www.theleela.com Open in urlscan Pro
13.225.195.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url6914.theleela.com/ls/click?upn=I7a2rp2qmNjSNjgzfi7sAkmswxGO-2FIbl4iXV-2Fm3TqwdgB870gp-2FvAsS4tg-2FzNWS6W6bg2bTNRYU...
Effective URL:
https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogi...
Submission: On October 04 via manual (October 4th 2023, 7:05:19 am UTC) from CA — Scanned from CA

Summary HTTP 88 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 88 HTTP transactions. The main IP is 13.225.195.104, located in United States and belongs to AMAZON-02, US. The main domain is www.theleela.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 29th 2023. Valid for: a year.

This is the only time www.theleela.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.120 167.89.118.120	11377 (SENDGRID) (SENDGRID)
1 1	34.225.140.54 34.225.140.54	14618 (AMAZON-AES) (AMAZON-AES)
16	13.225.195.104 13.225.195.104	16509 (AMAZON-02) (AMAZON-02)
2	23.212.251.12 23.212.251.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	104.106.162.18 104.106.162.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.253.122.138 172.253.122.138	15169 (GOOGLE) (GOOGLE)
3	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
1	3.162.3.99 3.162.3.99	16509 (AMAZON-02) (AMAZON-02)
3	31.13.80.12 31.13.80.12	32934 (FACEBOOK) (FACEBOOK)
5	142.251.163.139 142.251.163.139	15169 (GOOGLE) (GOOGLE)
2	13.107.253.38 13.107.253.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 9	104.21.87.93 104.21.87.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
1 4	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.161.213.53 3.161.213.53	16509 (AMAZON-02) (AMAZON-02)
1	104.16.124.175 104.16.124.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
2	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
3	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
3	172.253.62.94 172.253.62.94	15169 (GOOGLE) (GOOGLE)
2	142.251.163.147 142.251.163.147	15169 (GOOGLE) (GOOGLE)
1 4	31.13.80.36 31.13.80.36	32934 (FACEBOOK) (FACEBOOK)
1	3.162.3.7 3.162.3.7	16509 (AMAZON-02) (AMAZON-02)
5	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	172.253.63.148 172.253.63.148	15169 (GOOGLE) (GOOGLE)
2 2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1 1	142.251.167.100 142.251.167.100	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
3	20.114.189.135 20.114.189.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.225.195.69 13.225.195.69	16509 (AMAZON-02) (AMAZON-02)
1 2	20.125.209.212 20.125.209.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	35.186.195.233 35.186.195.233	15169 (GOOGLE) (GOOGLE)
88	31

1 167.89.118.120 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x120.outbound-mail.sendgrid.net

url6914.theleela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.140.54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-140-54.compute-1.amazonaws.com

rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.225.195.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-104.yul62.r.cloudfront.net

www.theleela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.251.12 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-251-12.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.106.162.18 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-162-18.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f138.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.163.139 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.253.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.21.87.93 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeted-messages.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.213.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-53.yul62.r.cloudfront.net

customs.affilired.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.124.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

gtm.theleela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.147 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.80.36 (Toronto, Canada) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-yyz1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-7.yul62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.148 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.167.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f100.1e100.net

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.137 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

v.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-69.yul62.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.209.212 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.195.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.195.186.35.bc.googleusercontent.com

api.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	theleela.com 1 redirects url6914.theleela.com www.theleela.com gtm.theleela.com	553 KB
12	sojern.com static.sojern.com — Cisco Umbrella Rank: 18435 beacon.sojern.com — Cisco Umbrella Rank: 7399 pixel.sojern.com — Cisco Umbrella Rank: 9851	57 KB
11	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 48706 targeted-messages.triptease.io — Cisco Umbrella Rank: 69281 messages.guest-experience.triptease.io — Cisco Umbrella Rank: 78264 api.triptease.io — Cisco Umbrella Rank: 74866	160 KB
10	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 ad.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	4 KB
7	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 270 www.google.com — Cisco Umbrella Rank: 11 adservice.google.com — Cisco Umbrella Rank: 182 fcmatch.google.com — Cisco Umbrella Rank: 5760	2 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 v.clarity.ms — Cisco Umbrella Rank: 10985 c.clarity.ms — Cisco Umbrella Rank: 2092	23 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 109	711 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 691 c.bing.com — Cisco Umbrella Rank: 481	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 8716	669 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	121 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	274 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 5755 consentcdn.cookiebot.com — Cisco Umbrella Rank: 6470	94 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 637	760 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 360	2 KB
2	affilired.com customs.affilired.com — Cisco Umbrella Rank: 141729	8 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	60 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3977	258 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 5832	432 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1425	4 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1780	50 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	23 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	19 KB
1	rb.gy 1 redirects rb.gy — Cisco Umbrella Rank: 105250	323 B
88	25

	Domain	Requested by
16	www.theleela.com	www.theleela.com
7	static.sojern.com	www.googletagmanager.com www.theleela.com static.sojern.com
7	onboard.triptease.io	1 redirects www.theleela.com onboard.triptease.io
4	pixel.sojern.com	static.sojern.com
4	ad.doubleclick.net	4 redirects
4	www.facebook.com	1 redirects www.theleela.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.theleela.com
3	v.clarity.ms	www.clarity.ms
3	www.google.ca	www.theleela.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.theleela.com bat.bing.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.googletagmanager.com	www.theleela.com www.googletagmanager.com
2	targeted-messages.triptease.io	onboard.triptease.io targeted-messages.triptease.io
2	c.clarity.ms	1 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	adservice.google.com	static.sojern.com
2	www.google.com	www.theleela.com
2	analytics.google.com	www.googletagmanager.com
2	customs.affilired.com	www.theleela.com customs.affilired.com
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	consent.cookiebot.com	www.theleela.com consent.cookiebot.com
1	api.triptease.io	targeted-messages.triptease.io
1	messages.guest-experience.triptease.io	targeted-messages.triptease.io
1	c.bing.com	1 redirects
1	vc.hotjar.io	script.hotjar.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	static.sojern.com
1	script.hotjar.com	static.hotjar.com
1	gtm.theleela.com	www.googletagmanager.com
1	unpkg.com	www.theleela.com
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	cdn.jsdelivr.net	www.theleela.com
1	cdnjs.cloudflare.com	www.theleela.com
1	rb.gy	1 redirects
1	url6914.theleela.com	1 redirects
88	43

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.cookiebot.com
privacy.microsoft.com
www.hotjar.com
www.sojern.com
www.facebook.com
giftcard.theleela.com
www.ghadiscovery.com
www.instagram.com
twitter.com
www.youtube.com
www.linkedin.com
reservations.theleela.com

Subject Issuer	Validity	Valid
*.theleela.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-04-30`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-04-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
www.affilired.com GeoTrust EV RSA CA 2018	`2023-08-29` - `2024-09-28`	a year	crt.sh
gtm.theleela.com GTS CA 1D4	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
onboard.triptease.io GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.guest-experience.triptease.io R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.triptease.io Sectigo RSA Organization Validation Secure Server CA	`2023-04-24` - `2024-05-22`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779
Frame ID: D62C962C8CCD9DE59DCDD113FD89195B
Requests: 75 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 6187B43EEA204CC5FA06D5904DFA8A11
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v6977.86391/kernel-host.html?originHost=www.theleela.com
Frame ID: 40349374B73C8718B3B44BB1B8EDDCB8
Requests: 2 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Frame ID: 3D4ADD3B3519297B56A543881779BF42
Requests: 10 HTTP requests in this frame

Frame: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Frame ID: 4E7F20E267186513197E3676AF2EDAF6
Requests: 3 HTTP requests in this frame

Frame: https://customs.affilired.com/rls.php?merchant=5027
Frame ID: 677A357FF490F2CE107711A49BF91BFA
Requests: 1 HTTP requests in this frame

Frame: https://targeted-messages.triptease.io/static/storageIframe.html
Frame ID: 86A84C38B2AAFEB6A588198ED5173EB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GHA register | The Leela Palaces Hotels and Resorts

Page URL History Show full URLs

http://url6914.theleela.com/ls/click?upn=I7a2rp2qmNjSNjgzfi7sAkmswxGO-2FIbl4iXV-2Fm3TqwdgB870gp-2FvAsS4t... HTTP 302
https://rb.gy/27182?utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20W... HTTP 301
https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

88 %
HTTPS

0 %
IPv6

25
Domains

43
Subdomains

31
IPs

4
Countries

1484 kB
Transfer

4728 kB
Size

46
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us/privacystatement
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy/
Title: Hotjar

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.sojern.com/privacy/
Title: Sojern

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Meta Platforms, Inc.

