www.firstleaf.club Open in urlscan Pro
2606:4700:10::6816:2ae0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.firstleaf.club/terms/
Submission: On October 26 via api (October 26th 2022, 8:52:33 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 24 domains to perform 97 HTTP transactions. The main IP is 2606:4700:10::6816:2ae0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firstleaf.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.

This is the only time www.firstleaf.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:10:... 2606:4700:10::6816:2ae0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	184.24.7.187 184.24.7.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:2be0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.243.13.167 162.243.13.167	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	184.24.10.115 184.24.10.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:21f... 2600:9000:21f3:be00:15:decf:f580:21	16509 (AMAZON-02) (AMAZON-02)
1	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	3.230.17.182 3.230.17.182	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:249... 2600:9000:2490:3800:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:4200:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	172.64.102.36 172.64.102.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:4da5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
97	31

39 2606:4700:10::6816:2ae0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fbapi.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.7.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-7-187.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:2be0 (United States)

ASN13335 (CLOUDFLARENET, US)

api.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.243.13.167 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rbv9j7km.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.72.113 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.10.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-10-115.deploy.static.akamaitechnologies.com

aa.trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:be00:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.244.1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.17.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-17-182.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:3800:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4200:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.102.36 (United States)

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4da5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

penrosehill.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	firstleaf.club www.firstleaf.club images.firstleaf.club api.firstleaf.club rbv9j7km.firstleaf.club ct.firstleaf.club fbapi.firstleaf.club	1 MB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1991 ekr.zdassets.com — Cisco Umbrella Rank: 2280	435 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2218 rs.fullstory.com — Cisco Umbrella Rank: 2056	131 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 379	12 KB
3	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2614
3	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 14806 web.chtbl.com — Cisco Umbrella Rank: 14309	5 KB
3	trkn.us 1 redirects aa.trkn.us — Cisco Umbrella Rank: 26883 trkn.us — Cisco Umbrella Rank: 2017	1 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 114321 www.cloudflare.com — Cisco Umbrella Rank: 6580	4 KB
2	zendesk.com penrosehill.zendesk.com	1 KB
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 6296	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	170 KB
1	getrockerbox.com getrockerbox.com — Cisco Umbrella Rank: 5844	601 B
1	google.de www.google.de — Cisco Umbrella Rank: 6045	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	shop.pe shop.pe — Cisco Umbrella Rank: 11300
1	cloudfront.net d38xvr37kwwhcm.cloudfront.net	16 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2566	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	92 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1116	5 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 5814	439 B
97	24

	Domain	Requested by
36	www.firstleaf.club	www.firstleaf.club
9	static.zdassets.com	www.googletagmanager.com static.zdassets.com
5	rbv9j7km.firstleaf.club	www.firstleaf.club rbv9j7km.firstleaf.club
4	bat.bing.com	www.googletagmanager.com bat.bing.com www.firstleaf.club
3	us-central1-adaptive-growth.cloudfunctions.net	www.firstleaf.club edge.fullstory.com
2	penrosehill.zendesk.com	static.zdassets.com
2	www.lightboxcdn.com	www.firstleaf.club
2	www.facebook.com	www.firstleaf.club
2	web.chtbl.com	www.firstleaf.club
2	rs.fullstory.com	www.firstleaf.club
2	ct.firstleaf.club	www.firstleaf.club
2	www.google-analytics.com	www.googletagmanager.com www.firstleaf.club
2	trkn.us	1 redirects www.firstleaf.club
2	edge.fullstory.com	www.firstleaf.club edge.fullstory.com
2	connect.facebook.net	www.firstleaf.club connect.facebook.net
2	api.firstleaf.club	www.firstleaf.club
2	challenges.cloudflare.com	1 redirects www.firstleaf.club
1	www.cloudflare.com	www.firstleaf.club
1	getrockerbox.com	rbv9j7km.firstleaf.club
1	www.google.de	www.firstleaf.club
1	www.google.com	www.firstleaf.club
1	stats.g.doubleclick.net	www.firstleaf.club
1	fbapi.firstleaf.club	www.firstleaf.club
1	googleads.g.doubleclick.net	www.googleadservices.com
1	ekr.zdassets.com	www.firstleaf.club
1	ext.chtbl.com	www.firstleaf.club
1	www.googleadservices.com	www.googletagmanager.com
1	shop.pe	www.firstleaf.club
1	d38xvr37kwwhcm.cloudfront.net	www.firstleaf.club
1	aa.trkn.us	www.firstleaf.club
1	cdn.pdst.fm	www.firstleaf.club
1	images.firstleaf.club	www.firstleaf.club
1	www.googletagmanager.com	www.firstleaf.club
1	static.cloudflareinsights.com	www.firstleaf.club
1	cloud.typography.com	1 redirects
97	35

This site contains links to these domains. Also see Links.

Domain
www.adr.org
help.firstleaf.club
apply.workable.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
rbv9j7km.firstleaf.club R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
cdn.pdst.fm GTS CA 1D4	`2022-10-05` - `2023-01-03`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.shop.pe RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-10` - `2023-08-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
ext.chtbl.com Amazon	`2021-12-25` - `2023-01-22`	a year	crt.sh
*.fullstory.com R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
web.chtbl.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
getrockerbox.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-01` - `2022-12-08`	6 months	crt.sh
penrosehill.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-27` - `2023-09-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.firstleaf.club/terms/
Frame ID: 9D7F8AD285F6A07461DC7C3AE86B4E98
Requests: 91 HTTP requests in this frame

Frame: https://www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666814400
Frame ID: 333C9F57D11C44F5F419E7F9654C0966
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Frame ID: E5151D7C23687C4B13DCE53F58633B9C
Requests: 10 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: B684FB30CCD04510322D9EC15805090D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Firstleaf: Terms & ConditionsFirstLeaf

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Page Statistics

97
Requests

96 %
HTTPS

61 %
IPv6

24
Domains

35
Subdomains

31
IPs

4
Countries

2043 kB
Transfer

7518 kB
Size

29
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.adr.org/
Title: http://www.adr.org

Search URL Search Domain Scan URL

URL: https://help.firstleaf.club/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://apply.workable.com/firstleaf/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloud.typography.com/7410416/6307592/css/fonts.css HTTP 302
https://www.firstleaf.club/fonts/687751/007ADF49EA9D333D0.css

Request Chain 30

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad HTTP 302
https://challenges.cloudflare.com/turnstile/v0/0d248fcd/api.js?onload=onTurnstileLoad

Request Chain 45

https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483 HTTP 302
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483;ip=178.162.209.142;cuidchk=1

97 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.firstleaf.club/terms/ 2 MB
253 KB 545ms
515ms Document
text/html 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a36c923865dec773ca7db437fdd10f364dd569c38d84fcb23d4dc7ebf74331

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7606135b8e189043-FRA
content-encoding: br
content-type: text/html
date: Wed, 26 Oct 2022 20:52:26 GMT
last-modified: Wed, 26 Oct 2022 16:23:31 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id: J2hbnVfIOeiM7wkqO75Ot5rwbcBEkVWIyyupXJl2ts-AtBKQm_4eOg==
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront

GET
H3

200

007ADF49EA9D333D0.css
www.firstleaf.club/fonts/687751/
Redirect Chain

https://cloud.typography.com/7410416/6307592/css/fonts.css
https://www.firstleaf.club/fonts/687751/007ADF49EA9D333D0.css

250 KB
186 KB

38ms
38ms

Stylesheet
text/css

2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/fonts/687751/007ADF49EA9D333D0.css
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H3
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7160bf300aedb0d16945e3ee5e15851ac0f21c571e2d4632e121eb6f1ab1d9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 66752
x-amz-cf-pop: FRA56-C1
cf-polished: origSize=257416
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 12:51:13 GMT
server: cloudflare
etag: W/"07e30349aeb157501123c221264ec810"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
cf-ray: 760613665ef35c20-FRA
x-amz-cf-id: U78XRADycWHdV6L0DUF947Ma0M_M3nLr8WpHVpVX8Uk_yUpQB7Yjdw==

