
120	21

	Domain	Requested by
23	leadingresponse.com	1 redirects leadingresponse.com
14	developer.livehelpnow.net	leadingresponse.com developer.livehelpnow.net
8	www.google.com	2 redirects leadingresponse.com www.gstatic.com www.google.com
7	www.facebook.com	leadingresponse.com
7	connect.facebook.net	www.googletagmanager.com connect.facebook.net
7	fonts.gstatic.com	leadingresponse.com fonts.googleapis.com www.google.com
7	go.leadingresponse.com	leadingresponse.com go.leadingresponse.com client
5	v40.venusrevival.com	aqua.venusrevival.com leadingresponse.com
5	www.google.de	leadingresponse.com
5	www.googletagmanager.com	leadingresponse.com www.googletagmanager.com aqua.venusrevival.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	bat.bing.com	aqua.venusrevival.com bat.bing.com leadingresponse.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	cdn.livehelpnow.net	developer.livehelpnow.net
2	region1.google-analytics.com	www.googletagmanager.com
2	munchkin.marketo.net	leadingresponse.com munchkin.marketo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	leadingresponse.com go.leadingresponse.com
1	st2.dialogtech.com
1	cdn.polyfill.io	developer.livehelpnow.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	087-xca-117.mktoresp.com	munchkin.marketo.net
1	aqua.venusrevival.com	www.googletagmanager.com
1	st1.dialogtech.com	d31y97ze264gaa.cloudfront.net
1	lrdevsite2.wpengine.com	leadingresponse.com
1	d31y97ze264gaa.cloudfront.net	leadingresponse.com
1	kit.fontawesome.com	leadingresponse.com
120	29

This site contains links to these domains. Also see Links.

Domain
portal.prospectconnect.net
ssdintake.newclient.us
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
leadingresponse.com R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
go.leadingresponse.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.wpengine.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.dialogtech.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.livehelpnow.net Go Daddy Secure Certificate Authority - G2	`2022-05-14` - `2023-06-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.venusrevival.com Amazon	`2022-01-10` - `2023-02-08`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-30` - `2022-11-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://leadingresponse.com/
Frame ID: FFA5B7FCEB963E7D87FA5DF08E6AF3AB
Requests: 101 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9&co=aHR0cHM6Ly9sZWFkaW5ncmVzcG9uc2UuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=dhhgdyv9eej7
Frame ID: E8D9D030AFAB91D173B5F6AF843AEA06
Requests: 7 HTTP requests in this frame

Frame: https://go.leadingresponse.com/index.php/form/XDFrame
Frame ID: A800DAB584845FF054816B10CFF73CDE
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-963740828
Frame ID: 5F64B21478A0C565D48FBADF899955F0
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E279646F07773565BA79BF40EA170D64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lead Generation | Customer Acquisition Marketing | B2C

Page URL History Show full URLs

http://leadingresponse.com/ HTTP 301
https://leadingresponse.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

120
Requests

98 %
HTTPS

64 %
IPv6

21
Domains

29
Subdomains

29
IPs

4
Countries

1977 kB
Transfer

5788 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.prospectconnect.net/
Title: ProspectConnect

Search URL Search Domain Scan URL

URL: https://ssdintake.newclient.us/
Title: LMS

Search URL Search Domain Scan URL

URL: https://www.facebook.com/leadingresponse
Title: Follow

Search URL Search Domain Scan URL

URL: https://twitter.com/leadingresponse
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/leading-response/
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://leadingresponse.com/ HTTP 301
https://leadingresponse.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zEPZYriDIsHt1wa3sZ_YCQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYriDIsHt1wa3sZ_YCQ&cid=CAQSKQCNIrLMngZs2XcIzpbD56xdOhL38Fzk5m8eC0WkQrmEHuiZy-HlGYNC&random=2610680077&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYriDIsHt1wa3sZ_YCQ&cid=CAQSKQCNIrLMngZs2XcIzpbD56xdOhL38Fzk5m8eC0WkQrmEHuiZy-HlGYNC&random=2610680077&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zEPZYvuAIpTBmLAPkLml2Aw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYvuAIpTBmLAPkLml2Aw&cid=CAQSKQCNIrLMtDTC3moZLh50OX2iMTqqfdcg5WlGmHmK2uFGOxOy4cZ2UxDO&random=381496473&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYvuAIpTBmLAPkLml2Aw&cid=CAQSKQCNIrLMtDTC3moZLh50OX2iMTqqfdcg5WlGmHmK2uFGOxOy4cZ2UxDO&random=381496473&resp=GooglemKTybQhCsO&ipr=y&prhg=0

120 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
leadingresponse.com/
Redirect Chain

http://leadingresponse.com/
https://leadingresponse.com/

83 KB
19 KB

1367ms
1021ms

Document
text/html

8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: aa30a32c90b32f4a6db4678d79ab55e4a90ad9e8cd41ee3ea2ae61a9248b41be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 12:17:14 GMT
link: <https://leadingresponse.com/wp-json/>; rel="https://api.w.org/" <https://leadingresponse.com/wp-json/wp/v2/pages/15404>; rel="alternate"; type="application/json" <https://leadingresponse.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 21 Jul 2022 12:17:13 GMT
Keep-Alive: timeout=20
Location: https://leadingresponse.com/
Server: nginx

GET
H2 200 autoptimize_34385793dd498f67eaed7a2334a20201.css
leadingresponse.com/wp-content/cache/autoptimize/css/ 421 KB
51 KB 166ms
165ms Stylesheet
text/css 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: daee2df6c462de1426df7bc82247d5f80a4086aed63de6869b0c070a0a6e3d82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:14 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 19:42:57 GMT
server: nginx
etag: W/"62d85ac1-6930f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 211ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:04:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 12:17:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 12:17:14 GMT

GET
H2 200 jquery.min.js Show response
leadingresponse.com/wp-includes/js/jquery/ 87 KB
31 KB 166ms
166ms Script
application/javascript 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:14 GMT
content-encoding: br
last-modified: Thu, 29 Jul 2021 22:29:40 GMT
server: nginx
etag: W/"61032bd4-15db1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 134ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62454106-1

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a2cfd3ad73e38cfea0c38df89fb72dfc85de2c9a2b21483498a4673730940be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43226
x-xss-protection: 0
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 d37fa30c82.js Show response
kit.fontawesome.com/ 11 KB
4 KB 45ms
24ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/d37fa30c82.js

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f891b4e53daea141e8c11b6f63af4a264fe7e967cd08746c781c5b202c8f9ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:14 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 72e3df5358319a0c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FwO42snA8oOYsR1aAiuh

GET
H2 200 logo.svg
leadingresponse.com/logo/ 10 KB
3 KB 120ms
119ms Image
image/svg+xml 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/logo/logo.svg
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 57585d802db1271ec64ce187fd7d5c97cbacbcc32dfdaf87addf9244549a0f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 20:53:40 GMT
server: nginx
etag: W/"61450054-2816"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 085_LR_Woman_Charts_600px.png
leadingresponse.com/wp-content/uploads/2021/10/ 78 KB
79 KB 123ms
121ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/10/085_LR_Woman_Charts_600px.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c9a722b8564ec43bb2694a40b5ec371b7087fd492424332616f6154afc4307a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Tue, 19 Oct 2021 17:26:56 GMT
server: nginx
etag: "616effe0-139f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 80376

GET
H2 200 64-million-icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 3 KB
3 KB 124ms
122ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/64-million-icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6fac30fb8c0224c40c8ecc53152cf0464d57553ed9fbcde618fc01f69095d6f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-cd1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3281

GET
H2 200 200000-icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 2 KB
2 KB 188ms
186ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/200000-icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: de1e4f0d1db8ca3be36b287ba7d56b1dab4724b13b95f75f40ace37fd7b00ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-853"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2131

GET
H2 200 153-million-icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 3 KB
3 KB 231ms
229ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/153-million-icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b34f65975ceb6f5cb0c385ee3bc8882e813e6a7eb4dd105bb09340c6873c222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-a8a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2698