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://giftcard.theleela.com/en-in/e-gift-card/moments-by-the-leela
Title: Gift Card

Search URL Search Domain Scan URL

URL: https://www.ghadiscovery.com/GHA-DISCOVERY-Programme-Terms-Conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.instagram.com/theleela/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/theleelahotels
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/LeelaHotelsOfficial?ob=video-mustangbase
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/theleela
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-leela-palaces-&-resorts
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://reservations.theleela.com/signin?chain=23514
Title: Manage Reservations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url6914.theleela.com/ls/click?upn=I7a2rp2qmNjSNjgzfi7sAkmswxGO-2FIbl4iXV-2Fm3TqwdgB870gp-2FvAsS4tg-2FzNWS6W6bg2bTNRYUge0kscAzs-2BQDEpcQA1BS-2F-2FfjyWUHgr61034d-2BZdtocay77Dq2aN4pSCLgfc6ueq0T2fWPr1EwQw0z0x5l9T-2FEx2Vf4mkS5oUn0gNzFBwlin2Pas6qVIqFSAuoSImFyp-2BMUiFq-2BF-2FtKg-3D-3DmMmr_YVJqtn6DyjbMfku-2FBC05pBUyWXY4oM4wbz4O1ISOcM6RCuvWRSjwG9n9FUf4MhTcJds2D2qgZHSUTQ9P7fZ4dVbIJ0UCBuhDyDQc4zHX9OVd8ZHQ1UlpLMa5tST81xbMtcktEJFAY8E0lqq-2BGapnbHPh7IuQGtgOu8zIpi84r2piwqYieNhBQ7olslBlSON8kP-2FyeBXlbQBE-2B6w9ax1JNVNR-2BJmO6x-2FIjWGb1qAz7CwsgNNu83tRtfPMZdFn92386LKIoGNmPTYm-2FhMWu3fvi0f3xsOcHZSGOT7Ddwz5kPKRGvLHc0uQbJ5aSeFzFViophtJJpPq-2BX83CTS-2BlBbd2-2BoXkMaYNYDfRCp8flqR7fOGO6XHgOE3fwOL3nWERobuVLh-2FrJVLhuzwyqls3cghSPY22nskYaMceMgi5E5eH4C7PCy2oHHlb2tAA7GYz0ORluqfqUXHAYsIUT8EOFH9xQ-3D-3D HTTP 302
https://rb.gy/27182?utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20%28October%20%2723%29%20-%20Batch%205-519779 HTTP 301
https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K HTTP 307
https://onboard.triptease.io/bootstrap/v6977.86391/bootstrap.js

Request Chain 55

https://www.facebook.com/tr/?id=5633895296697450&ev=PageView&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&rl=&if=false&ts=1696403113721&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1696403113719.935120711&ler=empty&it=1696403113503&coo=false&exp=a1&rqm=GET HTTP 302
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ec=1&ev=PageView&exp=a1&fbp=fb.1.1696403113719.935120711&id=5633895296697450&if=false&it=1696403113503&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1696403113721&v=2.9.132

Request Chain 70

https://ad.doubleclick.net/ddm/activity/src=13230096;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=9itfpugf8ihglWHb_cZ0WQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&sjrn_ula=8165108062 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&sjrn_ula=8165108062&google_gid=CAESEHjeMXuuNCqqpFGPzMJ2d54&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_hm=9itfpugf8ihglWHb_cZ0WQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo

Request Chain 73

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DSz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g HTTP 302
https://pixel.sojern.com/idsync/apn?id=9034886183843981830&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g

Request Chain 74

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=7d7bc208-88de-4c36-a8d6-140d6af68c69&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g

Request Chain 75

https://c1.adform.net/serving/cookie/match?cid=f62b5fa6-e81f-f228-6095-61dbfdc67459&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=6181505017587602024&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459

Request Chain 81

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&RedC=c.clarity.ms&MXFR=03E10C1F8A0163482C131FBF8E016D63 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&MUID=3738201C8F1C66A62C6433BC8E36671E

Request Chain 82

https://ad.doubleclick.net/activity;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=2104528608.1696403113;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=2104528608.1696403113;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=*;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2

88 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gha-signup Show response
www.theleela.com/
Redirect Chain

http://url6914.theleela.com/ls/click?upn=I7a2rp2qmNjSNjgzfi7sAkmswxGO-2FIbl4iXV-2Fm3TqwdgB870gp-2FvAsS4tg-2FzNWS6W6bg2bTNRYUge0kscAzs-2BQDEpcQA1BS-2F-2FfjyWUHgr61034d-2BZdtocay77Dq2aN4pSCLgfc6ueq0T...
https://rb.gy/27182?utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20%28October%20%2723%29%20-%20Batch%205-519779
https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%...

97 KB
25 KB

1514ms
1454ms

Document
text/html

13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

5f0f0927b6e1840690d536f890809763b04eb647d360855ebb1614a709d86cb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 07:05:12 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
link: <https://www.theleela.com/gha-signup>; rel="canonical"
permissions-policy: interest-cohort=() interest-cohort=()
referrer-policy: strict-origin
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-adv-varnish: Cache-disabled
x-amz-cf-id: umnxpl_kywYGJedHjLH8utrsJcPstmk2g98G2FyrteZQoh644UqxyQ==
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
x-cache-hits: 0
x-cacheable: NO:Not Cacheable
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-pass-varnish: YES
x-ua-compatible: IE=edge
x-varnish: 41709511
x-varnish-cache: MISS
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store
content-length: 0
date: Wed, 04 Oct 2023 07:05:11 GMT
engine: Rebrandly.redirect, version 2.1
expires: -1
location: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779
strict-transport-security: max-age=15552000

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 108ms
36ms Script
application/javascript 23.212.251.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.theleela.com
URL: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.12 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 07:15:18 GMT
etag: "4a4b65e12f1d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=144
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33511
expires: Wed, 04 Oct 2023 07:07:37 GMT

GET css_2Zzi2uLcrV_jlv4vEXqQ-xmQy4CvEr58AMStZfp2bWo.css
www.theleela.com/prod/content/assets/css/ 0
0

GET
H2 200 css_SeIu8lcU51HpLKdvzfeSgU-fdvKFvU3pR4CmkByJ2TU.css
www.theleela.com/prod/content/assets/css/ 197 KB
28 KB 34ms
32ms Stylesheet
text/css 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/prod/content/assets/css/css_SeIu8lcU51HpLKdvzfeSgU-fdvKFvU3pR4CmkByJ2TU.css?VersionId=VzqeVzZ.ZT8LBSoMkhkO2PMBpMPlOZ4y

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

49e22ef25714e751e92ca76fcdf792814f9f76f285bd4de94780a6901c89d935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 11:40:54 GMT
x-amz-version-id: qQI1Shr4XxNvAzYkcz498vy4iDsHe2OU
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
age: 5167460
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 05 Aug 2023 11:32:31 GMT
server
etag: W/"7cab9b78e0165c7c1b6cddafe42a88ad"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: DENY
cache-control: max-age=31536000
x-amz-cf-id: fOCDEZrOw10YWfABHR0ZANQtq7ZHWIga1Fl2UF4zrdT1PdI_fnZ2bg==

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 99 KB
19 KB 64ms
23ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 419545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18688
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "630e6e62-4900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9c0%2FgxAC5yjpEKMe1kMkz5UQtttbJ8yz8gTw4%2B8Rkd%2BHdOPB9IpQTQFoabCuj%2B5UFALrUfCxgtwK%2FdIudeU6ExhDakPIqOs5MaAaqtdujSU4WqgD9CjvAdjsTRuDrwApBl1rkqDI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 810b93412fb736ca-YYZ
expires: Mon, 23 Sep 2024 07:05:13 GMT