Redirect headers

Date: Wed, 26 Oct 2022 20:52:27 GMT
Last-Modified: Fri, 21 Sep 2018 14:37:41 GMT
Server: AkamaiNetStorage
X-HCo-pid: 16
ETag: "a71d9ac9ba4b6206174d8d4e5688ba41:1537540658"
Content-Type: text/html
Location: https://www.firstleaf.club/fonts/687751/007ADF49EA9D333D0.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Wed, 26 October 2022 20:52:26 GMT

GET
H2 200 webpack-runtime-28bc827a6051cec26ca6.js Show response
www.firstleaf.club/ 13 KB
6 KB 41ms
39ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/webpack-runtime-28bc827a6051cec26ca6.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf8ab10f74e9dfde5d44a8f64bb59475d04b6b1d24a8f40fd16208dcc0c9903d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 14386
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=13775
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 16:23:29 GMT
server: cloudflare
etag: W/"8c55dacedc901820bfc044a793c9d4f5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df29043-FRA
x-amz-cf-id: M40WvGNEwb6VwuKXaTgEpWjpTKrD80sNOHCjB_yjVXWpFlVvlP6J0w==

GET
H2 200 framework-3c8380cc0c9e69caf459.js Show response
www.firstleaf.club/ 127 KB
42 KB 37ms
35ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/framework-3c8380cc0c9e69caf459.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bfeb81c9c393bfc80c340d7cd10f05233607733d7075034a069023cc7347ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 17438
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=129774
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 12:51:15 GMT
server: cloudflare
etag: W/"df92332caf18954ae6390d9f828642d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df49043-FRA
x-amz-cf-id: 29T4tX5DwTSnlw7owiW2l6hhPaYRCKVXEO6wII_66J4bMO4tnuDeLg==

GET
H2 200 dc6a8720040df98778fe970bf6c000a41750d3ae-1c58d75f95d314f8a61b.js Show response
www.firstleaf.club/ 14 KB
5 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/dc6a8720040df98778fe970bf6c000a41750d3ae-1c58d75f95d314f8a61b.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4384183ee280256c2b6627a5a9054d0ab333c070311e0cf6b8edea510089068e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 34297
x-amz-cf-pop: FRA2-C2
cf-polished: origSize=14272
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 12:51:09 GMT
server: cloudflare
etag: W/"d3fcb04dd542672aebbe9bea93fdb21c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df59043-FRA
x-amz-cf-id: DeTnb9WqUg0mlbSJzl_qVqmrgoPWUZbKB2AmUMsk-VqI7tZ_ZiyGCQ==

GET
H2 200 app-079b0d6d6712bff6ea66.js Show response
www.firstleaf.club/ 654 KB
187 KB 43ms
42ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb53ed01325aeb73eb0f9911ad385723d1a8382d3e539403b65cd731b4bad2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 13675
x-amz-cf-pop: FRA56-C1
cf-polished: origSize=669357
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 16:23:29 GMT
server: cloudflare
etag: W/"68fb41d4d6d5d68c395173df9d496883"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df79043-FRA
x-amz-cf-id: M63Gkm5PagUaqcCXLAYJ8PKBIlMf4sSMfrcqmIiL5mAGEjAqPyLCMw==

GET
H2 200 bada84ddd38a3696f88e98d72296008ed29d4d99-cd400e0901a980079377.js Show response
www.firstleaf.club/ 271 KB
87 KB 33ms
31ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/bada84ddd38a3696f88e98d72296008ed29d4d99-cd400e0901a980079377.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22acb7c6ea4a5964d5cc018fa35f251199aa9729fc89607693c244ef4d634ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 14386
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=277244
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 16:23:29 GMT
server: cloudflare
etag: W/"e45cdb438a04b05df1751f6ad513dd49"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df89043-FRA
x-amz-cf-id: HyAQyu8ZOf3KtSA2QMYGmoStxrFKOH7JScCodjvZLMtkLYmQwQcQEw==

GET
H2 200 1fe57a6d8b796618ae137a742a03431b27b4fda8-c17b69febf2a4cfafccd.js Show response
www.firstleaf.club/ 183 KB
53 KB 35ms
33ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/1fe57a6d8b796618ae137a742a03431b27b4fda8-c17b69febf2a4cfafccd.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c6ea0c16531b17efa994f6968dbc2685cb8d68a49b37cb72d3ed6f4464d0c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 17438
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=187034
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 17:30:25 GMT
server: cloudflare
etag: W/"64723bcd21504905a41676a52d14a0b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5df99043-FRA
x-amz-cf-id: dLKrDiHcMFe8tTxVhrEudSEvOAbFNdC4wS_oxSgLo4B-mSrpEoDOeg==

GET
H2 200 component---src-pages-terms-jsx-0a788310265920cf9510.js Show response
www.firstleaf.club/ 63 KB
20 KB 30ms
29ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-terms-jsx-0a788310265920cf9510.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad71289d4c043b8c51cb8ee2b4597134ff271c8a9b436c77305beaf1f0cee2d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 17438
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=64661
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 08:55:20 GMT
server: cloudflare
etag: W/"806ca2883fa72012be7006a1131d804e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606135f5dfa9043-FRA
x-amz-cf-id: 2rbSe5ZYzt6gGC7luT8hixyvtL9V40zFY-dQA_fG74rruCKOnMhjHg==

GET
H2 200 page-data.json
www.firstleaf.club/page-data/terms/ 173 B
476 B 464ms
463ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/terms/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db304342138530c9461fe3f03c42a7d7799f5519ca19a397088e11d04b401d7

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:32 GMT
server: cloudflare
x-amz-cf-pop: FRA56-P5
etag: W/"c7b2a457225a66380ccab12df402e968"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606135f5dfc9043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: pyohnGtELBZ87vNX9JroLMVarKYG0al0qgSDo-Db0KkBm7ukU05F9w==

GET
H2 200 1317774493.json
www.firstleaf.club/page-data/sq/d/ 812 B
492 B 493ms
492ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/sq/d/1317774493.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373c40d4ce404b5046a1d289d29f33eac3fc18f8b881df0b83f9b4a269be13cd

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Aug 2022 12:51:27 GMT
server: cloudflare
x-amz-cf-pop: FRA56-P5
etag: W/"0d774deffcb242406a338211141724fc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606135f5dfe9043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: Al1pAulAwM8zvM5kk_fRbHuyrWNYUHd7tFeJz3BF4V4miA6d1T6djw==

GET
H2 200 4076379186.json
www.firstleaf.club/page-data/sq/d/ 4 KB
2 KB 498ms
497ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/sq/d/4076379186.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f3cc1ef8be9ecd5309293f644e2625b6bf9246066d5f5778d72996f5e60c47

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 25 Oct 2022 14:33:52 GMT
server: cloudflare
x-amz-cf-pop: FRA56-P5
etag: W/"d2e3b1b9798d402a3d66f032939a6f09"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606135f5dff9043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: _shdX0U_qjUuM6RNkoK-bqra4lxTzs1SMfwMhb53f-Uox020Om-Axg==

GET
H2 200 app-data.json
www.firstleaf.club/page-data/ 50 B
278 B 471ms
471ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/app-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8fbb923d7f93a2fcd21ebec34587d9058b54a4d0189bd6ceb7ea2f232df73a

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Oct 2022 16:23:30 GMT
server: cloudflare
x-amz-cf-pop: FRA56-P5
etag: W/"9b3bf85c5434cf31dc8691c1c48c696d"
x-cache: Miss from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606135f6e079043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: Je8gueylYA63kYkqqQUAk4bjGagFbyrKp0IzL19MzKlAElx-uXVA1g==

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 75ms
57ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.firstleaf.club/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:26 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 76061362987a5b26-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 307 KB
92 KB 85ms
50ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd29ee580e83fb251599eca744e47f0b574c1d15f955a4deda8950486e28a92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93605
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp-at-v2-14-0.js Show response
images.firstleaf.club/js/ 97 KB
30 KB 49ms
38ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstleaf.club/js/sp-at-v2-14-0.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 6701
x-amz-cf-pop: DUS51-P2
cf-polished: origSize=100349
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 27 Jul 2020 04:28:00 GMT
server: cloudflare
etag: W/"8dba669b94e3865c9205ef8fd15ee4d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=5356800
cf-ray: 76061366ee199043-FRA
x-amz-cf-id: Gg66bXl38xm7-yq6dlzxADiO_LHMmXp88EV4s4X9QIcZ2fFAFgK5OQ==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 337ce8359d757972929e6d1bd875ce77b387d348d9d794f04cfe2f1ef3b08e60