GET
H2 200 Engage.png
leadingresponse.com/wp-content/uploads/2021/04/ 23 KB
23 KB 242ms
241ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Engage.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 37f15bd223fd93a83b90e1d42000a43c6e17d7c09b12b6f8df6105600c767006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-5ab8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23224

GET
H2 200 Diversify.png
leadingresponse.com/wp-content/uploads/2021/04/ 23 KB
23 KB 244ms
243ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Diversify.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 43c347f2b6d2ddda8d4d024879064087f994c7ace26ba10b8cfb79bd4181bb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-5b63"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23395

GET
H2 200 Target.png
leadingresponse.com/wp-content/uploads/2021/04/ 17 KB
17 KB 244ms
243ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Target.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: f79e4fc455de6549c3bf64585b06a15a91919b5730ccfc1dd65bcb61ca5c0c88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-444e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17486

GET
H2 200 forms2.min.js Show response
go.leadingresponse.com/js/forms2/js/ 206 KB
69 KB 268ms
30ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 21:04:07 GMT
server: cloudflare
age: 215
etag: "1d41315-3391f-5e16ebec83fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 72e3df569a789182-FRA
vary: Accept-Encoding
expires: Thu, 21 Jul 2022 16:17:15 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 141ms
55ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8be5760b4c5fac3be570a673b887c25c805c0d1db87b25d90f22a7204d45aad1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 autoptimize_400da7a94d1ca504d25568404e3d2406.css
leadingresponse.com/wp-content/cache/autoptimize/css/ 87 KB
12 KB 245ms
244ms Stylesheet
text/css 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_400da7a94d1ca504d25568404e3d2406.css
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 16:09:22 GMT
server: nginx
etag: W/"62d828b2-15b64"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 autoptimize_1055a9c59a0f6cc6ae2e9cb2f7520879.js Show response
leadingresponse.com/wp-content/cache/autoptimize/js/ 491 KB
119 KB 244ms
243ms Script
application/javascript 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/wp-content/cache/autoptimize/js/autoptimize_1055a9c59a0f6cc6ae2e9cb2f7520879.js
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 655b7be9d38d6be4547f1da43d63cb813baa229749f21348126dc734898a3ad2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
last-modified: Wed, 20 Jul 2022 16:09:24 GMT
server: nginx
etag: W/"62d828b4-7ad38"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 183ms
102ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P4XGS4V

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b837f1cbe9fc6dcc826a3b3b8d925727bfb2ee300f5a70d2053953afe50a507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69141
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H/1.1 200
OK st.js Show response
d31y97ze264gaa.cloudfront.net/assets/st/js/ 68 KB
26 KB 93ms
39ms Script
application/javascript 65.9.94.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-123.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 578a6a6e76d78cbdb5c4aa5b475c20f71ec0a8b6e277423c6ae9d139271d2275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 12:17:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 16:40:59 GMT
Server: AmazonS3
Age: 46
ETag: W/"3ada7e792244a7508ebe96ee72971ce6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Cf-Id: NyCI-btCtLr3S4JPZ_pwP81nPcSyTvflJY3C7qzy9-ZtNceOov23Xg==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 57ms
32ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=d37fa30c82
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d37fa30c82.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGHzm3JntJNJb9E1e%2Fv2a4Pu3AUB8vZOUGOuEyR%2BMrtjJNVHikQKlr%2BV4lFSOFAxIcxNzv4D%2BpGc%2BIAZuktqpCYI2psZAAM6rPqIdWv%2BzIhGfnPaGBNPGE5RlsdzGJIA4BNsAIYIG5b4rxvbcn3vZlRbUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 72e3df55aec09944-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: HltSRlfTvw0epksltMVCU1ho8zKZwEvz5dnOve6oBhCtssQZ-03bpg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 51ms
26ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=d37fa30c82
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d37fa30c82.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjKeks0TJ56HEVopEuFanExw%2FQUepGD69tccZEXBDuz039l78RhknJaWLV%2B44W83tc5yqU%2BFrOXPJG%2FmMViCKneJtW4Gzhsdy6BOOYenvP2cdtVoJzIxptu2FHGr%2Blhb6P6BEaLQQ90stLL8dOxqTTaKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 72e3df55aec49944-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ySdcfza0C35b3Tndq7a9zAuZPXVn4iQlzTqQVpfsOlOEBpuNg1VUtQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 58ms
33ms Fetch
text/css 2606:4700:3034::ac43:9689
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=d37fa30c82
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d37fa30c82.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23e21G2x83peFgMJCmVNobvxlFJnH0Du4Ghmh8T%2BvMrZjztaVOpTbgH5VuEum5Wm2Zj%2Fw8DkUi42xLgt1ZkoHVSGMrShYcPpHtyxOntWQnmQ9aYB3q0BY9IvLPmBrVtt64cx4MOVTt5RseTqrnqCOcybdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 72e3df55aec19944-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: dq4eBots03mSDaM9H5r6Pp_ONw0XNp6zykSMwDiH03F1MWpedDB_Jg==

GET
H2 200 modules.ttf
leadingresponse.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 308ms
308ms Font
application/octet-stream 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://leadingresponse.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Wed, 13 Jul 2022 19:56:54 GMT
server: nginx
etag: "62cf2386-168f0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92400

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 22 KB
22 KB 177ms
93ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922297c4e207dae08affdbc21f34329d67f4ed482f5bdecb2369381a3b5eab66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 12:47:13 GMT
x-content-type-options: nosniff
age: 257402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22096
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 12:47:13 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 109ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 218706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:32:09 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKd3vXDZbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 27 KB
27 KB 172ms
124ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKd3vXDZbtM.woff2

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

663860de22641fbc02f5a2e46506bfac760260f572eb0208ae8409d5cdceaa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 13:53:31 GMT
x-content-type-options: nosniff
age: 167024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27396
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 13:53:31 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 22 KB
22 KB 157ms
109ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4uaVI.woff2

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c08d7c49a111ea1ac330a898d224dd524659476cf9962f04c6e75ca81901aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 243143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22148
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H2 206 LRSPHypeVideo_v06-SD.mp4
lrdevsite2.wpengine.com/wp-content/uploads/2021/11/ 784 KB
0 510ms
155ms Media
video/mp4 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lrdevsite2.wpengine.com/wp-content/uploads/2021/11/LRSPHypeVideo_v06-SD.mp4
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://leadingresponse.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 12 Nov 2021 16:47:04 GMT
server: nginx
access-control-allow-origin: *
etag: "618e9a88-d6b2a1"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-14070432/14070433
cache-control: public, max-age=31536000
Content-Length: 14070433

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 The-Hype-sm.jpg
leadingresponse.com/wp-content/uploads/2021/11/ 109 KB
109 KB 242ms
241ms Image
image/jpeg 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/11/The-Hype-sm.jpg
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 26d8e1370145947a84e9e5aa26d5a804477bcb429cf3dc726151c9e38cae774d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 12 Nov 2021 19:40:22 GMT
server: nginx
etag: "618ec326-1b45c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 111708

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDZbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 25 KB
25 KB 152ms
137ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDZbtM.woff2

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/wp-content/cache/autoptimize/css/autoptimize_34385793dd498f67eaed7a2334a20201.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca069f748623efba1a88a6b9d3cb8c8de7c3df14db4d7672bae370968915dadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 14:00:56 GMT
x-content-type-options: nosniff
age: 166579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25652
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 14:00:56 GMT

GET
H2 200 Pre-Qualify.png
leadingresponse.com/wp-content/uploads/2021/04/ 30 KB
30 KB 209ms
209ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Pre-Qualify.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce7810c4c41545811340a70a02569b2e6f5cd5b0f9cf0fcade26e4ddcf000775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-7711"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30481

GET
H2 200 Connect.png
leadingresponse.com/wp-content/uploads/2021/04/ 23 KB
24 KB 209ms
209ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Connect.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 93413bf3098bf6e6bbfee2d3aeb2896d9170469de241809688c8c7ace5029b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-5dc3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 24003