GET
H2 200 css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css
www.theleela.com/prod/content/assets/css/ 478 KB
59 KB 48ms
47ms Stylesheet
text/css 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

ce39fa6ce22dac5c36a375062dc7a618f623c7c146a3bce675ec4d7a64c50d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 14:25:30 GMT
x-amz-version-id: n6P.HW0verkluyIXe9Og4UUp41D6N64i
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
age: 5243984
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 04 Aug 2023 14:23:55 GMT
server
etag: W/"c8540919504b429a248023c635699e48"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: DENY
cache-control: max-age=31536000
x-amz-cf-id: srWR6Dw4b56Ds1C_07DB0fswyFb_DS0mgda7XDLblNRIWiP-jksSEg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 399 KB
110 KB 149ms
72ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

cdfdc577f1e6a578ebb7c24ee2cec64619b9e13dc41d43888a93b1d383502291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112287
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 07:05:13 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e26ab699ce3440b299c1274ea67f63e07a6124a189daf8d53c8acb35c09a5a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 leela-logo.svg
www.theleela.com/themes/custom/leela/images/ 10 KB
5 KB 592ms
591ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/images/leela-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

ed7eb84b16f5384af3924da2549c9816136b0b6492c955e7da5b75367ba77567

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-26e4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 40052336
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: yqRqbT9EddR1tt2r90uFBzknQAMXmEK1qPZ8dPVTJQBeNXvusncwXw==
x-cache-hits: 0

GET
H2 200 chat-main.svg
www.theleela.com/themes/custom/leela/app/images/connect-icons/ 2 KB
2 KB 585ms
584ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/connect-icons/chat-main.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

3e5a68123efe6574d40f67092723e60e648b6a1bc780bfd6e95d15b78af777b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-602"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 41709514
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: 0zMPWU_DNUCxeskArhAwenvBGqMk7yIDkb2VQ-w-1EM-VK92hxOQyQ==
x-cache-hits: 0

GET
H2 200 js_6kYLJzlM52gEGW1CVgCe4r7QE_TmMLPb1Xp8W7VSHkI.js Show response
www.theleela.com/prod/content/assets/js/ 766 KB
191 KB 32ms
31ms Script
application/javascript 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/prod/content/assets/js/js_6kYLJzlM52gEGW1CVgCe4r7QE_TmMLPb1Xp8W7VSHkI.js?VersionId=Zrl_sSq2wDoD3geTD1D3RYAVuH1cAGnj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

ea460b27394ce76804196d4256009ee2bed013f4e630b3dbd57a7c5bb5521e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 10:49:21 GMT
x-amz-version-id: Pa.NfrJpqKiiX8xb0wQl8u.57Az4ABpW
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
age: 332153
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 29 Aug 2023 17:07:53 GMT
server
etag: W/"29e678f06a13eea7c9b06937b2f813ee"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: DENY
cache-control: max-age=31536000
x-amz-cf-id: zOj7pyCnJkg36Xq_GzwjZAtU25OavHf_3rdTKt5M1Zh5wc34WJZlPg==

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 23 KB
23 KB 55ms
17ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
age: 17517926
x-jsd-version: 1.17.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23261
x-served-by: cache-fra-eddf8230098-FRA, cache-yyz4544-YYZ
x-jsd-version-type: version
etag: W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js_OqErle8dsJOdVnneMZd-Oz2H99MWAqaRmbMyziKApDo.js Show response
www.theleela.com/prod/content/assets/js/ 47 KB
11 KB 54ms
53ms Script
application/javascript 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/prod/content/assets/js/js_OqErle8dsJOdVnneMZd-Oz2H99MWAqaRmbMyziKApDo.js?VersionId=_NN5Bl8ewjERM2J2eKemWYN6WdKYF3qc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

3aa12b95ef1db0939d5679de31977e3b3d87f7d31602a69199b332ce2280a43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 16:02:40 GMT
x-amz-version-id: DWaKiJSORVoEXaMiGzf3vaM9heOteN46
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
age: 313354
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 29 Sep 2023 14:29:03 GMT
server
etag: W/"6d09c7a020d487885a837517dced3bf2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: DENY
cache-control: max-age=31536000
x-amz-cf-id: FqVF2yn9buYc3Gvx5vITt6ZPEO-1K5dvSZycdak48agWpWLLJPkW_g==

GET
H2 200 user-black-icon.svg
www.theleela.com/themes/custom/leela/app/images/icons/ 546 B
2 KB 588ms
587ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/icons/user-black-icon.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

5267a8e538ada2caf9115327a88512de40734f4436f7a869cc6c3e48eceb8fff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-222"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 40323873
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: IjTsvHK_MAiOwoKSAaWxFi0UuHGa0ap2DAEYcIwkmvb61mtvts-3FQ==
x-cache-hits: 0

GET
H2 200 instagram-white.svg
www.theleela.com/themes/custom/leela/app/images/footer/ 1 KB
2 KB 787ms
785ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/footer/instagram-white.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

bb5b96de3e8a06089b9b57c3d6d777ada48126c56c2c8742a01b502f1081d2ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-5db"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 40052338
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: 1Zfhc-FtsQsUBIB-7kVW4l5k-XYh-38t-oSlTn8VHjV6fsYa9ovomw==
x-cache-hits: 0

GET
H2 200 twitter-white.svg
www.theleela.com/themes/custom/leela/app/images/footer/ 387 B
2 KB 791ms
790ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/footer/twitter-white.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

d752ae2a03d40ce0412b777d4b7dd5c0d305037ae945a2f4f449e7b1bd4a0caa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Tue, 22 Aug 2023 14:17:25 GMT
etag: W/"64e4c375-183"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 40052340
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: QbBE2t_-I62JAZ1FltG06mU5Qpsi_r0U59xkBlzZnK1GWoWrFubbfw==
x-cache-hits: 0

GET
H2 200 youtube-white.svg
www.theleela.com/themes/custom/leela/app/images/footer/ 599 B
2 KB 784ms
783ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/footer/youtube-white.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

8a704e5b63565a99c8b8b6da6c5caa08eae7cb42b39365a4f53eeeb19b7bb4d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 359
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-257"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 43499706
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: 8rQE11PlWy3UB3GLI5I2nZWos7Rib-ecVX7DgculgBA-4iez-LaQNA==
x-cache-hits: 0

GET
H2 200 facebook-white.svg
www.theleela.com/themes/custom/leela/app/images/footer/ 513 B
2 KB 785ms
784ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/footer/facebook-white.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

f5f13da28e611c512a64a0c5db8b6f7f62c3f5209ae572b7f7d15312f99323f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 343
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-201"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 43499708
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: QOt1X_q6Vdl-CrRYQtT1YytYZc867WBXvD7MOWiW84tLYbFb9VkF3Q==
x-cache-hits: 0

GET
H2 200 linkedin-white.svg
www.theleela.com/themes/custom/leela/app/images/footer/ 2 KB
2 KB 780ms
780ms Image
image/svg+xml 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theleela.com/themes/custom/leela/app/images/footer/linkedin-white.svg

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

2d653008a8b80fe521c9579a0bf700e1073a5f6765e2a77de65e70d547ccb3c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
content-encoding: gzip
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 841
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: W/"6479d530-6d5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-varnish: 40323875
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: vJjkGm-6fp5vqWENl_YWb1MAigbkd-iE4YCiDBc2kI5yjH0hEnig4g==
x-cache-hits: 0

GET
H2 200 National-Book.woff2
www.theleela.com/themes/custom/leelaamp/app/fonts/ 44 KB
45 KB 979ms
978ms Font
application/octet-stream 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/themes/custom/leelaamp/app/fonts/National-Book.woff2

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

bfe30a4c9c2872daf50a376489bab9945d876d7b09ea3ac2ba2e745e42b06670

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
Origin: https://www.theleela.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 44840
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: "6479d530-af28"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 42732292
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: K1sK-FiD8bo907ZbrKTeFyvoAxasqCvuzYS733pg3pNkUFnyVj7D5g==
x-cache-hits: 0

GET
H2 200 PlayfairDisplay-Regular.woff2
www.theleela.com/themes/custom/leelaamp/app/fonts/ 86 KB
87 KB 970ms
968ms Font
application/octet-stream 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/themes/custom/leelaamp/app/fonts/PlayfairDisplay-Regular.woff2