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01af466f48d14857d97a67cd7025ce67c8a0b9ca83ddb6d3f313c7369c432868

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edda2ff4de2c41fd8664d3987baed22af9afdf06a4a209b61a6372819e0f3c41

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51b06909334339bd5f4027e70f4d2fd30a2a3977ee44cce7385b908ec8f51903

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H3 200 3059-d8b3d1cedf612c3c550b.js Show response
www.firstleaf.club/ 75 KB
23 KB 33ms
33ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/webpack-runtime-28bc827a6051cec26ca6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45eceead39e92b6dcd45e3b41f4f90dd9ec19ad4f065b7b59f2e0af59f329506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 150020
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=76599
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:10 GMT
server: cloudflare
etag: W/"71a7abb86f0004f0789be0f5f84093eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 760613679a205c20-FRA
x-amz-cf-id: b0N-mPof70Z0qo_O7NLfNnGZUZ46_VHR0XiB76PYsU2jgP0AyELhlg==

GET
H3 200 ea014c25724c3bc7c47d7be43ed11a3a92958d3c-713bec8488fe0c91f5b9.js Show response
www.firstleaf.club/ 35 KB
13 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/ea014c25724c3bc7c47d7be43ed11a3a92958d3c-713bec8488fe0c91f5b9.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/webpack-runtime-28bc827a6051cec26ca6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053671ed045b39779928906b3454fc3b8ea8363d4b88fcf0ddc2275c61a9778a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 89038
x-amz-cf-pop: FRA56-P5
cf-polished: origSize=35614
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:24 GMT
server: cloudflare
etag: W/"302a488da91a4b31f4f77155865f0aa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 760613679a255c20-FRA
x-amz-cf-id: Idpx_GSGmZUcKqKCJBcArc32xJtnmLIE_IYpBPPrpSSg8X8039aG-g==

GET
H3 200 4319-75a83dab452797ca404f.js Show response
www.firstleaf.club/ 7 KB
4 KB 29ms
29ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/4319-75a83dab452797ca404f.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/webpack-runtime-28bc827a6051cec26ca6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9981e907b10eb548d48f2f7de1423221a0c34a57e52268e264b68372f9f87f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 63433181ad575db593361f546b85514e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 150020
x-amz-cf-pop: WAW51-P2
cf-polished: origSize=7653
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:10 GMT
server: cloudflare
etag: W/"31fb9f987dad1b93b2c8be663b1b6105"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 760613679a265c20-FRA
x-amz-cf-id: Gjh6BcrSIaM1Tsj9coIa0sXc-zsx6dITGzhv6Swvg8uQWVsXlUZC3Q==

GET
H3 200 invisible.js Show response
www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 333C 38 KB
13 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666814400
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe004911d21d7bb47f3b5a5b1565d7f9ce5a59d3f071eded6f457b9a72832e57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76061367aa485c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/0d248fcd/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad
https://challenges.cloudflare.com/turnstile/v0/0d248fcd/api.js?onload=onTurnstileLoad

8 KB
3 KB

48ms
36ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/0d248fcd/api.js?onload=onTurnstileLoad
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H3
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7a6298cc4ddbc9aabb968a58ef4d03690bff47d56224a57c20b91e0c49a3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 76061368fae7bbc8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 26 Oct 2022 20:52:27 GMT
server: cloudflare
vary: Accept-Encoding
location: /turnstile/v0/0d248fcd/api.js?onload=onTurnstileLoad
cache-control: max-age: 300
cf-ray: 760613688c2c9a1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 9503-12a13757b2822452e8f7.js Show response
www.firstleaf.club/ 1 KB
1 KB 37ms
37ms Script
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/9503-12a13757b2822452e8f7.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/webpack-runtime-28bc827a6051cec26ca6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d6ccdb86903b22a8f92f09723f870ebdbda28d809dba612c7cf5e04ab4cd43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 150020
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=1276
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Aug 2022 12:51:02 GMT
server: cloudflare
etag: W/"38e53c88cd8693ddc535ed6e6bd10f39"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 760613685bd85c20-FRA
x-amz-cf-id: 411O4Fnnftpc5PLwcKxoulH2w6ePr65qh3edOhLCqLoXToZ81tkJxQ==

POST
H2 200 checkouts.json Show response
api.firstleaf.club/api/ 2 KB
846 B 618ms
585ms XHR
application/json 2606:4700:10::6816:2be0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.firstleaf.club/api/checkouts.json

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2be0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9cb253f12e676cf94172d1b90894dcd38cf333bd1cc64bfccedfb6fa39da591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fdc62c21-a4fe-4216-bae8-e9405e49ed8b
x-runtime: 0.110406
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d9cb253f12e676cf94172d1b90894dcd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firstleaf.club
access-control-expose-headers: DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=0, private, must-revalidate
cf-ray: 7606136898bb68fe-FRA
access-control-allow-headers: DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 ship_to_info.json Show response
api.firstleaf.club/api/ 14 B
567 B 590ms
557ms XHR
application/json 2606:4700:10::6816:2be0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.firstleaf.club/api/ship_to_info.json

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2be0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0bfe17e7-d69b-44b8-bca0-6cbf93766aa1
x-runtime: 0.106795
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"aca66b739fcde148403f4735fd9091fb"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firstleaf.club
access-control-expose-headers: DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=0, private, must-revalidate
cf-ray: 7606136898c068fe-FRA
access-control-allow-headers: DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK wxyz.rb.js Show response
rbv9j7km.firstleaf.club/assets/ 46 KB
11 KB 333ms
105ms Script
application/javascript 162.243.13.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbv9j7km.firstleaf.club/assets/wxyz.rb.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.167 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 2616c60e63b4959e67f167c2090f69b2161b6337d3428aae3bb34c3e853ccee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:27 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 20:52:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0866xCzzYk0EnBFmYP/PjV5BWdh4h4gZz5B+bGAqGFz+68P0n0eA4v4u0Ar1GC78lIn3iuYkBZ1bqxHn3S1uQw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 57ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 26 Oct 2022 20:52:26 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EBCB1429B9548D287BCF83A7F1ADE96 Ref B: FRAEDGE1708 Ref C: 2022-10-26T20:52:27Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11376

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 23 KB
6 KB 60ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: MQRGK10K373G5196
age: 57
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: SPdRDDFz83YxVF9so0HWh6PPnqYAlCZb5Tuk/UW4z4o4dRDkDSckvfRZcDMHMf7OlP2MQwfZGzI=
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 76061368dacf9bca-FRA

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 89ms
13ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:16:15 GMT
content-encoding: gzip
age: 2172
x-guploader-uploadid: ADPycdthq1J_ga4z5ZpttHHLuQa6BdANQF0FD4BxjgkAU55Ob0T-T4LGY5xRRacgtm6S7ptpYnpwez6hhwH9YeMq4zOavN-Op2Ac
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 26 Oct 2022 21:16:15 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 257 KB
65 KB 51ms
13ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02c39312062b70db1e8c9eabafcd7adaec452805512fe73438d7249fe714172

Request headers

Referer: https://www.firstleaf.club/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:22:50 GMT
content-encoding: br
age: 1777
x-guploader-uploadid: ADPycdsa-iODy8JR9O8b7yh_jz1wgXCjFzC7Y8kOzyEz-a5HtB8KgsNuuIMCxYx5nmXt3c5gdIhJA3QjHl-wzN42iz93kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65504
last-modified: Wed, 26 Oct 2022 16:33:55 GMT
server: UploadServer
etag: "bf20ef04cd58c8bf7f21ee128f6eb875"
vary: Accept-Encoding
x-goog-generation: 1666802035880972
x-goog-hash: crc32c=drrJ7Q==, md5=vyDvBM1YyL9/Ie4Sj264dQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 65504
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Oct 2022 21:22:50 GMT

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 83ms
10ms Script
text/plain 184.24.10.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=5713e69f-ed70-4bb9-9079-619171b397f7&suu=1&dmn=www.firstleaf.club
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.10.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-10-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:27 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
Expires: Wed, 26 Oct 2022 21:52:27 GMT