GET
H/1.1 200
OK / Show response
st1.dialogtech.com/st/ 255 B
837 B 441ms
394ms Script
application/javascript 107.162.156.70
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://st1.dialogtech.com/st/?_stk=bb72fd1f7af1666ad20aaecc5816b261d16ea5c3&dr=&dl=https%3A%2F%2Fleadingresponse.com%2F&dt=Lead%20Generation%20%7C%20Customer%20Acquisition%20Marketing%20%7C%20B2C&vp=1600x1200&sr=1600x1200&cb=1658405835272&stv=38
Requested by: Host: d31y97ze264gaa.cloudfront.net
URL: https://d31y97ze264gaa.cloudfront.net/assets/st/js/st.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.156.70 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: 05763d226205555b40ff1db69d6eea4c63c2247d6809ad10c7f961c3879ab707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 12:17:15 GMT
Via: 1.1 fra1-bit6007
Last-Modified: Thu Jul 21 2022 12:17:15 GMT+0000 (Coordinated Universal Time)
Vary: Origin
Content-Type: application/javascript
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 255
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EK6L44MVYR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62454106-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff4c60088304e1e85772de9a7cb198907ef3ef4feee3c15ea5b11e40a6317f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73018
x-xss-protection: 0
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 99ms
29ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62454106-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4515
date: Thu, 21 Jul 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 13:02:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:08:27 GMT

GET
H2 200 Legal-Icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 3 KB
4 KB 161ms
160ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Legal-Icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 50f5c84810542c7cd5f68cac56e43b0b443808f723014ee2384af860f12459d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-d38"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3384

GET
H2 200 Financial-Icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 2 KB
3 KB 161ms
160ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Financial-Icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 90c01066546375e305933b42a539b57dc816fd02587521c93ecab0139d5fa10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-9f5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2549

GET
H2 200 Medical-Icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 4 KB
4 KB 161ms
160ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Medical-Icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5420f07ab91995f85477ba4c9a08c5384b34fce5bbf4653a98163f51e8632e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-eec"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3820

GET
H2 200 Senior-Icon.png
leadingresponse.com/wp-content/uploads/2021/04/ 4 KB
4 KB 161ms
161ms Image
image/png 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/wp-content/uploads/2021/04/Senior-Icon.png
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0fe2a169aad66b926fc07591bef502fb16317d65164fecdcbc792dbac5f1252e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Thu, 29 Jul 2021 22:29:42 GMT
server: nginx
etag: "61032bd6-103f"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4159

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 38ms
7ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 12:17:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK lhn-jssdk-current.min.js Show response
developer.livehelpnow.net/js/sdk/ 160 KB
38 KB 450ms
112ms Script
text/javascript 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 43febfce8227387b778606a5177b01101e6447a25a1c4f137a886ba0d49d2c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
server: Cowboy
etag: "79E0B09"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 38803

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4XGS4V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: Znno2/UvetsrKPfU/W/k1VNit7OPF3mp5VrzlOWA/VUm7reLQXbBZHpG8ztHKrG32Kqaa0ZdxM4PcTNiwJTaTw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 108ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EK6L44MVYR&gtm=2oe7i0&_p=161090165&_z=ccd.v9B&cid=1632781737.1658405835&ul=en-us&sr=1600x1200&_s=1&sid=1658405835&sct=1&seg=0&dl=https%3A%2F%2Fleadingresponse.com%2F&dt=Lead%20Generation%20%7C%20Customer%20Acquisition%20Marketing%20%7C%20B2C&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EK6L44MVYR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leadingresponse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clicktrue_invocation.js Show response
aqua.venusrevival.com/ 76 KB
28 KB 203ms
103ms Script
text/javascript 2600:9000:2127:a800:f:496c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4XGS4V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:a800:f:496c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: af339764be0addccd6f44b529a8755c6aa53f31b71a08e0f00259977ceb8f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
server: Caddy
age: 15287
etag: "13045-m531/wEvwryDt67sc+M5u8rCxE8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 df0aa1ee2f3a5b8f1aa2a31aa4b7db86.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: PRG50-C1
content-length: 28310
x-amz-cf-id: 0ywjGvVjT5eg-Dl1WxdvthUg9pmIvfky1imPMoYHtUSoPutQznOZ9w==
expires: Thu, 21 Jul 2022 20:02:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 105ms
39ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=161090165&t=pageview&_s=1&dl=https%3A%2F%2Fleadingresponse.com%2F&ul=en-us&de=UTF-8&dt=Lead%20Generation%20%7C%20Customer%20Acquisition%20Marketing%20%7C%20B2C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=1972059492&gjid=373450331&cid=1632781737.1658405835&tid=UA-62454106-1&_gid=1085976945.1658405835&_r=1&gtm=2ou7i0&did=dZTNiMT&gdid=dZTNiMT&z=1642499254

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://leadingresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leadingresponse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 8ms
8ms Script
application/x-javascript 23.205.237.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.237.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-237-4.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 12:17:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Sat, 29 Oct 2022 12:17:15 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.65

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: OPQba+Q3lDAYDfhBM8QPte0DNDUqxXA3XjUgP6qTHDqbFecBRA5ynwIbdQAFoKPeda471Io9klbLQXsx3u4p+g==
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 373918860218574 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 146ms
137ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/373918860218574?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

682dd25391cc587ed34b914e79ca2510f96f0e8447fe0359e5344b55eae413e2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dJfJNGKx4OQct/KTbNmMY/YxghONKzMJueGMqUzCoGjVlpreNaFnFcUgR1qqfkf9QnWPMhQf/YMVk9ZqOQ0F9Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658405835609
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
087-xca-117.mktoresp.com/webevents/ 2 B
318 B 493ms
106ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://087-xca-117.mktoresp.com/webevents/visitWebPage?_mchNc=1658405835470&_mchCn=&_mchId=087-XCA-117&_mchTk=_mch-leadingresponse.com-1658405835470-76958&_mchHo=leadingresponse.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 12:17:15 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 146c98c0-e926-4a29-843c-5018f977b3db

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62454106-1&cid=1632781737.1658405835&jid=1972059492&gjid=373450331&_gid=1085976945.1658405835&_u=YCDACUAABAAAAC~&z=789300121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://leadingresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jul 2022 12:17:15 GMT
content-type: text/plain
access-control-allow-origin: https://leadingresponse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 153ms
77ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62454106-1&cid=1632781737.1658405835&jid=1972059492&_u=YCDACUAABAAAAC~&z=1636266417

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 160ms
77ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-62454106-1&cid=1632781737.1658405835&jid=1972059492&_u=YCDACUAABAAAAC~&z=1636266417

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getForm Show response
go.leadingresponse.com/index.php/form/ 6 KB
2 KB 76ms
76ms Script
application/javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.leadingresponse.com/index.php/form/getForm?munchkinId=087-XCA-117&form=2409&url=https%3A%2F%2Fleadingresponse.com%2F&callback=jQuery112407996495361200082_1658405835353&_=1658405835354
Requested by: Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95b2114adb0b31440cd3415304512153fc81e607a0122ab8a98249aabee861a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 72e3df58ff4f9182-FRA
cached: true

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E8D9 42 KB
21 KB 78ms
59ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9&co=aHR0cHM6Ly9sZWFkaW5ncmVzcG9uc2UuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=dhhgdyv9eej7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b44fe7e670e77ce283aa41a0edcbc1698c617de2a41177ddb7099723d9dc389