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

038ed9692d094c2952fcdc22ad7f851c90381748d2dd2fbf8b419cf2407a5a31

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
Origin: https://www.theleela.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 87724
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: "6479d530-156ac"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 42732290
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: 6vBf52FMAW2fwxKp-RZk8gBh9FDbnqRNPmxOAJG1EA8nB_YBuZjdVA==
x-cache-hits: 0

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 6187 627 B
812 B 110ms
36ms Document
text/html 104.106.162.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.106.162.18 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-106-162-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://www.theleela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:05:13 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Thu, 03 Oct 2024 07:05:13 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1696403113311_1752230879_125297574_26_726_17_36_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/b029e5f0-c2a9-407e-a99a-39b06d2013d2/ 244 KB
60 KB 220ms
218ms Script
application/x-javascript 23.212.251.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/b029e5f0-c2a9-407e-a99a-39b06d2013d2/cc.js?renew=false&referer=www.theleela.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.251.12 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-251-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a1d883a4321ca251de3cb45e5e2ff4cab8e0258746c50930b062d6bc284099c7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2023 07:05:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 60908
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 128 KB
50 KB 130ms
50ms Script
application/javascript 172.253.122.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KVKD3Z6

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f138.1e100.net

Software

Google Tag Manager /

Resource Hash

4f07ec21c06b13c0c67e016f212bc15e6c32138a32bb12d03109df41eb129baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50625
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 07:05:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/861668715/ 3 KB
2 KB 131ms
56ms Script
text/javascript 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/861668715/?random=1696403113367&cv=11&fst=1696403113367&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&hn=www.googleadservices.com&frm=0&tiba=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&us_privacy=1YNY&auid=2104528608.1696403113&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

152a1442663634bd24aa56044dca5e00e76fa801443fab852e11a78546117208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1456
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2902568.js Show response
static.hotjar.com/c/ 9 KB
4 KB 198ms
110ms Script
application/javascript 3.162.3.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2902568.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-99.yul62.r.cloudfront.net

Software

Resource Hash

c3ab4de985c305576fa7614c3c9f764579f29f45cf121df0f64066808a10a6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 07:05:13 GMT
via: 1.1 275c32bc50366db37e8c3324dfc942a6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/6be68327f7c4e59e46ee177931d75ac3
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kDlm0Qa45mow2anon8LykOJ82uzNyj6UpLZnjBenklABDiBTdpisxg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 53ms
18ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: y+crXXHdUimGmyJT/0zgq3WABA8OJSUZ1jscFOU19tl3vIrA4nV4z07V9qFgC8BxThkpZlo1aVIgQlOP3KNUuw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 107ms
35ms Script
text/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 06:30:26 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 08:30:26 GMT

GET
H2 200 gu92bnrb2s Show response
www.clarity.ms/tag/ 1 KB
2 KB 209ms
97ms Script
application/x-javascript 13.107.253.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gu92bnrb2s?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c5d4a77d0d84e2dd42795871e3a7acb30dfce6d54500298cfc414b1d7408daa1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date: Wed, 04 Oct 2023 07:05:12 GMT
x-azure-ref: 0qQ4dZQAAAACm25pB0eANQqrZrItLPFTRWVRPMjIxMDkwODIwMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1210
expires: -1

GET
H2

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v6977.86391/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K
https://onboard.triptease.io/bootstrap/v6977.86391/bootstrap.js

112 KB
34 KB

34ms
33ms

Script
application/javascript

104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v6977.86391/bootstrap.js

Requested by

Protocol

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

670e8e527d9c241e2af64199907d704921ba0de8376d47470e071084541ff6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e722732b24d2d8099bc6f5b425a8e0dede415387
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68700
x-guploader-uploadid: ADPycduMVGA0B73qMskZcPxpIJCpN52e--7LiBT37Gan3-Pc1bUDN2ol27bvejGiCJx06acYIwtZzYNvcErXpjg9q-BxIg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6977.86391
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 11:55:32 GMT
server: cloudflare
etag: W/"211fee932b82391087538b17acb6ccf6"
vary: Accept-Encoding
x-goog-generation: 1696334132438052
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=P2G5TQ==, md5=IR/ukyuCORCHU4sXrLbM9g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fdYu91Yo7p2BWt%2FDfvRFZzvh3nN3n%2FI605Er7pthfSW%2BJLFWD7NxI0hAeEiVxBv0lR%2F1RJliXVbpqzL1b5XZEQtsy4CcnXuDQTfGI%2FoTWrdoFJBByI9h5%2FK9W59RpllB3%2B88h9NdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 114437
cf-ray: 810b93432d0939d2-YYZ
expires: Wed, 02 Oct 2024 12:00:13 GMT

Redirect headers

date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad92SHn717fAjo%2BTKaq2gtbOqW6k%2FL3VLU1cPWEWxGoucG5Oty0g8gzLHlNhNnGpX6v3seQTz36%2FmxUZz3I8GhPyhnidFGExWciqKSiJiX97Yls6CCvU6rUgknrcl3dgMo89q1lNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: https://onboard.triptease.io/bootstrap/v6977.86391/bootstrap.js
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 810b9342ecdf39d2-YYZ
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 63
alt-svc: h3=":443"; ma=86400

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 6 KB
6 KB 55ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:07:16 GMT
age: 3477
x-guploader-uploadid: ADPycdvj-osV8rjTWV3XkXlxk92wEZP9ZDjA-ksn0pvS29pQKdxpRhGfYD6G8E1C58HGg6TSYZA3Gu155aEvmvqjyqu8AoANqo5R
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6138
last-modified: Fri, 09 Jun 2023 10:52:22 GMT
server: UploadServer
etag: "b0e6a30a07bca6d9e5f647a711382aec"
x-goog-generation: 1686307942516200
x-goog-hash: crc32c=ueAaFw==, md5=sOajCge8ptnl9kenETgq7A==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 6138
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:07:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 128ms
48ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 04 Oct 2023 07:05:12 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9A35D457B3241C3973BE0997A7185C9 Ref B: YTO01EDGE0806 Ref C: 2023-10-04T07:05:13Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 / Show response
customs.affilired.com/track/ 26 KB
7 KB 140ms
75ms Script
text/javascript 3.161.213.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/track/?merchant=5027
Requested by: Host: www.theleela.com
URL: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-53.yul62.r.cloudfront.net
Software: nginx /
Resource Hash: 4952197bbf06a03b5ffee0f8191df7a4dfba4072ef1106292cd449cfd5564107

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 07:00:51 GMT
date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: gzip
via: 1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: YUL62-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 6823
x-amz-cf-id: DvVXTn3Wg1vxP0i-q846kdPYvTeYpzVlL7XpmGZUxzKDUjTgW9r6DQ==
jb-x-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
71 KB 55ms
54ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XYXYXYXYXY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e6f901d11024feb2fa86c30a27fb0c361b122dc8a1e528782cbe6b5c363027b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72926
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Oct 2023 07:05:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
93 KB 76ms
76ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TSX82TEL56&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TJ4PBN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

025fbb3af25f91b809018cac4a8ab10d0328cddb87f42ed650fb84baee1612e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 04 Oct 2023 07:05:13 GMT

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 69ms
27ms Script
application/javascript 104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11886949
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H0TFSMA39677X85VMXGW7WVP-yyz
server: cloudflare
etag: W/"2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 810b93434b1ca1e6-YYZ

GET
H2 200 collect Show response
gtm.theleela.com/g/ 65 B
590 B 329ms
261ms XHR
text/plain 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.theleela.com/g/collect?v=2&tid=G-XYXYXYXYXY&gtm=45je3a20&_p=275262918&cid=1513455246.1696403113&ul=en-us&sr=1600x1200&_fplc=0&ur=CA-ON&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=CA&sst.etld=google.ca&sst.us_privacy=1YNY&sst.tft=1696403113130&_s=1&sid=1696403113&sct=1&seg=0&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1696403113359.207830.1&ep.action_source=website&epn.event_time=1696403113&tfd=2225&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYXYXYXYXY&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2415.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 5633895296697450 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 19ms
18ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5633895296697450?v=2.9.132&r=stable&domain=www.theleela.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