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 45 KB
16 KB 38ms
9ms Script
application/javascript 2600:9000:21f3:be00:15:decf:f580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:be00:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f1404ba616641cc1cf45e21367342a410c96c181330d6dc349e4e1d6a33a67f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: xTwpzsT9YN3bT.xursLxfNZCfDC1Q6tu
content-encoding: gzip
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date: Wed, 26 Oct 2022 17:43:56 GMT
last-modified: Fri, 01 Jul 2022 16:43:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 11312
x-amz-server-side-encryption: AES256
etag: W/"333f70ac92b778d6008c0571aa1a0d93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lc2Qg1OGxI78_0_jxUuwiXVFKEBL5OT08abK3X6q4-Aryn8m-y5o7A==

GET
H2 403 widget_async.js
shop.pe/widget/ 0
0 160ms
116ms Script
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shop.pe/widget/widget_async.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.244.1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 1.244.227.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 94ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15175
x-xss-protection: 0
server: cafe
etag: 2727272090050510172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 20:52:27 GMT

GET
H/1.1

200
OK

ppt=18168;g=landing_page;gid=41654;ord=1156434483;ip=178.162.209.142;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483;ip=178.162.209.142;cuidchk=1

42 B
780 B

365ms
365ms

Image
image/gif

3.230.17.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483;ip=178.162.209.142;cuidchk=1

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

HTTP/1.1

Server

3.230.17.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-17-182.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 20:52:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 26 Oct 2022 20:52:28 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1156434483;ip=178.162.209.142;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H3 200 page-data.json
www.firstleaf.club/page-data/accessibility/ 0
522 B 489ms
489ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/accessibility/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:26 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"117539b3760aba541edd9eec63181675"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 76061368ccb25c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: Kx5z8H0HI8B2HeawSl6qVLmhZBmxWacjEId1lPv39_q_5FWTnRy3Fw==

GET
H3 200 page-data.json
www.firstleaf.club/page-data/store/ 0
23 KB 515ms
514ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/store/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Oct 2022 16:23:31 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"6d7be525b276f55af10b2ecc412680ac"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 76061368dcc65c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: Pqh1tmAD3oCzpCxitm2-0dXz3ktUnG5-fEIQzGfVt9N3AJumW95rag==

GET
H3 200 page-data.json
www.firstleaf.club/page-data/wine-school/home/ 0
535 B 486ms
485ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/wine-school/home/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:37 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"ab148e64834c3f3c4b29353b53f2aa05"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 76061368dcce5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: wOraMNF3bKfHcv6cUJ2ToW-G8gO2-hrU-i0aURt8D7gnpLBLSquwkw==

GET
H3 200 page-data.json
www.firstleaf.club/page-data/gifts/ 0
630 B 501ms
500ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/gifts/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:27 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"185761f0da12a187f1993f09ec534865"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 76061368dcd05c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: KlTI9cbFnWLxO9i0PNQNHJW5o54UeA7OQxnp6lB9K7e33gckHUchYw==

GET
H3 200 page-data.json
www.firstleaf.club/page-data/index/ 0
594 B 516ms
515ms Other
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/index/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.firstleaf.club/terms/
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:27 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"66c671ddcd655cb1c2deafac14e64b7b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 76061368dcd45c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: tAOCrF0TsIHgn1PNDbqKlukyu8lpjh8ItUVSWOpA_y4n-eSIblikLw==

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 63ms
20ms Script
application/javascript 2600:9000:2490:3800:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3800:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:58:55 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 3213
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: U2yVQvQwSx6O1zkYyMeu1jzGNrLr7V5MTi9qnKf2UvK2JKnImbcstQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 64ms
27ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 19:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6629
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 21:01:58 GMT

OPTIONS
H2 200 pipeline
ct.firstleaf.club/prh/ Frame 0
0 471ms
446ms Preflight 2606:4700:10::6816:2be0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2be0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.firstleaf.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.firstleaf.club
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7606136909b668fe-FRA
content-length: 0
date: Wed, 26 Oct 2022 20:52:28 GMT
server: cloudflare

POST
H3 200 pipeline Show response
ct.firstleaf.club/prh/ 2 B
341 B 508ms
508ms XHR
text/plain 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.firstleaf.club
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7606136bdbbc5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 200 pica.js
www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/ Frame 333C 22 KB
8 KB 20ms
20ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827c28478f28c77e32fc70750bee8de299fb977cc3b71367e55d6303f6c98d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76061368ecf65c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1669030446688031 Show response
connect.facebook.net/signals/config/ 485 KB
143 KB 21ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1669030446688031?v=2.9.88&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

461b8b1a6dc257f1ce4e7ac5429cabd6f23d5bfa1a3ac1ccda7f2be623d88164

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 20:52:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145965
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LYXmxqpV7edwT3OvlPpuV898y081Uwyr96rpSq9VvHGjA8CdZTEiLjokTJzMC5QaIUQialBsj5ZCrfdlWvfiIg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5565374.js Show response
bat.bing.com/p/action/ 0
116 B 47ms
46ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5565374.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 20:52:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6670302D67FC440C8DF201D5F9CE182D Ref B: FRAEDGE1708 Ref C: 2022-10-26T20:52:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 93ms
92ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=680ae33b-3de3-46b5-8bc5-6cc50b381de3&sid=19db17c0557011ed848d0bacafec34a9&vid=19db58d0557011edb4f02759ef29008c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Firstleaf%3A%20Terms%20%26%20Conditions&p=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&r=&lt=1973&evt=pageLoad&sv=1&rn=268992

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 20:52:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 610400086354457FA9A87DB5FC90886E Ref B: FRAEDGE1708 Ref C: 2022-10-26T20:52:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
119 B 91ms
91ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=680ae33b-3de3-46b5-8bc5-6cc50b381de3&sid=19db17c0557011ed848d0bacafec34a9&vid=19db58d0557011edb4f02759ef29008c&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=page-ready&en=Y&sw=1600&sh=1200&sc=24&evt=custom&rn=870823

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Oct 2022 20:52:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D412A0B8D214344910BA6A7E0D3384B Ref B: FRAEDGE1708 Ref C: 2022-10-26T20:52:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b253b5fa-0522-4fcb-b2f3-9056b25ec9b1 Show response
ekr.zdassets.com/compose/ 435 B
825 B 231ms
207ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889404f2015a98f54b496eb2527adde2de02bebe87293959eb5deba43d36155f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:27 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-permitted-cross-domain-policies: none
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 760613694b9bbb74-SEA, 760613694b9bbb74-SEA
x-runtime: 0.004061
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"889404f2015a98f54b496eb2527adde2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 760613694b9bbb74-FRA

POST
H2 200 page Show response
rs.fullstory.com/rec/ 6 KB
2 KB 340ms
304ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 99aa9b9f257dbc4e29313ada744c1f502b574e34c92196adb48bfee5948a4f10

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.firstleaf.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1909

POST
H2 200 track Show response
web.chtbl.com/ 49 B
380 B 184ms
184ms XHR
application/json 2600:9000:206f:4200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: FRA56-C1
vary: Origin
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: Dsk2Dr_If3rvP7lIINHJeE5iM_0_yRgd45m3PuR0FvGI7S4mKGtL4Q==

OPTIONS
H2 200 track
web.chtbl.com/ Frame 0
0 142ms
100ms Preflight
application/json 2600:9000:206f:4200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.firstleaf.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 49
content-type: application/json
date: Wed, 26 Oct 2022 20:52:27 GMT
server: uvicorn
vary: Origin
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-amz-cf-id: 0NhBz1YHVb6X9d4wrvm9LPOC6cjvvNHFrM8vW7qlOOlGJFi093NKDg==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

POST
H3 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 221ms
188ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 208112c8d46f23ebbd5f888f7c28c2a4
function-execution-id: vxu5iidc5561
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 174ms
121ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.firstleaf.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 20:52:27 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: eki6dtg2y0v1
server: Google Frontend
x-cloud-trace-context: aff442f20b131c4029aa1871dfb5e21a
x-powered-by: Express

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/935608953/ 2 KB
2 KB 71ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/935608953/?random=1666817547791&cv=9&fst=1666817547791&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Becomm_pagetype%3Dother%3Bdynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&tiba=Firstleaf%3A%20Terms%20%26%20Conditions&auid=570988214.1666817548&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