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-61aF6X4ox3AlrVuNAIg6fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leadingresponse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21921
content-security-policy: script-src 'report-sample' 'nonce-61aF6X4ox3AlrVuNAIg6fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 12:17:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 246749386995203 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/246749386995203?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caa22b213cb02b6e0f7e68783fe3576033dc402575aff4f1bdbf2ad61be6afe5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: LF4IFqpjgPYknDXKATD3I4S4rDO2W7VgbnbngPTP79ewevIsDnrLOgZIiY6l6zDgla4Ue1G/VIBNFakZ+bZafQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658405835763
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=373918860218574&ev=PageView&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835726&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1658405835726.917683602&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 ct Show response
v40.venusrevival.com/ 4 KB
2 KB 385ms
155ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v40.venusrevival.com/ct?id=14513&url=https%3A%2F%2Fleadingresponse.com%2F&sf=0&tpi=&ch=leadingresponse.com&uvid=&tsf=0&tsfmi=&tsfu=&cb=1658405835818&hl=2&op=0&ag=1430668721&rand=93719810228117755026106008002170740651471281826497965017200594975018505&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDUxMDJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozMTQ5OTU4Mjg1LFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDcsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstMSwiLSJdLFstMiwiNixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNjMyNzgxNzM3LjE2NTg0MDU4MzUiXSxbLTIxLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjMxMDAwMDAsXCJ1amhzXCI6MTgyMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjEsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjU4NDA1ODM1NzczLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDI0MCwwLDEsMCwwLDM0NiwxMDI5LC0xLDAsMjAxNC45LDIwMTQuOSwyNjM1LDI2MzUiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWyJkZGIiLCIwLDYsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwwLDAsMSwwLDAsMCwwLDIsMjgsMCwxMSwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsNzBdLFsiYWJuY2giLDcwXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=WvldIq5Jai&pto=2680&ver=46&gac=1632781737.1658405835&mei=&ap=&duid=1.1658405835.2CJi37nSN29Y3u3e&suid=1.1658405835.bbDZznUntUSXqKcT&tuid=1.1658405835.48o6BZUnvYulacK2&fbc=1.1658405835726.917683602&gtm=W10%3D&it=50%2C2303%2C210&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 51905dc16188077b43c60272e62fa64cc6185e033ba93343d2f22df9956b0431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E8D9 51 KB
24 KB 111ms
37ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9&co=aHR0cHM6Ly9sZWFkaW5ncmVzcG9uc2UuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=dhhgdyv9eej7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:08:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:08:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame E8D9 366 KB
145 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:08:27 GMT

GET
H2 200 forms2.css
go.leadingresponse.com/js/forms2/css/ 13 KB
3 KB 33ms
32ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/js/forms2/css/forms2.css

Requested by

Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 215
content-length: 2623
last-modified: Tue, 14 Jun 2022 21:04:07 GMT
server: cloudflare
etag: "1d41317-3437-5e16ebec83fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72e3df5a09339182-FRA
expires: Thu, 21 Jul 2022 16:17:15 GMT

GET
H2 200 forms2-theme-plain.css
go.leadingresponse.com/js/forms2/css/ 828 B
344 B 30ms
29ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 215
content-length: 246
last-modified: Tue, 14 Jun 2022 21:04:07 GMT
server: cloudflare
etag: "4e0c73-33c-5e16ebec83fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 72e3df5a09369182-FRA
expires: Thu, 21 Jul 2022 16:17:15 GMT

GET
H3 200 css
fonts.googleapis.com/ 664 B
356 B 128ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:00:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 12:17:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 transparentform.css
go.leadingresponse.com/rs/087-XCA-117/images/ 3 KB
1 KB 398ms
397ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/rs/087-XCA-117/images/transparentform.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd3f9f7325ed56cc64e9c3a3ea08c2efaacf465caf14f9ce48f82698e2852a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 25 Jun 2022 02:52:45 GMT
server: cloudflare
etag: "c606aa-daa-5e23cc80a95c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 72e3df5a09389182-FRA
content-length: 947
expires: Thu, 21 Jul 2022 12:18:16 GMT

GET
H3 200 3954216254689363 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 42ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3954216254689363?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3f97dd00a3173084ba741c0191c1559d7aaa94420d0f235d211b56cf9b62eee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: OAtGb8S/9Kuu9LMnmWYF18T+sqnb8z5Uo9eyHBimkda7y3curoq6B48DlkFNNn+kk0MElihXxfbCYVM06tTgIQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658405835879
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=246749386995203&ev=PageView&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835842&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H3 200 528674275114023 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 46ms
46ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528674275114023?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a3e164a7b0590507187322abd4a06ef7f1cb3de3b03b993041bc6c91cb31d51

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: cEkIknnpAEjU5Qyob7TDalZuXVXR7H8jbREzan9DPfBhXs/96nVQgidEZ7JynGpsmfGbj/Ib1A8MnrKX/7hljA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658405835928
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3954216254689363&ev=PageView&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835886&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H2 200 XDFrame Show response
go.leadingresponse.com/index.php/form/ Frame A800 2 KB
891 B 138ms
137ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/index.php/form/XDFrame

Requested by

Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f55ddf815f9f4c258c1e25dc73ffc5935e7e9f6662a1c9024dce69932a5f08e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://leadingresponse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 72e3df5a9a859182-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Jul 2022 12:17:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 549919836208998 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 49ms
49ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549919836208998?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfb474586f9689a655563a355af3005939f3bdb32004572ff209471ce7b1675e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 449Knz76bQ++huxNf4b6q4w/+c5VFgp2eDXjvBXbYeVPsvunKLBJCykI+QeJAuLVgW13a8e7Oga2WVxLqlIZOQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 21 Jul 2022 12:17:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658405835981
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528674275114023&ev=PageView&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835935&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 12:17:15 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549919836208998&ev=PageView&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835994&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=373918860218574&ev=ViewContent&dl=https%3A%2F%2Fleadingresponse.com%2F&rl=&if=false&ts=1658405835996&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1658405835726.917683602&it=1658405835466&coo=false&tm=1&exp=u0&rqm=GET

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E8D9 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 148648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 26 Jul 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E8D9 15 KB
15 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 176351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Jul 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E8D9 15 KB
15 KB 126ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 148648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Jul 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E8D9 102 B
132 B 45ms
44ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBU1ocAAAAAPQGo3n5hqukLIuEjex8VgHDhdd9&co=aHR0cHM6Ly9sZWFkaW5ncmVzcG9uc2UuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=dhhgdyv9eej7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H2 200 forms2.min.js Show response
go.leadingresponse.com/js/forms2/js/ Frame A800 206 KB
69 KB 33ms
33ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.leadingresponse.com/js/forms2/js/forms2.min.js

Requested by

Host: go.leadingresponse.com
URL: https://go.leadingresponse.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.leadingresponse.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 14 Jun 2022 21:04:07 GMT
server: cloudflare
age: 216
etag: "1d41315-3391f-5e16ebec83fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 72e3df5bbc6b9182-FRA
vary: Accept-Encoding
expires: Thu, 21 Jul 2022 16:17:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 72ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 29552A56676B4E8DACDDF216509AF39D Ref B: FRAEDGE1219 Ref C: 2022-07-21T12:17:16Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 21 Jul 2022 12:17:16 GMT
accept-ranges: bytes
content-length: 11360

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5F64 115 KB
45 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-963740828

Requested by

Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

359f50aaf5ac576c0001712e96c297d0d9ca8e72e46584ad19d5620baa8b27d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45699
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5F64 115 KB
45 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-966239417