8d01cf5dbd3a6c03be0f3e79a70b93418d0e09221ffad29daa168562686acd83

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34797
x-xss-protection: 0
pragma: public
x-fb-debug: 2esfxxRPT5Lc15YtO2qdA85w6QVTC5sezHIqXCv/UbwxT6pOaKoB7tBKjVs4rakRmn9f/5LibW8EnXdehZXGbg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 95ms
39ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TSX82TEL56&gtm=45je3a20&_p=275262918&_gaz=1&cid=1513455246.1696403113&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696403113&sct=1&seg=0&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSX82TEL56&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 114ms
42ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TSX82TEL56&cid=1513455246.1696403113&gtm=45je3a20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSX82TEL56&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 123ms
50ms Image
image/gif 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TSX82TEL56&cid=1513455246.1696403113&gtm=45je3a20&aip=1&z=1060409136

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cab8c591031a707de96ac54d338e5fd4d5a3445a12be2d68576e7998241a025

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.google.com/pagead/1p-user-list/861668715/ 42 B
455 B 123ms
51ms Image
image/gif 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/861668715/?random=1696403113367&cv=11&fst=1696402800000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&frm=0&tiba=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&fmt=3&is_vtc=1&random=3890744008&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/861668715/ 42 B
154 B 78ms
50ms Image
image/gif 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/861668715/?random=1696403113367&cv=11&fst=1696402800000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&frm=0&tiba=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&fmt=3&is_vtc=1&random=3890744008&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 151003922.js Show response
bat.bing.com/p/action/ 0
118 B 47ms
47ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/151003922.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 04 Oct 2023 07:05:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46DE1FE74ECC44BB86519507BBA382E1 Ref B: YTO01EDGE0806 Ref C: 2023-10-04T07:05:13Z
x-cache: CONFIG_NOCACHE

GET
H3 200 kernel-host.html Show response
onboard.triptease.io/kernel/v6977.86391/ Frame 4034 57 KB
19 KB 34ms
34ms Document
text/html 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v6977.86391/kernel-host.html?originHost=www.theleela.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f23d01e70c74e9f4f04b77d2dd90a069f9cf6b4fdd4ff17ac156de5299ae90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theleela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 61763
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 810b93441946a228-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 04 Oct 2023 07:05:13 GMT
expires: Wed, 02 Oct 2024 13:55:50 GMT
last-modified: Tue, 03 Oct 2023 11:55:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTgeVfCxEYD1jrf0%2BG2foChuvQxZkG4p1Y0kyH9ZtZs5twJpk3Qwhaw%2BgAo9uZ7aFK1nS41Hv0t7E7bONI7nUPOzzI9bn0ze%2BaXL1OFq%2Fg0qIwKACe0ASegC83UdH4VEZVD7fZBAvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1696334134721569
x-goog-hash: crc32c=rwj1Iw== md5=nqRTV35reonnD/dcqEQ/mw==
x-goog-meta-build-version: 6977.86391
x-goog-meta-git-hash: e722732b24d2d8099bc6f5b425a8e0dede415387
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 58557
x-guploader-uploadid: ADPycdvIsTuTMJm0ngJKrL8RaMFdriyJt2h1YdgGiSHFvMT58jTDP3FdCbGTn7RDJMXKtqX7hPoPfsC3C0ZmejWDRQwf3A

GET
H2 200 s Show response
static.sojern.com/cip/w/ Frame 3D4A 2 KB
2 KB 20ms
19ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Requested by: Host: www.theleela.com
URL: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0

Request headers

Referer: https://www.theleela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 2066
content-type: text/html
date: Wed, 04 Oct 2023 06:54:00 GMT
etag: "5f51e18ad5697e0b4e48c6aba6f6e360"
expires: Wed, 04 Oct 2023 07:54:00 GMT
last-modified: Fri, 04 Aug 2023 14:37:51 GMT
server: UploadServer
x-goog-generation: 1691159871210588
x-goog-hash: crc32c=oFqY1Q== md5=X1HhitVpfgtOSMarpvbjYA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2066
x-guploader-uploadid: ADPycds9i9emHQldsI78KjHFYl9-deVLm4mF40aVlefla_pl3IlBh_rsJqrRUeNPOC3cd4VIg-ddp-siV1EquPk-F-cAY-XSzYr_

GET
DATA 200
OK truncated
/ 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ad748b1136985e21629ae9adaf812890ef55efb951483043560593c2390cc0a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 317 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30fab2d3861b1344e5a97e83fecd24ec83b3469b40b97e5178e235ef06ce9399

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PlayfairDisplay-Bold.woff2
www.theleela.com/themes/custom/leelaamp/app/fonts/ 87 KB
88 KB 777ms
777ms Font
application/octet-stream 13.225.195.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theleela.com/themes/custom/leelaamp/app/fonts/PlayfairDisplay-Bold.woff2

Requested by

Host: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.104 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-104.yul62.r.cloudfront.net

Software

Resource Hash

f31f69d875364ccdc21e5253c404c37cdc60f934fbee041282749cff3de19263

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theleela.com/prod/content/assets/css/css_zjn6bOItrFw2o3UGLcemGPYjx8FGo7zmdexNemTFDZI.css?VersionId=22zjGrAxYYNfvFrYglxXx4F7FeuFv7MP
Origin: https://www.theleela.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Wed, 04 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cacheable: NO:Not Cacheable
x-amz-cf-pop: YUL62-C1
age: 0
via: 1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-length: 88648
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 02 Jun 2023 11:40:32 GMT
etag: "6479d530-15a48"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
x-varnish: 42732294
cache-control: max-age=315360000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-amz-cf-id: v2Kiurb2jo4zHSbsNzaCap5wf8fh_DRyO_x62jYpop3UsrX7x3Z2dg==
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 43ms
43ms XHR
text/plain 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=275262918&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ul=en-us&de=UTF-8&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACAAI~&jid=1803781213&gjid=339713976&cid=1513455246.1696403113&tid=UA-32363818-1&_gid=598204221.1696403114&_r=1&_slc=1&gtm=45He3a20n71TJ4PBN&z=1544167579

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 43ms
42ms XHR
text/plain 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=275262918&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ul=en-us&de=UTF-8&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABRAAAACAAo~&jid=351312716&gjid=459712434&cid=1513455246.1696403113&tid=%5Bobject%20Object%5D&_gid=598204221.1696403114&_slc=1&gtm=45He3a20n71TJ4PBN&z=1136699569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 43ms
43ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=%5Bobject%20Object%5D&cid=1513455246.1696403113&jid=351312716&gjid=459712434&_gid=598204221.1696403114&_u=aCDAiEABRAAAAGAAo~&z=1841496516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2813785825584765 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 20ms
20ms Script
application/x-javascript 31.13.80.12
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2813785825584765?v=2.9.132&r=stable&domain=www.theleela.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-yyz1.fbcdn.net

Software

Resource Hash

ee7e4aa2b3f83e4a82a1c1fe8fc1ba9f9b1c739de79763e57b562283e5d328f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34847
x-xss-protection: 0
pragma: public
x-fb-debug: ZCy3LuprlJ+Zp2kmyLVOEUwKCSzJnVgonq9+e+B6Wus08sPMwCEUdLAojidLeyG5bExYsC4DrcYE6gYn/HIMsQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 55ms
17ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5633895296697450&ev=PageView&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&rl=&if=false&ts=1696403113720&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1696403113719.935120711&ler=empty&it=1696403113503&coo=false&tm=1&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=5633895296697450&ev=PageView&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3...
https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_i...