082c6669be0b45bbbec2499b6c11367471d10b737166a9382f56b5f3ec88e5d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 20:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
21ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=276545737&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&dp=%2Fterms%2F&ul=en-us&de=UTF-8&dt=Firstleaf%3A%20Terms%20%26%20Conditions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=599294385&gjid=1445127883&cid=321966687.1666817548&tid=UA-68049103-4&_gid=1731270052.1666817548&_r=1&gtm=2wgaj0TKCVNW&z=2114264924

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 20:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstleaf.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
fbapi.firstleaf.club/ 0
142 B 359ms
348ms XHR
text/plain 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fbapi.firstleaf.club/events

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
access-control-allow-origin: https://www.firstleaf.club
access-control-allow-credentials: true
cf-ray: 7606136a1c3e9043-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&rl=&if=false&ts=1666817547840&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666817547836.377974287&eid=ob3_plugin-set_f2ceb38c1f3670b726bb24009a0f5f2848c32cba628ca5a211378e5250699c98&it=1666817547675&coo=false&rqm=GET

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Oct 2022 20:52:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-68049103-4&cid=321966687.1666817548&jid=599294385&gjid=1445127883&_gid=1731270052.1666817548&_u=YGBACEAABAAAACAAI~&z=502169809

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 20:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.firstleaf.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/935608953/ 42 B
548 B 75ms
37ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/935608953/?random=1666817547791&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Becomm_pagetype%3Dother%3Bdynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&tiba=Firstleaf%3A%20Terms%20%26%20Conditions&async=1&fmt=3&is_vtc=1&random=611096348&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 20:52:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/935608953/ 42 B
548 B 74ms
36ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/935608953/?random=1666817547791&cv=9&fst=1666814400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaj0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Becomm_pagetype%3Dother%3Bdynx_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&tiba=Firstleaf%3A%20Terms%20%26%20Conditions&async=1&fmt=3&is_vtc=1&random=611096348&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 20:52:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 7606135b8e189043 Show response
www.firstleaf.club/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 333C 2 B
371 B 51ms
50ms XHR
text/plain 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/cdn-cgi/challenge-platform/h/g/cv/result/7606135b8e189043
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666814400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 7606136b8b0e5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
601 B 181ms
152ms Script
text/javascript 172.64.102.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: rbv9j7km.firstleaf.club
URL: https://rbv9j7km.firstleaf.club/assets/wxyz.rb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bfa6e4bf5dbaacd052df4f9ffdb48a739c6ffaab745e514317db549b092269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0Zuj%2FkncZDLouO6q5OLbK48aQpYpgpsAK4KHZ%2BOlnq%2B1290QRl49P3bx%2B6BtsZdLZgIug5J8h2KvkX9ZnqJSt1wMAwBcTzm1wMCaTtU75%2FQjliDG0fspCn7UxBLEyHbjOaj"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7606136bbe449bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK integrations Show response
rbv9j7km.firstleaf.club/ 48 B
252 B 88ms
88ms Script
text/javascript 162.243.13.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rbv9j7km.firstleaf.club/integrations?source=firstleaf
Requested by: Host: rbv9j7km.firstleaf.club
URL: https://rbv9j7km.firstleaf.club/assets/wxyz.rb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.167 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:28 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 web-widget-framework-e02dceabb69d6ba4a66a.js Show response
static.zdassets.com/web_widget/latest/ Frame E515 151 KB
49 KB 25ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05e81951cb0bc3f592e60a131ac3805cbc7a000867817e1b74af8f47be1529ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: vYvcsd9O9PmUzPEJ.wRavv6qOXpX1g4W
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58FB8KFNARGQ793X
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: JFuBPlaJYY6wEKD2F1i8ZaV8KAOzeevckFslDyUk6YHuFHMoH2KnhBD0q/d2p30xgau91Mqplbg=
last-modified: Fri, 21 Oct 2022 09:51:36 GMT
server: cloudflare
etag: W/"f99c9292ba9d845b89822045698023dd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136b99f79bca-FRA
expires: Sat, 21 Oct 2023 09:51:35 GMT

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/ 3 KB
1 KB 68ms
34ms Script
application/javascript 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1666817548134
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152236130d8f3e802220d626fa51bef2d829d41550facbb77044276a8ffe91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: FCRO0gTXI3ZRHdIcvS5g/Q==
age: 65
cf-polished: origSize=4905
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 24 Oct 2022 15:26:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 3302274d-901e-002e-2372-e998f7000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 7606136c0f5f915f-FRA
expires: Wed, 26 Oct 2022 20:53:28 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 435ms
227ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=134SPF&UserId=6420205240602624&SessionId=6096150717288448&PageId=4644237966594048&Seq=1&PageStart=1666817547869&PrevBundleTime=0&LastActivity=3&IsNewSession=true
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 7f627f4ae4495fac8bda387d05b2ef9b9f71054088eba55eeadeadd4cbb8d1ba

Request headers

Referer: https://www.firstleaf.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.firstleaf.club
date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 page-data.json Show response
www.firstleaf.club/page-data/accessibility/ 189 B
522 B 477ms
477ms XHR
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/accessibility/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cad41d402eb16b9dd037933572b70658aaf2865e22b66561cf37d39784dbda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:26 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"117539b3760aba541edd9eec63181675"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606136c5d065c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: -2cut7AN5ZOMZPUkiUfzvjc6-i5lrmZoU0mQzsOqQu7j6UtqE-lvwQ==

GET
H3 200 page-data.json Show response
www.firstleaf.club/page-data/wine-school/home/ 208 B
536 B 450ms
450ms XHR
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/wine-school/home/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a07141524dca99862fe4c41ab9f999447900b66e82fa76cdb4f32d8c4f3cd86c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:37 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"ab148e64834c3f3c4b29353b53f2aa05"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606136c5d095c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: Jl2l2F3l7_eCyL6LH8aDslozBbqCXvk6gYCR8oObTYHiqm4qwLDu-g==

GET
H2 200 config Show response
penrosehill.zendesk.com/embeddable/ Frame E515 1 KB
1 KB 260ms
227ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://penrosehill.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94691675a9e5972534bc2aa34d19496abe42a9801659cf7d5fdc5da21dac049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: br
cf-cache-status: MISS
x-zendesk-origin-server: embeddable-app-server-5cb468f9d4-7cr26
x-cached: MISS
x-request-id: 7606136cad9d9116-IAD
x-runtime: 0.002693
last-modified: Wed, 26 Oct 2022 20:52:28 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7606136cad9d9116-FRA

GET
H3 200 page-data.json Show response
www.firstleaf.club/page-data/gifts/ 352 B
630 B 474ms
473ms XHR
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/gifts/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e5e947db547f3936bdd9ff3b8bfc87387e67e662a1cf1ed0ab451445accad45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:27 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"185761f0da12a187f1993f09ec534865"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606136c7d5e5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: hmkzZYYYMGCI-Qse9uFgotBOQyU3vLW1IcTuthbI-E5xJTK_vOlntQ==

GET
H3 200 page-data.json Show response
www.firstleaf.club/page-data/store/ 552 KB
23 KB 473ms
472ms XHR
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/store/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9860077ce0aecaacca99f18ca5bd44f410dd63ed76e5dd177624cfdda21965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Oct 2022 16:23:31 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"6d7be525b276f55af10b2ecc412680ac"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606136c7d605c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: SVOPgItvd3vp41O3mlrddEXgTnQ7rWVFYMdde7H4300t6PpRreqRTQ==

GET
H3 200 page-data.json Show response
www.firstleaf.club/page-data/index/ 308 B
595 B 480ms
479ms XHR
application/json 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/page-data/index/page-data.json
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bd6d39686cdaf89ea8373a6c97e5c9b5fed47c68c0e3e9fb1e6cea71ffc478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 04 Oct 2022 15:55:27 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: W/"66c671ddcd655cb1c2deafac14e64b7b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
cache-control: public, max-age=0, must-revalidate
cf-ray: 7606136c7d635c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-cf-id: pf3M4TRI4hGpO2lSJtJF_T3DdLpEHWw_52yX7jOVn_XP3HHRPaFurw==