Requested by

Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d3d328e55622b50a4a05d50a4ff6e78ad8371b7a422052f60eb5e640741fec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45698
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H2 200 tc_imp.gif
v40.venusrevival.com/tracker/ 43 B
79 B 114ms
114ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v40.venusrevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136fe6c335ef4f899b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f15886c2417071a10acf9f29f671bd6d1d8017e3a13ab7e230cd1338c37c606610075c753560a37070d90ea391a77be26bb25cb43e2916af05165ad5f2f7a1bda53ec40f4c1d7de3cbb2807ff7ecaa8556d8e0e3143714493d60262a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a5978677a0d8de5ceb489d5b3a72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da9971031bddba8228904fd4fe6851e974a9e9a7d906e66c29e218d6796dbeba19df3f1477fe425b4bafd2a4d26f9913f82be50eb0102419457459a8c84cbc7f78935d82dc18cb88469e9307a398b356bdad497496788bb3deb11e0905c9b7bef25131a0f8276be4d84878858f8c978c75cbfdc929b708d191c3bb31e04547a4e6ed7ab73f41d948cc964a49425a5d022dd81eff5718aa0e04e747384f85908daba061a4cb4e0e120fd6dcbae05b0be3cb86efe2389418345a4f4659244639dfa806c2d3e6600280c5416ade28b72d304b24d4a432cf0b74acd840a5aaccb83e3e9328694b0ee8ceaaeef4a4939f34386b3516d8644671dc96a5c766afe78a9761bd0f7d321d672dd4e8ab72fcfbe119a78063d2307740f81c6e4da2066539a1c5988d0dfbfacd750039eaca07b96cd1e67ca8657653deb9bcb573fb62180579b1ae6379817c5ca6082e331e5c5ebac9a4e0beca53836906ab4cef5f2428e6626171b956e4658b5a35a87ef11d4cbc9bc3e87d9e26d4a5224d67cd056ce47ae932dd36b17334b287c61e05c8b893755bc67c3a2eb31d1904bfe1e16f1571569c3b9827158fc6de7cc508c153b6b27a0296ec6f6c562cb4b2cc3c66ae1ad81a0d319830302301fa4267911c9dd&cri=WvldIq5Jai&ts=406&cb=1658405836224
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E279 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://leadingresponse.com
Referer: https://leadingresponse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://leadingresponse.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 12:17:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 204 136000088.js Show response
bat.bing.com/p/action/ 0
118 B 141ms
140ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/136000088.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96784C67B40A4ECEB5B51B70F2BDDA4E Ref B: FRAEDGE1219 Ref C: 2022-07-21T12:17:16Z
date: Thu, 21 Jul 2022 12:17:16 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 37ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136000088&Ver=2&mid=eea3fc13-db42-4943-9746-e2301ebdcbdd&sid=0f2924c008ef11ed82a745973532c1e4&vid=0f29535008ef11ed92995b5dcd03c777&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Lead%20Generation%20%7C%20Customer%20Acquisition%20Marketing%20%7C%20B2C&p=https%3A%2F%2Fleadingresponse.com%2F&r=&lt=2511&evt=pageLoad&msclkid=N&sv=1&rn=335817

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19D77ECB3AFF4741AF5069CBE62C5A46 Ref B: FRAEDGE1219 Ref C: 2022-07-21T12:17:16Z
date: Thu, 21 Jul 2022 12:17:16 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=136000088&Ver=2&mid=eea3fc13-db42-4943-9746-e2301ebdcbdd&sid=0f2924c008ef11ed82a745973532c1e4&vid=0f29535008ef11ed92995b5dcd03c777&vids=0&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1600&sh=1200&sc=24&evt=custom&msclkid=N&rn=640577

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 50AC60F455AE4F0EA3CDE20CB4727340 Ref B: FRAEDGE1219 Ref C: 2022-07-21T12:17:16Z
date: Thu, 21 Jul 2022 12:17:16 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 5F64 40 KB
15 KB 121ms
44ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-966239417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 12:17:16 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963740828/ Frame 5F64 2 KB
2 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963740828/?random=1658405836482&cv=9&fst=1658405836482&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f057afe0ed0d14f006e07b4edb80049b6233684e8d84079b16edfa4f4e72882d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/963740828/ Frame 5F64 2 KB
1 KB 130ms
67ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/963740828/?random=1658405836485&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

57668bf852d6fdb17170fa0122fae619307fdc0240586d02cb75e363e38023ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966239417/ Frame 5F64 2 KB
1 KB 130ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966239417/?random=1658405836488&cv=9&fst=1658405836488&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1480104490266f200cfd0f2b4dce59b9af7bd7ad4365b49ce73be77a2e9cbcd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/966239417/ Frame 5F64 2 KB
1 KB 125ms
66ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/966239417/?random=1658405836489&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8d21c1e9b37e328bddf001063f49efca753311a6b7e70c7887288a2c14d38afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/966239417/ Frame 5F64
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

58ms
58ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYriDIsHt1wa3sZ_YCQ&cid=CAQSKQCNIrLMngZs2XcIzpbD56xdOhL38Fzk5m8eC0WkQrmEHuiZy-HlGYNC&random=2610680077&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/966239417/?random=1728547152&cv=9&fst=1658405836489&num=1&label=oUDaCIOHlfoCELnJ3swD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYriDIsHt1wa3sZ_YCQ&cid=CAQSKQCNIrLMngZs2XcIzpbD56xdOhL38Fzk5m8eC0WkQrmEHuiZy-HlGYNC&random=2610680077&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/963740828/ Frame 5F64
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

54ms
54ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYvuAIpTBmLAPkLml2Aw&cid=CAQSKQCNIrLMtDTC3moZLh50OX2iMTqqfdcg5WlGmHmK2uFGOxOy4cZ2UxDO&random=381496473&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/963740828/?random=1596520732&cv=9&fst=1658405836485&num=1&label=pzjNCNTHwfoCEJyJxssD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&gtm_ee=1&auid=1669407886.1658405836&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zEPZYvuAIpTBmLAPkLml2Aw&cid=CAQSKQCNIrLMtDTC3moZLh50OX2iMTqqfdcg5WlGmHmK2uFGOxOy4cZ2UxDO&random=381496473&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/963740828/ Frame 5F64 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963740828/?random=1658405836482&cv=9&fst=1658404800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&async=1&fmt=3&is_vtc=1&random=179400457&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/963740828/ Frame 5F64 42 B
64 B 127ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963740828/?random=1658405836482&cv=9&fst=1658404800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&async=1&fmt=3&is_vtc=1&random=179400457&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/966239417/ Frame 5F64 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966239417/?random=1658405836488&cv=9&fst=1658404800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&async=1&fmt=3&is_vtc=1&random=1224018764&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/966239417/ Frame 5F64 42 B
64 B 126ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966239417/?random=1658405836488&cv=9&fst=1658404800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7i0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fleadingresponse.com%2F&async=1&fmt=3&is_vtc=1&random=1224018764&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: leadingresponse.com
URL: https://leadingresponse.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lhn-jquery-3.5.1.min.js Show response
developer.livehelpnow.net/js/ 87 KB
31 KB 111ms
111ms Script
text/javascript 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/js/lhn-jquery-3.5.1.min.js
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: ef07f5edf74062cd3a86de8cd8cd51e95c09995df0f878290b9dc3b1608fba90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
server: Cowboy
etag: "7168E74"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 31060

GET
H2 200 logo.svg
leadingresponse.com/logo/ 10 KB
3 KB 117ms
117ms Image
image/svg+xml 8.34.217.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leadingresponse.com/logo/logo.svg
Requested by: Host: leadingresponse.com
URL: https://leadingresponse.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.34.217.162 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 162.217.34.8.bc.googleusercontent.com
Software: nginx /
Resource Hash: 57585d802db1271ec64ce187fd7d5c97cbacbcc32dfdaf87addf9244549a0f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: br
last-modified: Fri, 17 Sep 2021 20:53:40 GMT
server: nginx
etag: W/"61450054-2816"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v3/ 101 B
416 B 44ms
21ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v3/polyfill.min.js?features=default,Array.prototype.includes,Array.prototype.find
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 20:21:39 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/103.0.0
server-timing: cache-hhn4021, PASS, fastly;desc="Edge time";dur=15
accept-ranges: bytes
content-length: 94

GET
H/1.1 200
OK / Show response
developer.livehelpnow.net/oauth/token/ 589 B
830 B 130ms
129ms XHR
application/json 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/oauth/token/?client_id=cc10c744-8ac4-474e-a15a-34f82255aa3c&client_secret=71ef25217313435fbf0513d8fb8b917466423a1aff554148be&grant_type=client_credentials
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/lhn-jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: c84140da167ece69afa3848c7421c570ee79803068181eb32cc6128a245b60db

Request headers

Accept: */*
Referer: https://leadingresponse.com/
Authorization: Bearer null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:16 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 450
x-request-id: FwPXUpZgeij3jUkGgZ_k

OPTIONS
H/1.1 204
No Content /
developer.livehelpnow.net/oauth/token/ Frame 0
0 455ms
117ms Preflight 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/oauth/token/?client_id=cc10c744-8ac4-474e-a15a-34f82255aa3c&client_secret=71ef25217313435fbf0513d8fb8b917466423a1aff554148be&grant_type=client_credentials
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://leadingresponse.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 21 Jul 2022 12:17:16 GMT
server: Cowboy