0
31 B

17ms
17ms

Image
text/plain

31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ec=1&ev=PageView&exp=a1&fbp=fb.1.1696403113719.935120711&id=5633895296697450&if=false&it=1696403113503&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1696403113721&v=2.9.132

Requested by

Protocol

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?a=tmSimo-GTM-WebTemplate&coo=false&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ec=1&ev=PageView&exp=a1&fbp=fb.1.1696403113719.935120711&id=5633895296697450&if=false&it=1696403113503&ler=empty&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1696403113721&v=2.9.132
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 3D4A 18 KB
18 KB 20ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:04:11 GMT
age: 62
x-guploader-uploadid: ADPycdsC7R7AkbjAYWwBo_WP_kAyGxRVqA8KVOeaNN_HO4HTS6vibaay-AH49KI4ua_2X5dh6MWtwfagsSkOWaayqN0qO5GhfKLY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Wed, 04 Oct 2023 08:04:11 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 3D4A 4 KB
4 KB 19ms
18ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:57:11 GMT
age: 482
x-guploader-uploadid: ADPycdv1O5uvX5oW4ydLdhBUaYcEWqAmA0KDLZXSpmcr4RZcYpkM8qvwOInpN9jAz7N5_sz16lcNZ9QsQ1qQHd3zRBVyM_vQ5lYz
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:57:11 GMT

GET
H2 200 modules.cf637fb03b42388e3bf3.js Show response
script.hotjar.com/ 225 KB
55 KB 90ms
38ms Script
application/javascript 3.162.3.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cf637fb03b42388e3bf3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2902568.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-7.yul62.r.cloudfront.net

Software

Resource Hash

e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:35:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 39bd4dd36d89ac693c6b532053af59d6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 84606
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55981
last-modified: Tue, 03 Oct 2023 07:34:56 GMT
etag: "ad2bdee77732c468dfebb1d2d894abc8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Irjl9v4Iug5oGZ0kMRPLEhwR3LQ_e36aYgle8LWrft1uhm7ljMeRDg==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 40ms
39ms Script
application/javascript 13.107.253.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gu92bnrb2s?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:12 GMT
content-encoding: br
last-modified: Tue, 03 Oct 2023 13:37:19 GMT
x-azure-ref-originshield: 0/6wcZQAAAADeB+d7eS+YSqrSPLtePIYKTU5aMjIxMDYwNjExMDA5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBC415DDE8C4F1"
x-azure-ref: 0qQ4dZQAAAABXKEHmlKgeQrUTqUt4+VuTWVRPMjIxMDkwODIwMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f5bdb25c-501e-0029-1256-f610af000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 43ms
43ms XHR
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32363818-1&cid=1513455246.1696403113&jid=1803781213&gjid=339713976&_gid=598204221.1696403114&_u=aCDACEAARAAAACAAI~&z=734325161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kernel.js
onboard.triptease.io/kernel/v6977.86391/ Frame 4034 63 KB
21 KB 32ms
32ms Other
application/javascript 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v6977.86391/kernel.js?

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v6977.86391/kernel-host.html?originHost=www.theleela.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7709a3a753368dd902babe99c18fe83e46687d7a96f243d0106e61636dd0b757

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onboard.triptease.io/kernel/v6977.86391/kernel-host.html?originHost=www.theleela.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e722732b24d2d8099bc6f5b425a8e0dede415387
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68700
x-guploader-uploadid: ADPycdsl_9lcZuLIpLVCZ5hdnUGAgOVuKRb2xLUHdCyMyb_hz9giduX125qH6N21UyZkQwa6vKDtqPwv7ptibCAmLmclWWydwQDJ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6977.86391
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 11:55:34 GMT
server: cloudflare
etag: W/"6cd4c807ea049a864151829f60ca17b2"
vary: Accept-Encoding
x-goog-generation: 1696334134727728
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=OPvndg==, md5=bNTIB+oEmoZBUYKfYMoXsg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8Se0eNO8NULMsD3AK5CL6PSa1SnSc03WaxdBvgJO1qIS%2BMNlF5VnYjFK3WH4zSjOYPK9HmjBN1HCeJaJBe10efkevyWy1p8wpEhnPr8jMVT4ZYmZojmDQQDN%2B2HTswYWp5LvI8suw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 64617
cf-ray: 810b93451a02a228-YYZ
expires: Wed, 02 Oct 2024 12:00:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
17ms Image
text/plain 31.13.80.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2813785825584765&ev=PageView&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&rl=&if=false&ts=1696403113776&cd[event_time]=1696403113&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696403113719.935120711&ler=empty&it=1696403113503&coo=false&eid=1696403113359.207830.1&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.80.36 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-yyz1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 04 Oct 2023 07:05:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 357001 Show response
beacon.sojern.com/pixel/p/ Frame 3D4A 4 KB
1 KB 76ms
40ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/357001?f_v=v6_js&p_v=1&id=357001&cid=https%3A%2F%2Fwww.theleela.com%2F&f_v=v6_js&p_v=1&version=3&ws=1600x1200&tz=420&vid=hot&et=hc&domain=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&s=ccid_ga%7Cccid_auto&ccid=1513455246.1696403113%7Cds6o6-0j1ru-q13x6-o5y31-0oti3&ref=https%3A%2F%2Fwww.theleela.com%2F
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 0c0d21adccec469c00455ce3ec7eac5abdde476f167af1ea4ae9b6ddb1638c75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:13 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 822

GET
H3 200 splus Show response
static.sojern.com/cip/w/ Frame 4E7F 2 KB
2 KB 18ms
18ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f

Request headers

Referer: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 2776
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 1710
content-type: text/html
date: Wed, 04 Oct 2023 06:18:57 GMT
etag: "c9e76e09d10a4fa3d08dc404a7c07514"
expires: Wed, 04 Oct 2023 07:18:57 GMT
last-modified: Mon, 17 Jul 2023 15:50:27 GMT
server: UploadServer
x-goog-generation: 1689609027430970
x-goog-hash: crc32c=MFptag== md5=yeduCdEKT6PQjcQEp8B1FA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1710
x-guploader-uploadid: ADPycdt-2vKj5pt3c8dBz8dtcqY7ty77JAAzVvHF4PwS4ExXlFWywgYhR9_VMG5J44AiszqB5KQJeytQhOo4c8JzeNeSXQ

GET
H3 200 hasher.js Show response
static.sojern.com/cip/ Frame 4E7F 18 KB
18 KB 20ms
19ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:04:11 GMT
age: 62
x-guploader-uploadid: ADPycdsC7R7AkbjAYWwBo_WP_kAyGxRVqA8KVOeaNN_HO4HTS6vibaay-AH49KI4ua_2X5dh6MWtwfagsSkOWaayqN0qO5GhfKLY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Wed, 04 Oct 2023 08:04:11 GMT

GET
H3 200 create_params.js Show response
static.sojern.com/utils/ Frame 4E7F 4 KB
4 KB 19ms
18ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/w/splus?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 06:57:11 GMT
age: 482
x-guploader-uploadid: ADPycdv1O5uvX5oW4ydLdhBUaYcEWqAmA0KDLZXSpmcr4RZcYpkM8qvwOInpN9jAz7N5_sz16lcNZ9QsQ1qQHd3zRBVyM_vQ5lYz
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4219
last-modified: Wed, 26 Apr 2023 13:18:45 GMT
server: UploadServer
etag: "c4ca3af5c34884e0dfd4291b07f65037"
x-goog-generation: 1682515125984075
x-goog-hash: crc32c=eNqgAQ==, md5=xMo69cNIhODf1CkbB/ZQNw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4219
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:57:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 48ms
47ms Image
image/gif 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32363818-1&cid=1513455246.1696403113&jid=1803781213&_u=aCDACEAARAAAACAAI~&z=1132075256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 49ms
48ms Image
image/gif 172.253.62.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32363818-1&cid=1513455246.1696403113&jid=1803781213&_u=aCDACEAARAAAACAAI~&z=1132075256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
36ms Image
image/gif 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=275262918&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&ul=en-us&de=UTF-8&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=17tozeu&_u=aDDACEABRAAAAGAAo~&jid=&gjid=&cid=1513455246.1696403113&tid=UA-32363818-1&_gid=598204221.1696403114&gtm=45He3a20n71TJ4PBN&cd9=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fgu92bnrb2s%2Fnlv44y%2F17tozeu&z=111216143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 01:26:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20303
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%...
adservice.google.com/ddm/fls/z/ Frame 3D4A
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=13230096;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;g...
https://ad.doubleclick.net/ddm/activity/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_fo...
https://adservice.google.com/ddm/fls/z/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for...