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
275 B 25ms
24ms Image
image/gif 2606:4700::6810:4da5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1666817548237&h=www.firstleaf.club&e=p&u=44194
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Oct 2022 20:52:28 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1964242
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: fba48953-701e-0024-219f-d7817e000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7606136c8874915f-FRA

GET
H/1.1 200
OK rb
rbv9j7km.firstleaf.club/v2/ 44 B
338 B 92ms
91ms Image
image/gif 162.243.13.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbv9j7km.firstleaf.club/v2/rb?url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&action=view&source=firstleaf&rb_source=firstleaf&script_version=wxyz.rb.js&sessionId=01cf23f3-9c57-41da-9a05-8619ef8d1a99&uid=rbos-709f7e7e-e05b-4cf2-9241-005a1b9c392c
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.167 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:28 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbv9j7km.firstleaf.club/v2/ 44 B
338 B 198ms
104ms Image
image/gif 162.243.13.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbv9j7km.firstleaf.club/v2/rb?url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&action=identify&source=firstleaf&rb_source=firstleaf&chartable_user_id=cc6d47b2-0664-42e3-b333-d26729436b6c&script_version=wxyz.rb.js&sessionId=01cf23f3-9c57-41da-9a05-8619ef8d1a99&uid=rbos-709f7e7e-e05b-4cf2-9241-005a1b9c392c
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.167 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:28 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK rb
rbv9j7km.firstleaf.club/v2/ 44 B
338 B 286ms
106ms Image
image/gif 162.243.13.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbv9j7km.firstleaf.club/v2/rb?url=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&action=identify&source=firstleaf&rb_source=firstleaf&chartable_user_id=cc6d47b2-0664-42e3-b333-d26729436b6c&podsights_session_id=a733f19bc4db4c70b231ac7c7b743380&script_version=wxyz.rb.js&sessionId=01cf23f3-9c57-41da-9a05-8619ef8d1a99&uid=rbos-709f7e7e-e05b-4cf2-9241-005a1b9c392c
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/terms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.243.13.167 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 20:52:28 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 web-widget-classic-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame E515 13 KB
4 KB 22ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c4538ed53b463b27a4ac7b0e5401b559a63712dade53b67d0ab77529ec7eb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: 1O7VEz3zVjm03IqdKo7mi09Gyo4A5kOb
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58F8KJ9J2QWFWC06
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LpER6wk2LsYsECQYVFfzyBj1y7IAN/GYBTNUJmUz3EgoWCd2GvCrYYn0bmRQ8ICyua2bwzgqr/M=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"8413c63e3af20a4c08eb177e368aaea5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136e28df9bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 315 B
454 B 52ms
25ms XHR
text/plain 2606:4700::6810:7b60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b7c54b50a8b8c0e9ec71a8cc29b41038fe55581e3676f9903bacfc186b695e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 7606136e5a089bc8-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 web-widget-8165-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame E515 663 KB
190 KB 45ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: E.opgFeYN9Y5yBgwKg8Gug9GNmUfpWsc
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58FCMAD1KHT0X8XX
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tBi52/fEkJieluxor+O7vMKvy4Xe95qNGyABjccbUoZOcz8D0LmGGhsnRY5gg6lkhJy/2EW7nGE=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136e493d9bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

GET
H2 200 web-widget-5324-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame E515 491 KB
108 KB 28ms
28ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8c9d5b716dff4c6a1cc0688bc9dba9787d95049129a382129fd02ed37bfc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: 4LRyCq2bqtdIs9dXAsGX5tHdPVgqUDeJ
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58FB8TSVYQPHM073
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: zm3CEfC3M7HL3bffAZFHBMxpdoGJaM3EduZ+K6PZmzMAiv5dFe6ujM2+3T+5g674qNHDilctjr8=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"e3a57b29ddf1252dc460af5d456ea806"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136e493f9bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

POST
H3 204 rum Show response
www.firstleaf.club/cdn-cgi/ 0
143 B 45ms
45ms XHR
text/plain 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.firstleaf.club/cdn-cgi/rum?

Requested by

Host: www.firstleaf.club
URL: https://www.firstleaf.club/3059-d8b3d1cedf612c3c550b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.firstleaf.club/terms/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: application/json

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.firstleaf.club
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7606136ebaba5c20-FRA

GET
H2 200 embeddable_blip Show response
penrosehill.zendesk.com/ Frame E515 0
79 B 128ms
128ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://penrosehill.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjljMjJhNzc1YjlmYTRmMDBhODU4Nzk2OTNmODgwY2QyIiwic3VpZCI6IjI4OTBiZTg0OTA1YTQxYzE5OWRiMzkxMjdiZmU5MGYxIiwidmVyc2lvbiI6IjZhZGRkMGIiLCJ0aW1lc3RhbXAiOiIyMDIyLTEwLTI2VDIwOjUyOjI4LjY5MFoiLCJ1cmwiOiJodHRwczovL3d3dy5maXJzdGxlYWYuY2x1Yi90ZXJtcy8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e02dceabb69d6ba4a66a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Oct 2022 20:52:28 GMT
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7606136f5b729116-FRA
content-length: 0
x-request-id: 7606136f5b729116-IAD

GET
H2 200 de-de-json-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame E515 27 KB
6 KB 29ms
29ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: E8OfQ9pEW4qWPGt4G5F2awi1ksGLO7UP
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: NE85QP898EPW8Q32
age: 246015
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fIPnGOiudZRFUY0QABMmWqeo1kebtqU2bHyMmcKeaUA4Z9CcSVKZRsTRotFo0HWDVAXrXqJh+No=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136f6c6f9bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

GET
H3 200 component---src-pages-wine-school-home-jsx-1d7502ee63d2e9ac3246.js
www.firstleaf.club/ 0
4 KB 86ms
86ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-wine-school-home-jsx-1d7502ee63d2e9ac3246.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 150020
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=9937
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:23 GMT
server: cloudflare
etag: W/"7410683ca406e534a52cf0475afe3ac0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606136f7c755c20-FRA
x-amz-cf-id: g6-EYkDH-4Uo0_-DUU2od2hrqr5FRIL1CjgcA0d4GOuCEePcgU-fmQ==

GET
H3 200 component---src-pages-accessibility-jsx-2c9c0d2f21da8af9c74a.js
www.firstleaf.club/ 0
1 KB 34ms
33ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-accessibility-jsx-2c9c0d2f21da8af9c74a.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 66726
x-amz-cf-pop: FRA56-C1
cf-polished: origSize=2618
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 08:55:20 GMT
server: cloudflare
etag: W/"d7cf8018090940b80c81d788b5203ce6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606136f7c815c20-FRA
x-amz-cf-id: sldIdpcz8Gt8Vx36FsDUfKo4-SIIk4LGGJubIVki4FpkPvtW1xdE4Q==

GET
H3 200 component---src-pages-definitions-store-index-jsx-9ceb20ab44de94af042d.js
www.firstleaf.club/ 0
4 KB 33ms
32ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-definitions-store-index-jsx-9ceb20ab44de94af042d.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 4ae51cc91f2174df230b12d29ebf4622.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-cf-pop: BOM78-P3
age: 170833
cf-polished: origSize=11133
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:18 GMT
server: cloudflare
etag: W/"364d91da57465ebeca0e97ee1fc6793b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606136f9ccf5c20-FRA
x-amz-cf-id: zv-fQSQxPm80dWaP0burcP2fgepaYVCZcYnR4AWHXwqWPCcuJLiECw==

GET
H3 200 component---src-pages-definitions-gifting-landing-index-jsx-0aef9b0cb65bd0ed267d.js
www.firstleaf.club/ 0
7 KB 39ms
39ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-definitions-gifting-landing-index-jsx-0aef9b0cb65bd0ed267d.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 150020
x-amz-cf-pop: DUS51-P1
cf-polished: origSize=22583
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Oct 2022 15:55:17 GMT
server: cloudflare
etag: W/"3b5d2282a0114a5a94df05bdd57c43a5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606136f9cd85c20-FRA
x-amz-cf-id: uWfb8aA59-Cjwl4NGIquO3dqze6cIdrXuliStCSd3Z9dPwt5v-YzdQ==