POST
H2 200 mon Show response
v40.venusrevival.com/ 0
149 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v40.venusrevival.com/mon
Requested by: Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leadingresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leadingresponse.com
date: Thu, 21 Jul 2022 12:17:17 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H/1.1 200
OK log
st2.dialogtech.com/st/ 43 B
784 B 337ms
279ms Image
image/gif 107.162.137.162
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st2.dialogtech.com/st/log?_stlu=1&bid=0ec5bf80-08ef-11ed-9f27-132662f78b3f&pid=0ec87ea0-08ef-11ed-9f27-132662f78b3f&stn=&ua=UA-62454106-1&uac=1632781737.1658405835&_stk=bb72fd1f7af1666ad20aaecc5816b261d16ea5c3&stv=38&cb=1658405837273&r=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.162.137.162 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 12:17:17 GMT
Via: 1.1 fra1-bit20
Cache-Control: public, max-age=86400
Content-Length: 43
Connection: keep-alive
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
developer.livehelpnow.net/api/ui/hoc/6cc57e50-f68a-4868-ac24-3cbfe23d798f/init/ 1 KB
1 KB 146ms
146ms XHR
application/json 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/api/ui/hoc/6cc57e50-f68a-4868-ac24-3cbfe23d798f/init/?current_url=https%3A%2F%2Fleadingresponse.com%2F
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/lhn-jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 3b6f100d6c61f6bb114857ee3914a038937665153595820905c27540dac127bf

Request headers

Accept: */*
Referer: https://leadingresponse.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ2aXNpdG9yIiwiZG9tYWluIjoiIiwiZXhwIjoxNjU4NDkyMjM3LCJpYXQiOjE2NTg0MDU4MzcsImlzcyI6eyJhcHAiOiJqc19zZGsiLCJjbGllbnQiOjIxODUyLCJjbGllbnRfbGV2ZWwiOiJiYXNpYyIsImxobnhfZmVhdHVyZXMiOltdLCJ2aXNpdG9yX3RyYWNraW5nIjp0cnVlfSwianRpIjoiNGU5YjlhOGUtZTEyNS00ZjI2LTlmODItODRjNDVhMDAzYjI0IiwicmVzb3VyY2UiOnsiaWQiOm51bGwsInR5cGUiOiJFbGl4aXIuTGhuRGIuTW9kZWwuQ29yZS5WaXNpdG9yIn19.fz6n1b5aEHVKykmp3HHJFcqEeZHRuQBAU0h6jaXvoGQ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 646
x-request-id: FwPXUqUuNdjpMzEGFxUm

OPTIONS
H/1.1 204
No Content /
developer.livehelpnow.net/api/ui/hoc/6cc57e50-f68a-4868-ac24-3cbfe23d798f/init/ Frame 0
0 113ms
113ms Preflight 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/api/ui/hoc/6cc57e50-f68a-4868-ac24-3cbfe23d798f/init/?current_url=https%3A%2F%2Fleadingresponse.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://leadingresponse.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 21 Jul 2022 12:17:17 GMT
server: Cowboy

OPTIONS
H/1.1 204
No Content /
developer.livehelpnow.net/api/visitor/init/ Frame 0
0 330ms
113ms Preflight 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/api/visitor/init/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://leadingresponse.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 21 Jul 2022 12:17:17 GMT
server: Cowboy

GET
H/1.1 200
OK blue.css
developer.livehelpnow.net/css/modern/ 3 KB
1 KB 113ms
113ms Stylesheet
text/css 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/css/modern/blue.css
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 580c35757b3e1f9906c5d832d4f1b1f23aec020dab71d95f2c814fd942360ac5

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "1642293"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 722

GET
H/1.1 200
OK opensans.css
developer.livehelpnow.net/css/fonts/ 13 KB
2 KB 228ms
114ms Stylesheet
text/css 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/css/fonts/opensans.css
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 716e593c25d67588231d7b7e8bd719eadb45d68fc18e1d4fe0fe4267fc41f61f

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "4F8D2E"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1414

GET
H/1.1 200
OK button.css
developer.livehelpnow.net/css/modern/ 5 KB
2 KB 330ms
111ms Stylesheet
text/css 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/css/modern/button.css
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 65e8a5f4b2fdf876a06d7329c63baeac81baa67fde47122acd23fdb282b7dd02

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "6C8E7ED"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1350

GET
H/1.1 200
OK hoc.css
developer.livehelpnow.net/css/modern/ 48 KB
11 KB 332ms
112ms Stylesheet
text/css 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/css/modern/hoc.css
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 0682466341be9b78ed8820bb10b8cebaafa671bf3dfbe3bc6b74e871e0972e2d

Request headers

Referer: https://leadingresponse.com/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "506D553"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10824

POST
H/1.1 200
OK / Show response
developer.livehelpnow.net/api/visitor/init/ 666 B
901 B 212ms
212ms XHR
application/json 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/api/visitor/init/
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/lhn-jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: cbaf625521534c080f8f81ed4da67ef2e9d722f0f841bc5473570dd5feb8fc90

Request headers

Accept: */*
Referer: https://leadingresponse.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ2aXNpdG9yIiwiZG9tYWluIjoiIiwiZXhwIjoxNjU4NDkyMjM3LCJpYXQiOjE2NTg0MDU4MzcsImlzcyI6eyJhcHAiOiJqc19zZGsiLCJjbGllbnQiOjIxODUyLCJjbGllbnRfbGV2ZWwiOiJiYXNpYyIsImxobnhfZmVhdHVyZXMiOltdLCJ2aXNpdG9yX3RyYWNraW5nIjp0cnVlfSwianRpIjoiNGU5YjlhOGUtZTEyNS00ZjI2LTlmODItODRjNDVhMDAzYjI0IiwicmVzb3VyY2UiOnsiaWQiOm51bGwsInR5cGUiOiJFbGl4aXIuTGhuRGIuTW9kZWwuQ29yZS5WaXNpdG9yIn19.fz6n1b5aEHVKykmp3HHJFcqEeZHRuQBAU0h6jaXvoGQ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 521
x-request-id: FwPXUsJjRMZA5MQGcX2F

GET
H/1.1 200
OK button-closer.svg
developer.livehelpnow.net/images/ 553 B
725 B 112ms
111ms Image
image/svg+xml 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://developer.livehelpnow.net/images/button-closer.svg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 1428c76fe21c9f3b2b01e4252dab7c1a8ac1f272c635369dabd37101414cb15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "6FE4470"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 372

GET
H/1.1 200
OK k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
cdn.livehelpnow.net/assets/fonts/opensans/ 9 KB
9 KB 239ms
8ms Font
font/woff2 108.138.17.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livehelpnow.net/assets/fonts/opensans/k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/css/fonts/opensans.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c08254ca4fa4829d60eb09d8476c654592f85b470cf5b8c4961405a586d49c9

Request headers

Referer: https://developer.livehelpnow.net/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 03 Apr 2022 17:24:43 GMT
Via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
Vary: Origin
Age: 9399156
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8760
Last-Modified: Wed, 29 Sep 2021 01:52:36 GMT
Server: AmazonS3
ETag: "13b3acd40ccbdb6ea0d9e78f8acf524f"
Access-Control-Max-Age: 30
Access-Control-Allow-Methods: GET, HEAD, PUT, POST
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
X-Amz-Cf-Id: 42ni9b1-RgWyc-QRDx3NQWS4KED84aCWuohTbOoXt0FzrEWru29YrQ==

GET
H/1.1 200
OK cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
cdn.livehelpnow.net/assets/fonts/opensans/ 9 KB
9 KB 239ms
9ms Font
font/woff2 108.138.17.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livehelpnow.net/assets/fonts/opensans/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/css/fonts/opensans.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 944de5ab38ac3472bc6c319020bed4254022eae2de5a2e62ecbbcff6756b5c18