42 B
401 B

124ms
49ms

Image
image/gif

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=13230096;dc_pre=CLWfhIjq24EDFdkEaAgdhNUJZw;type=sales;cat=melee003;qty=1;cost=0;u1=https%253A%252F%252Fwww.theleela.com%252F;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 3D4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=9itfpugf8ihglWHb_cZ0WQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&sjrn_ula=8165108062&google_gid=CAESEHjeMXuuNCqqpFGPzMJ2d54&google_cver=1

42 B
284 B

40ms
39ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&sjrn_ula=8165108062&google_gid=CAESEHjeMXuuNCqqpFGPzMJ2d54&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Wed, 04 Oct 2023 07:05:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&sjrn_ula=8165108062&google_gid=CAESEHjeMXuuNCqqpFGPzMJ2d54&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 3D4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=9itfpugf8ihglWHb_cZ0WQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo

170 B
432 B

188ms
115ms

Image
image/png

142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo

Requested by

Protocol

Server

142.251.163.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoruCKAuOtzCBpHzSRGNy51thRQVFcK1-lr8xH19Objk6vH7jQ1B7_J_mLgiqmrGKi4hujPRQRMbpGX8LMJmsIzeTKdi_4ZoccRRFWnMgPDZjW0PODo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame 3D4A
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DSz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
https://pixel.sojern.com/idsync/apn?id=9034886183843981830&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g

42 B
265 B

40ms
39ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=9034886183843981830&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Wed, 04 Oct 2023 07:05:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
an-x-request-uuid: 400134bf-8d07-44ac-9f8e-d58513a818b4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=9034886183843981830&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
x-proxy-origin: 86.48.15.235; 86.48.15.235; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/ Frame 3D4A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=7d7bc208-88de-4c36-a8d6-140d6af68c69&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g

42 B
277 B

39ms
39ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=7d7bc208-88de-4c36-a8d6-140d6af68c69&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Wed, 04 Oct 2023 07:05:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=7d7bc208-88de-4c36-a8d6-140d6af68c69&sjrn_id=Sz7by5qYjJMtAfBbheU6tAR6t9bjCZUJ3YVB5TIwmek7YaoE5g_ytWp9s5Lom-3g
date: Wed, 04 Oct 2023 07:05:14 GMT
server: Kestrel
content-length: 327

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 3D4A
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=f62b5fa6-e81f-f228-6095-61dbfdc67459&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459&party=1296
https://pixel.sojern.com/idsync/adf?adfid=6181505017587602024&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459

0
209 B

41ms
39ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=6181505017587602024&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/w/s?id=357001&f_v=v6_js&p_v=1&version=3&auto_url=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&auto_ccid=ds6o6-0j1ru-q13x6-o5y31-0oti3&auto_ga=1513455246.1696403113&e_eml=null&auto_eml=&auto_eml_count=0&auto_eml_domain=&auto_eml_list=&ws=1600x1200&tz=420&vid=hot&et=vpr&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=6181505017587602024&cid=f62b5fa6-e81f-f228-6095-61dbfdc67459
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
296 B 119ms
42ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.theleela.com
Date: Wed, 04 Oct 2023 07:05:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 rls.php Show response
customs.affilired.com/ Frame 677A 514 B
860 B 39ms
39ms Document
text/html 3.161.213.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/rls.php?merchant=5027
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=5027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.213.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-213-53.yul62.r.cloudfront.net
Software: nginx /
Resource Hash: 5d5341e2778373491e298e8a932b6f2099c9a950968b969ac0374e074289f7d3

Request headers

Referer: https://www.theleela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-length: 356
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 07:05:14 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
jb-x-cache: HIT
last-modified: Wed, 04 Oct 2023 07:02:19 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 ddaa088f1b6b5a9bcdc791a053431534.cloudfront.net (CloudFront)
x-amz-cf-id: eSCDjegnI_WrqHxJdkojkxg01vvcTOtguFEOGrmlTJ62r4RbtmldDA==
x-amz-cf-pop: YUL62-P1
x-cache: Miss from cloudfront
x-robots-tag: noindex, noarchive, nosnippet, nofollow

GET
H2 204 2902568 Show response
vc.hotjar.io/sessions/ 0
258 B 150ms
94ms XHR
text/plain 13.225.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2902568?s=0.25&r=0.14639271843244095
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.cf637fb03b42388e3bf3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-69.yul62.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:14 GMT
via: 1.1 b7f480ddbe20bc339525f8e43ddce81a.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 0Glhp8smzqDFykXjpvrKA5Aeus4NoDBXHjF0Dchh3nuUGZd7v2Vy4g==

GET
H2 204 0
bat.bing.com/action/ 0
359 B 47ms
47ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=151003922&Ver=2&mid=f11d1e70-c426-4935-9a90-468d982218a8&sid=5db23ad0628411ee82b1957058d0df24&vid=5db27180628411eebb157748cb88262b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&p=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&r=&lt=2937&evt=pageLoad&sv=1&rn=978628

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 04 Oct 2023 07:05:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C979502C7354A4388360EB45B4C864D Ref B: YTO01EDGE0806 Ref C: 2023-10-04T07:05:14Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
296 B 82ms
82ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.theleela.com
Date: Wed, 04 Oct 2023 07:05:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&RedC=c.clarity.ms&MXFR=03E10C1F8A0163482C131FBF8E016D63
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&MUID=3738201C8F1C66A62C6433BC8E36671E

42 B
442 B

29ms
29ms

Image
image/gif

20.125.209.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&MUID=3738201C8F1C66A62C6433BC8E36671E
Protocol: H2
Server: 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
last-modified: Wed, 30 Aug 2023 19:01:59 GMT
server: Microsoft-IIS/10.0
etag: "3f4a4a7474dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 451EB115E8F84E628575472277D23236 Ref B: YTO01EDGE0806 Ref C: 2023-10-04T07:05:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BB052A1952824BF38789041CAC07602F&MUID=3738201C8F1C66A62C6433BC8E36671E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=*;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=2104528608.1696403113;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2?
https://ad.doubleclick.net/activity;dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=2104528608.1696403113;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;...
https://adservice.google.com/ddm/fls/z/dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=*;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...

42 B
107 B

49ms
48ms

Image
image/gif

172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=*;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2

Protocol

Server

172.253.122.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLrZsIjq24EDFUaMnwodQHwFQQ;src=10267146;type=invmedia;cat=leela0;ord=1055591788859;auiddc=*;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.js Show response
onboard.triptease.io/integrations/v6977.86391/ 155 KB
49 KB 72ms
34ms Script
application/javascript 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v6977.86391/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

329cea20c22a34616057504fb9937f03ca4265beed1513e66df199f0a1a3854b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theleela.com/
Origin: https://www.theleela.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:15 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
x-goog-meta-git-hash: e722732b24d2d8099bc6f5b425a8e0dede415387
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61763
x-guploader-uploadid: ADPycdsTSW8MyJe3hu4rvfuAN1YIUr4e-HmBTN8LkkgRCo5J0V2loJqfpvbr3-RXTI-kE62O1KW6jkL6Y5grec1vuwlvN9J9G_AZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 6977.86391
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 11:58:23 GMT
server: cloudflare
etag: W/"6d33409fb0dfd9022495dfc9b6cc52fe"
vary: Accept-Encoding
x-goog-generation: 1696334303204935
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=T1DTIg==, md5=bTNAn7Df2QIkld/JtsxS/g==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAGmT0qlHrDLt0CgEBSl9uCrgXF8ZSRPY6kSOSJiJg2KEtxqfuMGt1vO%2BkXiLDfvL4hDwnQuLQDWW6AKEUdtvFlJMrlvCPxnRBSBJh65%2FO3ejKN6ttHU4zqGapXd44wnKZZ3ofGRTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 159087
cf-ray: 810b9351498736bb-YYZ
expires: Wed, 02 Oct 2024 13:01:15 GMT

GET
H3 200 identity Show response
onboard.triptease.io/ 161 B
813 B 25ms
24ms Fetch
application/json 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/identity