GET
H3 200 component---src-pages-index-jsx-d4a1374d48bb57d474e5.js
www.firstleaf.club/ 0
21 KB 33ms
33ms Other
application/javascript 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.firstleaf.club/component---src-pages-index-jsx-d4a1374d48bb57d474e5.js
Requested by: Host: www.firstleaf.club
URL: https://www.firstleaf.club/app-079b0d6d6712bff6ea66.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/terms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
via: 1.1 c25bc16c1238c23c74267a81302a62f8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
age: 120698
x-amz-cf-pop: ZAG50-C1
cf-polished: origSize=63727
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 08:55:20 GMT
server: cloudflare
etag: W/"db8292de3a5032e899facebeb0427740"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
cf-ray: 7606136f9cdb5c20-FRA
x-amz-cf-id: Eu3JWitqS5TQ2lNbWv31gI9Xy5Dejw4kmirOW_nhZ47IyGQHWJj5Ng==

GET
H2 200 web-widget-chat-sdk-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame E515 202 KB
51 KB 35ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:28 GMT
x-amz-version-id: h8vh1D2le1RfIJA36HgrDH1ZAKsBxY.9
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: 58F4XJW25FF31R65
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AoerNuwCJ+0aXDweWOkYY+vPyUec8Oen5Q5K0t0zibdCyxWbMaVxsXBEtT/F//KELCb0azl2emM=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606136fad249bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame B684 257 KB
64 KB 44ms
14ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02c39312062b70db1e8c9eabafcd7adaec452805512fe73438d7249fe714172

Request headers

Referer
Origin: https://www.firstleaf.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:22:50 GMT
content-encoding: br
age: 1778
x-guploader-uploadid: ADPycdsa-iODy8JR9O8b7yh_jz1wgXCjFzC7Y8kOzyEz-a5HtB8KgsNuuIMCxYx5nmXt3c5gdIhJA3QjHl-wzN42iz93kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65504
last-modified: Wed, 26 Oct 2022 16:33:55 GMT
server: UploadServer
etag: "bf20ef04cd58c8bf7f21ee128f6eb875"
vary: Accept-Encoding
x-goog-generation: 1666802035880972
x-goog-hash: crc32c=drrJ7Q==, md5=vyDvBM1YyL9/Ie4Sj264dQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 65504
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Oct 2022 21:22:50 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-6addd0b.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame E515 208 B
363 B 24ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-6addd0b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-6addd0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:52:29 GMT
x-amz-version-id: .sa2VDhH25lJBdGrxr3Mun4cVxonS1Dz
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: Q7W0M1MH4R1HFRHQ
age: 246017
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: QXTgHOSZar00ZA6SdoYDe8nnNw8CH7a6sZM305F6GtAfIgsmvV7jqkD0Eftdi4L7DkY8RGvKN90=
last-modified: Fri, 21 Oct 2022 09:51:50 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606137169209bca-FRA
expires: Sat, 21 Oct 2023 09:51:49 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame E515 19 KB
20 KB 20ms
20ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 26 Oct 2022 20:52:29 GMT
x-amz-version-id: 3iTCFLMhOfhdTdwytLDLKnm7Oh_paPiP
cf-cache-status: HIT
strict-transport-security: max-age=0
x-amz-request-id: Z95MG44K9JP3V4EX
age: 1309002
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: e/jehAy//i99RJWHmpdaRVHUEj/SaRGFB0uS86a5XtXssyK+BFM1l1b39fk5+/AQL1CT1UIO2Uk=
last-modified: Tue, 11 Oct 2022 04:42:31 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7606137199809bca-FRA
expires: Wed, 11 Oct 2023 04:42:30 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 23ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1669030446688031&ev=Microdata&dl=https%3A%2F%2Fwww.firstleaf.club%2Fterms%2F&rl=&if=false&ts=1666817549348&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Firstleaf%3A%20Terms%20%26%20Conditions%22%2C%22meta%3Adescription%22%3A%22Save%20on%20world%20class%20wines%20delivered%20to%20your%20door%20with%20Firstleaf%27s%20wine%20club.%20Get%20started%20now%20and%20join%20the%20150%2C000%20wine%20lovers%20who%20have%20found%20their%20perfect%20wines!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1666817547836.377974287&eid=ob3_plugin-set_aee476de02901be7971545e7742fbeaaf9d6ba39b1313688404076335cff0617&it=1666817547675&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.firstleaf.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Oct 2022 20:52:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0

OPTIONS
H3 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 123ms
123ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.firstleaf.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 20:52:32 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: l96wzh0hcwkr
server: Google Frontend
x-cloud-trace-context: 2c9bcea7046af3226af1782f896f367a
x-powered-by: Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: us-central1-adaptive-growth.cloudfunctions.net
URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firstleaf.club/	1970-01-20 07:00:19	Name: _sp_ses.efdf Value: *
.firstleaf.club/	1970-01-20 16:36:17	Name: _sp_id.efdf Value: 4edea299-6cfc-44d9-b6ad-9a617844aebd.1666817548.1.1666817548.1666817548.8c1c7cdb-ac6f-4d80-977b-2eae5dbb3f31
.firstleaf.club/	1970-01-20 09:09:53	Name: _gcl_au Value: 1.1.570988214.1666817548
.firstleaf.club/	1970-01-20 07:00:19	Name: FL_Referrer Value: 2
www.firstleaf.club/	1970-01-20 07:00:18	Name: _dd_s Value: logs=1&id=3b6b2871-5744-4a67-a346-aa5bdfb7a687&created=1666817547624&expire=1666818447624
.bing.com/	1970-01-20 16:21:53	Name: MUID Value: 14F0379DFC0964002B1625D4FD0965C3
.firstleaf.club/	1970-01-20 07:01:43	Name: _uetsid Value: 19db17c0557011ed848d0bacafec34a9
.firstleaf.club/	1970-01-20 16:21:53	Name: _uetvid Value: 19db58d0557011edb4f02759ef29008c
www.firstleaf.club/	1970-01-20 15:45:53	Name: __pdst Value: df2521df1d6541e989998ce085d394b2
www.firstleaf.club/	1970-01-20 15:45:53	Name: _wchtbl_uid Value: cc6d47b2-0664-42e3-b333-d26729436b6c
www.firstleaf.club/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: b19f7e59-da2f-484e-9fc0-437e06174b9e
.firstleaf.club/	1970-01-20 16:36:17	Name: _ga Value: GA1.2.321966687.1666817548
.firstleaf.club/	1970-01-20 07:01:43	Name: _gid Value: GA1.2.1731270052.1666817548
.firstleaf.club/	1970-01-20 07:00:17	Name: _gat_UA-68049103-4 Value: 1
.firstleaf.club/	1970-01-20 09:09:53	Name: _fbp Value: fb.1.1666817547836.377974287
.doubleclick.net/	1970-01-20 07:00:18	Name: test_cookie Value: CheckForPermission
.trkn.us/	1970-01-20 15:45:53	Name: barometric[cuid] Value: cuid_03096cde-ec4c-4e0b-8a09-1eb1c6a572f1
.firstleaf.club/	1970-01-20 15:45:53	Name: fs_uid Value: #134SPF#6420205240602624:6096150717288448:::#/1698353547
.firstleaf.club/	1970-01-20 15:45:53	Name: fs_cid Value: 1.0
www.firstleaf.club/	1970-01-20 07:00:21	Name: _wchtbl_do_not_process Value: 1
www.firstleaf.club/	1970-01-20 07:00:21	Name: _wchtbl_pixel_sync Value: 0
.firstleaf.club/	1970-01-20 07:00:19	Name: __cf_bm Value: PkFO7Z8Ooc1s5HfWCirLZpU9xEpqFPQZPB86shxN2QI-1666817548-0-AWZaFfXmlyPm1HXuUattIGTEzWo6zJxlUx7ejhxasmxz5loK063ensbtRI8x3rMQ8Tb01XIGx4xg3pqgMfPMKW6TAv6UAofq5Vp93JyKqVE1zz/OjDHGq5vBWH4nDPFDBA==
www.firstleaf.club/	1970-01-20 07:10:22	Name: shipToState Value: %7B%7D
www.firstleaf.club/	1970-01-20 07:10:22	Name: storeOrder Value: %7B%22token%22%3A%22dVkiViHcokQi8V_Q2SfIYA%22%2C%22number%22%3A%22R244936700%22%7D
.getrockerbox.com/	1970-01-20 07:43:29	Name: uuid Value: rbos-709f7e7e-e05b-4cf2-9241-005a1b9c392c
.firstleaf.club/	1970-01-20 07:43:29	Name: rbuid Value: rbos-709f7e7e-e05b-4cf2-9241-005a1b9c392c
.firstleaf.club/	1970-01-20 15:45:53	Name: sp Value: 3a0deee3-ac8c-426c-addb-d96099c6307f
widget-mediator.zopim.com/	1970-01-20 07:10:22	Name: AWSALBCORS Value: vKFbvzJcFwART9O1f09XSDu07xLvqLYCOYUBcSwdVrmAMq5eW1VowrdFA/IUxyLovJ/9Rj+tKgKA1KbU8y7rDHD2hDGIfR8umus5pzW+PwfQKs9YzoI0UYz7jA2A
.firstleaf.club/	1970-01-20 15:45:53	Name: __zlcmid Value: 1CdlKWb2zNTtqim