Request headers

Referer: https://developer.livehelpnow.net/
Origin: https://leadingresponse.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 17 May 2022 15:58:04 GMT
Via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
Vary: Origin
Age: 5602755
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8872
Last-Modified: Wed, 29 Sep 2021 01:52:36 GMT
Server: AmazonS3
ETag: "ffeaa6a7fe2c1c1f7133cbd3910b1596"
Access-Control-Max-Age: 30
Access-Control-Allow-Methods: GET, HEAD, PUT, POST
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA56-P7
Accept-Ranges: bytes
X-Amz-Cf-Id: rbsonzihr_aSSPXnE9IPm5mDkAbNNOGi7qy0dVEyituBWYm3LrCzyQ==

GET
H/1.1 200
OK socket.js Show response
developer.livehelpnow.net/js/ 21 KB
6 KB 111ms
111ms Script
text/javascript 23.253.188.26
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://developer.livehelpnow.net/js/socket.js
Requested by: Host: developer.livehelpnow.net
URL: https://developer.livehelpnow.net/js/sdk/lhn-jssdk-current.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 23.253.188.26 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 01a246da9c94329cc181fe6ca32187e61bcde02ffa9d982945d3caeec8c1a261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:17:17 GMT
content-encoding: gzip
server: Cowboy
etag: "2076F27"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6243

POST
H2 200 mon Show response
v40.venusrevival.com/ 0
39 B 119ms
118ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v40.venusrevival.com/mon
Requested by: Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leadingresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leadingresponse.com
date: Thu, 21 Jul 2022 12:17:19 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 106ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EK6L44MVYR&gtm=2oe7i0&_p=161090165&_z=ccd.v9B&gdid=dZTNiMT&cid=1632781737.1658405835&ul=en-us&sr=1600x1200&_s=2&sid=1658405835&sct=1&seg=1&dl=https%3A%2F%2Fleadingresponse.com%2F&dt=Lead%20Generation%20%7C%20Customer%20Acquisition%20Marketing%20%7C%20B2C&en=page_view&_ee=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EK6L44MVYR&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadingresponse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 12:17:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leadingresponse.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
v40.venusrevival.com/ 0
39 B 190ms
189ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://v40.venusrevival.com/mon
Requested by: Host: aqua.venusrevival.com
URL: https://aqua.venusrevival.com/clicktrue_invocation.js?id=14513
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leadingresponse.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leadingresponse.com
date: Thu, 21 Jul 2022 12:17:21 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.leadingresponse.com/	1970-01-20 04:40:07	Name: __cf_bm Value: X3rXZe3ywYBl9cmcu0FJVl8GNYmIFIKGVIX9r3RDvWU-1658405835-0-ASo+RQSHjI/2/0mQ5dHKhZ8VRpZ8DHeDEMpYxRzHevLalX7QTqj8wQq3fDV+t4aau6kTPWp61ws9qYJ8a+4vVNI=
.leadingresponse.com/	1970-01-20 22:11:17	Name: _ga_EK6L44MVYR Value: GS1.1.1658405835.1.1.1658405835.0
.leadingresponse.com/	1970-01-20 22:11:17	Name: _ga Value: GA1.2.1632781737.1658405835
.leadingresponse.com/	1970-01-20 04:41:32	Name: _gid Value: GA1.2.1085976945.1658405835
.leadingresponse.com/	1970-01-20 04:40:05	Name: _gat_gtag_UA_62454106_1 Value: 1
.leadingresponse.com/	1970-01-20 22:11:17	Name: _mkto_trk Value: id:087-XCA-117&token:_mch-leadingresponse.com-1658405835470-76958
.st1.dialogtech.com/	1970-01-22 00:29:32	Name: _ibp_st Value: 0ec5bf80-08ef-11ed-9f27-132662f78b3f
.leadingresponse.com/	1970-01-20 06:49:41	Name: _fbp Value: fb.1.1658405835726.917683602
.leadingresponse.com/	1970-01-20 06:51:29	Name: _cq_duid Value: 1.1658405835.2CJi37nSN29Y3u3e
.leadingresponse.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1658405835.bbDZznUntUSXqKcT
.leadingresponse.com/	1970-01-22 00:29:32	Name: _st_bid Value: 0ec5bf80-08ef-11ed-9f27-132662f78b3f
go.leadingresponse.com/	1969-12-31 23:59:59	Name: BIGipServerab48web-nginx-app_https Value: !OXVD/p2shrGZ+25wj0+bx/SialTWb1I7uj9CZ4aL2KEmQyP8fcu2kWw52vwMyOSRqrE895neUbTAVA==
v40.venusrevival.com/	1970-01-20 12:43:56	Name: cg_uuid Value: bdba6b58e6d8f8ce12a5fd1fe23bfdbe
.bing.com/	1970-01-20 14:01:41	Name: MUID Value: 30C0D996056160971A5AC87E04B361DA
.leadingresponse.com/	1970-01-20 04:41:32	Name: _uetsid Value: 0f2924c008ef11ed82a745973532c1e4
.leadingresponse.com/	1970-01-20 14:01:41	Name: _uetvid Value: 0f29535008ef11ed92995b5dcd03c777
.leadingresponse.com/	1970-01-20 06:49:41	Name: _gcl_au Value: 1.1.1669407886.1658405836
.doubleclick.net/	1970-01-20 14:01:41	Name: IDE Value: AHWqTUmwEk-VrhOzzFgqXMyutsnduj-GlAVHkINK_4V2Z2oQ6qSUcKi3Wt7CDB85
.leadingresponse.com/	1970-01-20 04:41:32	Name: lhnStorageType Value: cookie
.leadingresponse.com/	1970-01-22 00:29:32	Name: _st Value: 0ec5bf80-08ef-11ed-9f27-132662f78b3f.0ec87ea0-08ef-11ed-9f27-132662f78b3f....0....1658406435.1658416635.600.10800.30.0....0....1...leadingresponse^com.UA-62454106-1.1632781737^1658405835.38.
.leadingresponse.com/	1970-01-20 04:50:10	Name: lhnRefresh Value: a87fa809-a057-4838-a2fc-083b368094fe
.st2.dialogtech.com/	1970-01-22 00:29:32	Name: _ibp_st Value: 0ec5bf80-08ef-11ed-9f27-132662f78b3f
st2.dialogtech.com/	1969-12-31 23:59:59	Name: TS01d5e2f3 Value: 0172f03cd93338a2776531c4f35411a86ea586a5366dcfc99ae07787fed450b6972e951ff67591c5048586ab40505cce1fe4268359
.st2.dialogtech.com/	1969-12-31 23:59:59	Name: TS016d2f2d Value: 0172f03cd9aa8f3a74b1b60ee117e9fc24870eecb26dcfc99ae07787fed450b6972e951ff64915ad509cca214400c94734e991795234970dd4af48ddfd15f8ee24bc20cb73
.leadingresponse.com/	1970-01-20 04:41:32	Name: lhnJWT Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ2aXNpdG9yIiwiZG9tYWluIjoiIiwiZXhwIjoxNjU4NDkyMjM4LCJpYXQiOjE2NTg0MDU4MzgsImlzcyI6eyJhcHAiOiJqc19zZGsiLCJjbGllbnQiOjIxODUyLCJjbGllbnRfbGV2ZWwiOiJiYXNpYyIsImxobnhfZmVhdHVyZXMiOltdLCJ2aXNpdG9yX3RyYWNraW5nIjp0cnVlfSwianRpIjoiNGU5YjlhOGUtZTEyNS00ZjI2LTlmODItODRjNDVhMDAzYjI0IiwicmVzb3VyY2UiOnsiaWQiOiI0ZTliOWE4ZS1lMTI1LTRmMjYtOWY4Mi04NGM0NWEwMDNiMjQtMjE4NTItU0xLM1ZFNSIsInR5cGUiOiJFbGl4aXIuTGhuRGIuTW9kZWwuQ29yZS5WaXNpdG9yIn19.5vqP-SzlfMoTTp0nmqf3itFrV-oh9_tMO12rD9ql7qQ
.leadingresponse.com/	1970-01-20 22:11:59	Name: lhnContact Value: 4e9b9a8e-e125-4f26-9f82-84c45a003b24-21852-SLK3VE5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