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shop.pe/widget/widget_async.js#62725feabbf6c339ae0dfd75 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.trkn.us
api.firstleaf.club
bat.bing.com
cdn.pdst.fm
challenges.cloudflare.com
cloud.typography.com
connect.facebook.net
ct.firstleaf.club
d38xvr37kwwhcm.cloudfront.net
edge.fullstory.com
ekr.zdassets.com
ext.chtbl.com
fbapi.firstleaf.club
getrockerbox.com
googleads.g.doubleclick.net
images.firstleaf.club
penrosehill.zendesk.com
rbv9j7km.firstleaf.club
rs.fullstory.com
shop.pe
static.cloudflareinsights.com
static.zdassets.com
stats.g.doubleclick.net
trkn.us
us-central1-adaptive-growth.cloudfunctions.net
web.chtbl.com
www.cloudflare.com
www.facebook.com
www.firstleaf.club
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
us-central1-adaptive-growth.cloudfunctions.net
104.16.53.111
104.18.72.113
142.250.186.162
162.243.13.167
172.64.102.36
184.24.10.115
184.24.7.187
2001:4860:4802:36::36
2600:9000:206f:4200:0:cc59:3900:93a1
2600:9000:21f3:be00:15:decf:f580:21
2600:9000:2490:3800:a:b27c:d040:93a1
2606:4700:10::6816:2ae0
2606:4700:10::6816:2be0
2606:4700::6810:3965
2606:4700::6810:4da5
2606:4700::6810:7b60
2606:4700::6812:7b9
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:806::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.230.17.182
35.186.194.58
35.201.112.186
35.227.244.1
35.244.142.80
01af466f48d14857d97a67cd7025ce67c8a0b9ca83ddb6d3f313c7369c432868
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c
053671ed045b39779928906b3454fc3b8ea8363d4b88fcf0ddc2275c61a9778a
05e81951cb0bc3f592e60a131ac3805cbc7a000867817e1b74af8f47be1529ba
07bd6d39686cdaf89ea8373a6c97e5c9b5fed47c68c0e3e9fb1e6cea71ffc478
082c6669be0b45bbbec2499b6c11367471d10b737166a9382f56b5f3ec88e5d2
0d8c9d5b716dff4c6a1cc0688bc9dba9787d95049129a382129fd02ed37bfc35
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
2152236130d8f3e802220d626fa51bef2d829d41550facbb77044276a8ffe91e
2616c60e63b4959e67f167c2090f69b2161b6337d3428aae3bb34c3e853ccee1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
337ce8359d757972929e6d1bd875ce77b387d348d9d794f04cfe2f1ef3b08e60
373c40d4ce404b5046a1d289d29f33eac3fc18f8b881df0b83f9b4a269be13cd
4384183ee280256c2b6627a5a9054d0ab333c070311e0cf6b8edea510089068e
45eceead39e92b6dcd45e3b41f4f90dd9ec19ad4f065b7b59f2e0af59f329506
461b8b1a6dc257f1ce4e7ac5429cabd6f23d5bfa1a3ac1ccda7f2be623d88164
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8
51b06909334339bd5f4027e70f4d2fd30a2a3977ee44cce7385b908ec8f51903
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
61c6ea0c16531b17efa994f6968dbc2685cb8d68a49b37cb72d3ed6f4464d0c3
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db304342138530c9461fe3f03c42a7d7799f5519ca19a397088e11d04b401d7
7160bf300aedb0d16945e3ee5e15851ac0f21c571e2d4632e121eb6f1ab1d9aa
79d6ccdb86903b22a8f92f09723f870ebdbda28d809dba612c7cf5e04ab4cd43
7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c
7cad41d402eb16b9dd037933572b70658aaf2865e22b66561cf37d39784dbda6
7f1404ba616641cc1cf45e21367342a410c96c181330d6dc349e4e1d6a33a67f
7f627f4ae4495fac8bda387d05b2ef9b9f71054088eba55eeadeadd4cbb8d1ba
827c28478f28c77e32fc70750bee8de299fb977cc3b71367e55d6303f6c98d0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
889404f2015a98f54b496eb2527adde2de02bebe87293959eb5deba43d36155f
8e5e947db547f3936bdd9ff3b8bfc87387e67e662a1cf1ed0ab451445accad45
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9981e907b10eb548d48f2f7de1423221a0c34a57e52268e264b68372f9f87f2f
99aa9b9f257dbc4e29313ada744c1f502b574e34c92196adb48bfee5948a4f10
a07141524dca99862fe4c41ab9f999447900b66e82fa76cdb4f32d8c4f3cd86c
a5bfa6e4bf5dbaacd052df4f9ffdb48a739c6ffaab745e514317db549b092269
a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c
aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269
ad71289d4c043b8c51cb8ee2b4597134ff271c8a9b436c77305beaf1f0cee2d8
ae7a6298cc4ddbc9aabb968a58ef4d03690bff47d56224a57c20b91e0c49a3d2
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5bfeb81c9c393bfc80c340d7cd10f05233607733d7075034a069023cc7347ce
b5c4538ed53b463b27a4ac7b0e5401b559a63712dade53b67d0ab77529ec7eb3
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c
b94691675a9e5972534bc2aa34d19496abe42a9801659cf7d5fdc5da21dac049
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
c02c39312062b70db1e8c9eabafcd7adaec452805512fe73438d7249fe714172
c4f3cc1ef8be9ecd5309293f644e2625b6bf9246066d5f5778d72996f5e60c47
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c7b7c54b50a8b8c0e9ec71a8cc29b41038fe55581e3676f9903bacfc186b695e
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf8ab10f74e9dfde5d44a8f64bb59475d04b6b1d24a8f40fd16208dcc0c9903d
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393
d9cb253f12e676cf94172d1b90894dcd38cf333bd1cc64bfccedfb6fa39da591
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8fbb923d7f93a2fcd21ebec34587d9058b54a4d0189bd6ceb7ea2f232df73a
e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96
e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a
e22acb7c6ea4a5964d5cc018fa35f251199aa9729fc89607693c244ef4d634ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edda2ff4de2c41fd8664d3987baed22af9afdf06a4a209b61a6372819e0f3c41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7a36c923865dec773ca7db437fdd10f364dd569c38d84fcb23d4dc7ebf74331
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70
fb53ed01325aeb73eb0f9911ad385723d1a8382d3e539403b65cd731b4bad2ff
fb9860077ce0aecaacca99f18ca5bd44f410dd63ed76e5dd177624cfdda21965
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fd29ee580e83fb251599eca744e47f0b574c1d15f955a4deda8950486e28a92d
fe004911d21d7bb47f3b5a5b1565d7f9ce5a59d3f071eded6f457b9a72832e57
ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

www.firstleaf.club Open in urlscan Pro 2606:4700:10::6816:2ae0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

96 %HTTPS

61 %IPv6

24 Domains

35 Subdomains

31 IPs

4 Countries

2043 kBTransfer

7518 kBSize

29 Cookies

3 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.firstleaf.club Open in urlscan Pro
2606:4700:10::6816:2ae0 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

96 %
HTTPS

61 %
IPv6

24
Domains

35
Subdomains

31
IPs

4
Countries

2043 kB
Transfer

7518 kB
Size

29
Cookies

97 HTTP transactions
12 data transactions