087-xca-117.mktoresp.com
aqua.venusrevival.com
bat.bing.com
cdn.livehelpnow.net
cdn.polyfill.io
connect.facebook.net
d31y97ze264gaa.cloudfront.net
developer.livehelpnow.net
fonts.googleapis.com
fonts.gstatic.com
go.leadingresponse.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
leadingresponse.com
lrdevsite2.wpengine.com
munchkin.marketo.net
region1.google-analytics.com
st1.dialogtech.com
st2.dialogtech.com
stats.g.doubleclick.net
v40.venusrevival.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.17.72.206
107.162.137.162
107.162.156.70
108.138.17.103
142.250.185.194
192.28.144.124
2001:4860:4802:32::36
2001:4860:4802:36::178
23.205.237.4
23.253.188.26
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2127:a800:f:496c:5a80:93a1
2606:4700:3034::ac43:9689
2606:4700::6812:1634
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::282
65.9.94.123
8.34.217.162
01a246da9c94329cc181fe6ca32187e61bcde02ffa9d982945d3caeec8c1a261
05763d226205555b40ff1db69d6eea4c63c2247d6809ad10c7f961c3879ab707
0682466341be9b78ed8820bb10b8cebaafa671bf3dfbe3bc6b74e871e0972e2d
0b44fe7e670e77ce283aa41a0edcbc1698c617de2a41177ddb7099723d9dc389
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
0fe2a169aad66b926fc07591bef502fb16317d65164fecdcbc792dbac5f1252e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1428c76fe21c9f3b2b01e4252dab7c1a8ac1f272c635369dabd37101414cb15c
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1480104490266f200cfd0f2b4dce59b9af7bd7ad4365b49ce73be77a2e9cbcd8
17dc16f203a20131a9dfccce83ed74af83cb9da328011181ca745b7f3a883d08
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c08254ca4fa4829d60eb09d8476c654592f85b470cf5b8c4961405a586d49c9
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
26d8e1370145947a84e9e5aa26d5a804477bcb429cf3dc726151c9e38cae774d
359f50aaf5ac576c0001712e96c297d0d9ca8e72e46584ad19d5620baa8b27d0
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
37f15bd223fd93a83b90e1d42000a43c6e17d7c09b12b6f8df6105600c767006
3b6f100d6c61f6bb114857ee3914a038937665153595820905c27540dac127bf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43c347f2b6d2ddda8d4d024879064087f994c7ace26ba10b8cfb79bd4181bb70
43febfce8227387b778606a5177b01101e6447a25a1c4f137a886ba0d49d2c83
4a2cfd3ad73e38cfea0c38df89fb72dfc85de2c9a2b21483498a4673730940be
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
50f5c84810542c7cd5f68cac56e43b0b443808f723014ee2384af860f12459d1
51905dc16188077b43c60272e62fa64cc6185e033ba93343d2f22df9956b0431
5420f07ab91995f85477ba4c9a08c5384b34fce5bbf4653a98163f51e8632e15
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57585d802db1271ec64ce187fd7d5c97cbacbcc32dfdaf87addf9244549a0f3e
57668bf852d6fdb17170fa0122fae619307fdc0240586d02cb75e363e38023ef
578a6a6e76d78cbdb5c4aa5b475c20f71ec0a8b6e277423c6ae9d139271d2275
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
580c35757b3e1f9906c5d832d4f1b1f23aec020dab71d95f2c814fd942360ac5
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
655b7be9d38d6be4547f1da43d63cb813baa229749f21348126dc734898a3ad2
65e8a5f4b2fdf876a06d7329c63baeac81baa67fde47122acd23fdb282b7dd02
663860de22641fbc02f5a2e46506bfac760260f572eb0208ae8409d5cdceaa73
682dd25391cc587ed34b914e79ca2510f96f0e8447fe0359e5344b55eae413e2
6a3e164a7b0590507187322abd4a06ef7f1cb3de3b03b993041bc6c91cb31d51
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
6fac30fb8c0224c40c8ecc53152cf0464d57553ed9fbcde618fc01f69095d6f0
716e593c25d67588231d7b7e8bd719eadb45d68fc18e1d4fe0fe4267fc41f61f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7c9a722b8564ec43bb2694a40b5ec371b7087fd492424332616f6154afc4307a
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b837f1cbe9fc6dcc826a3b3b8d925727bfb2ee300f5a70d2053953afe50a507
8be5760b4c5fac3be570a673b887c25c805c0d1db87b25d90f22a7204d45aad1
8d21c1e9b37e328bddf001063f49efca753311a6b7e70c7887288a2c14d38afb
90c01066546375e305933b42a539b57dc816fd02587521c93ecab0139d5fa10a
922297c4e207dae08affdbc21f34329d67f4ed482f5bdecb2369381a3b5eab66
93413bf3098bf6e6bbfee2d3aeb2896d9170469de241809688c8c7ace5029b7d
944de5ab38ac3472bc6c319020bed4254022eae2de5a2e62ecbbcff6756b5c18
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b34f65975ceb6f5cb0c385ee3bc8882e813e6a7eb4dd105bb09340c6873c222
9d3d328e55622b50a4a05d50a4ff6e78ad8371b7a422052f60eb5e640741fec1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f97dd00a3173084ba741c0191c1559d7aaa94420d0f235d211b56cf9b62eee
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a9c08d7c49a111ea1ac330a898d224dd524659476cf9962f04c6e75ca81901aa
aa30a32c90b32f4a6db4678d79ab55e4a90ad9e8cd41ee3ea2ae61a9248b41be
af339764be0addccd6f44b529a8755c6aa53f31b71a08e0f00259977ceb8f420
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c84140da167ece69afa3848c7421c570ee79803068181eb32cc6128a245b60db
ca069f748623efba1a88a6b9d3cb8c8de7c3df14db4d7672bae370968915dadf
caa22b213cb02b6e0f7e68783fe3576033dc402575aff4f1bdbf2ad61be6afe5
cbaf625521534c080f8f81ed4da67ef2e9d722f0f841bc5473570dd5feb8fc90
ce7810c4c41545811340a70a02569b2e6f5cd5b0f9cf0fcade26e4ddcf000775
cfb474586f9689a655563a355af3005939f3bdb32004572ff209471ce7b1675e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d95b2114adb0b31440cd3415304512153fc81e607a0122ab8a98249aabee861a
daee2df6c462de1426df7bc82247d5f80a4086aed63de6869b0c070a0a6e3d82
de1e4f0d1db8ca3be36b287ba7d56b1dab4724b13b95f75f40ace37fd7b00ec7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef07f5edf74062cd3a86de8cd8cd51e95c09995df0f878290b9dc3b1608fba90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f057afe0ed0d14f006e07b4edb80049b6233684e8d84079b16edfa4f4e72882d
f55ddf815f9f4c258c1e25dc73ffc5935e7e9f6662a1c9024dce69932a5f08e2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f79e4fc455de6549c3bf64585b06a15a91919b5730ccfc1dd65bcb61ca5c0c88
f891b4e53daea141e8c11b6f63af4a264fe7e967cd08746c781c5b202c8f9ad9
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd3f9f7325ed56cc64e9c3a3ea08c2efaacf465caf14f9ce48f82698e2852a49
ff4c60088304e1e85772de9a7cb198907ef3ef4feee3c15ea5b11e40a6317f98

leadingresponse.com Open in urlscan Pro 8.34.217.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

98 %HTTPS

64 %IPv6

21 Domains

29 Subdomains

29 IPs

4 Countries

1977 kBTransfer

5788 kBSize

26 Cookies

5 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

leadingresponse.com Open in urlscan Pro
8.34.217.162 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

98 %
HTTPS

64 %
IPv6

21
Domains

29
Subdomains

29
IPs

4
Countries

1977 kB
Transfer

5788 kB
Size

26
Cookies

120 HTTP transactions
7 data transactions