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c62ad8f9fa9915efda45764018f5fdcc98468da4d31270093250489fe38e8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:16 GMT
strict-transport-security: max-age=15552000
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tsBufCew%2FDDWGYP6B5DABJo6GZKlAnfJX4vg8stk8YLPPn0lbU97aUGpijIu4qTJ%2BIkQiHppOQp2lNrlbzcH7cbdwlGf4p9tHo5s7p4OqWErwJ5v%2FnTCSl5wKtmhYDHlNSaFzTbgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theleela.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
cf-ray: 810b93536ca1a228-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-message-engine.js Show response
targeted-messages.triptease.io/static/ 86 KB
30 KB 69ms
30ms Script
application/javascript 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b356739117ab58ed7eddcfccbed1d73f4f26e3b9b3d5af494213a71acda7238c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theleela.com/
Origin: https://www.theleela.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:16 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1695805489
age: 253
x-guploader-uploadid: ADPycdvu1H47BUrx2iM9X_xVVXJbhOkJrdbXsat2ampy8jcDIBGDnEFP5_Aw-qXGgZIt0Hgx8SVAFEoFYUlDeKshZtUmhIiIfXUG
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Sep 2023 09:04:53 GMT
server: cloudflare
etag: W/"22ae4be972189c7d2ca5d84c64e2cbb8"
vary: Accept-Encoding
x-goog-generation: 1695805493117271
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=jdNSOw==, md5=Iq5L6XIYnH0spdhMZOLLuA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfX01iCb56GJPpEQq%2Fy%2FEfUlHTKYc4pS%2FedHplroC5RSOcqO9OGG%2BrXHOqQ7JCTMkZAeV6I0rrF1dMak6L1zZOyLNTu%2BPZC2uxz9%2FCXvXj68VLniqI1mPjJzo1H9ydh0J6dValnLmWUjIi7Yq5ZO%2BMg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 87913
cf-ray: 810b9354dce039f8-YYZ
expires: Wed, 04 Oct 2023 07:11:03 GMT

GET
H3 200 storageIframe.html Show response
targeted-messages.triptease.io/static/ Frame 86A8 7 KB
4 KB 55ms
32ms Document
text/html 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/storageIframe.html

Requested by

Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44967af7d7413422ff93ef8e795f138ffa16e64d705bf2fcdbb164145e7d651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theleela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 500
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=600
cf-cache-status: HIT
cf-ray: 810b9355899b36ac-YYZ
content-encoding: br
content-type: text/html
date: Wed, 04 Oct 2023 07:05:16 GMT
expires: Wed, 04 Oct 2023 07:06:56 GMT
last-modified: Thu, 29 Jun 2023 09:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdLimKs8u90Umo%2BqWjKxK0pMutbtA5cm0WhVKafWsXMs7UO1o2N2ws39A%2FdrqUrGwnBAPyjxCuFWuA3AEKfOC1EWeVOzRHdZHNi%2BpRtR8Ha9MS%2BX2ihR0h3OWjN8nQqYTdXlmAIc%2BEH6zRcfuM%2BSHB8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1688032590472706
x-goog-hash: crc32c=/G3XxQ== md5=98b+KQq4ov4sQNnkjjyKNw==
x-goog-meta-goog-reserved-file-mtime: 1688032586
x-goog-metageneration: 3
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7485
x-guploader-uploadid: ADPycdsrb76JrDG2qfM_MIIT9I2YPLUN7_sVUEDMyV2hwq2y21z_JJrknjVzhttc5_2q2GCPO1BHwDo-NLKSKmJrJVLDzg

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/01G7503WZX3CSH83JAQ/ 34 B
428 B 100ms
62ms Fetch
application/json 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/01G7503WZX3CSH83JAQ/messages?language=en
Requested by: Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 19768d0a9a36a10b41536d15497dd6a5f8289dad900ea45b5e20bd6d53d51327

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.theleela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:05:16 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-city: toronto
content-length: 34
x-served-by: cache-yyz4529-YYZ
server: Google Frontend
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theleela.com
x-region-code: ON
x-cloud-trace-context: 1fb3c9b8c39b4d68342c240c5733be0a
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City
tt_host: messages.guest-experience.triptease.io
accept-ranges: bytes
x-country-code: CA
x-cache-hits: 0

POST
H2 200 event
api.triptease.io/zappy/ 0
196 B 89ms
51ms Ping
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
Requested by: Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.195.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 Oct 2023 07:05:16 GMT
via: 1.1 google
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theleela.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 batch
onboard.triptease.io/message/ 0
464 B 97ms
96ms Ping
text/html 104.21.87.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01G7503X1QAH0ZDA19BTG7WM3K

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.87.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 04 Oct 2023 07:05:16 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2ay%2Bra4kJ%2F3PGZpQ1tECGQtbQcaqthlcF0ujlNFuSQuBvQ98bEoamyvph7KoKKqRuTGrvSxdyQoIEKoEw%2FyTDc%2FtZ1FpDzRN0INTOzA7KxlOnOVheeUNNoBLEUamYTpfKz8u7drBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: a40ce8156e962b8f9de68a2fada06567
cf-ray: 810b9356cef7a228-YYZ
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
v.clarity.ms/ 0
296 B 38ms
37ms XHR
text/plain 20.114.189.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://v.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.theleela.com
Date: Wed, 04 Oct 2023 07:05:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 40ms
39ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TSX82TEL56&gtm=45je3a20&_p=275262918&gdid=dMWZhNz&cid=1513455246.1696403113&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sid=1696403113&sct=1&seg=0&dl=https%3A%2F%2Fwww.theleela.com%2Fgha-signup%3Futm_source%3DWebsite%26utm_medium%3Demail%2B%26utm_campaign%3DDISCOVERYLogin%26utm_id%3DDISCOVERYLogin%26utm_source%3Drevinate%26utm_medium%3Demail%26utm_campaign%3DTLPU%2520Celebrate%2520With%2520Us%2520(October%2520%252723)%2520-%2520Batch%25205-519779&dt=GHA%20register%20%7C%20The%20Leela%20Palaces%20Hotels%20and%20Resorts&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSX82TEL56&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theleela.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 07:05:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theleela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.theleela.com
URL: https://www.theleela.com/prod/content/assets/css/css_2Zzi2uLcrV_jlv4vEXqQ-xmQy4CvEr58AMStZfp2bWo.css?VersionId=3Et8f_LgKa2Duie.e3lRdLmpBTc.CIqY

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theleela.com/	1970-01-20 17:22:59	Name: _gcl_au Value: 1.1.2104528608.1696403113
.theleela.com/	1970-01-21 00:49:23	Name: _ga_XYXYXYXYXY Value: GS1.1.1696403113.1.0.1696403113.0.0.0
www.clarity.ms/	1970-01-20 23:58:59	Name: CLID Value: 7c7f0e42a57a4be68929746969b11c7d.20231004.20241003
.theleela.com/	1969-12-31 23:59:59	Name: _ga Value: GA1.2.1513455246.1696403113
.theleela.com/	1970-01-20 15:14:49	Name: _gid Value: GA1.2.598204221.1696403114
.theleela.com/	1970-01-20 15:13:23	Name: _gat_UA-32363818-1 Value: 1
.theleela.com/	1970-01-20 15:13:23	Name: _dc_gtm_objectObject Value: 1
.theleela.com/	1970-01-20 17:22:59	Name: _fbp Value: fb.1.1696403113719.935120711
.theleela.com/	1970-01-20 15:14:35	Name: FPLC Value: hns9mRBheeqVdf7X8sC9chsVXAY1hNUighK18mdCagiyUNGeKmHeRNoHGDAAIFtBZ87YgcpISZYWEKIBzKUlb%2FD4gIyUm9Cq2q2%2BTHGZIq%2BDOkhEEBx26mtRTZPqqQ%3D%3D
.theleela.com/	1970-01-21 00:49:23	Name: FPID Value: FPID2.2.QS5zLeDdmPXpWjqAR9VpHgt0o184CxeOgY1oNGK0rG4%3D.1696403113
.theleela.com/	1970-01-20 17:22:59	Name: FPAU Value: 1.1.2104528608.1696403113
.theleela.com/	1970-01-20 23:58:59	Name: _clck Value: nlv44y\|2\|ffk\|0\|1372
.adform.net/	1970-01-20 15:58:01	Name: C Value: 1
.adsrvr.org/	1970-01-21 00:00:25	Name: TDID Value: 7d7bc208-88de-4c36-a8d6-140d6af68c69
.adnxs.com/	1970-01-20 17:22:59	Name: uuid2 Value: 9034886183843981830
.adform.net/	1970-01-20 16:39:47	Name: uid Value: 6181505017587602024
.adsrvr.org/	1970-01-21 00:00:25	Name: TDCPM Value: CAEYBSABKAIyCwj-iNvN36yiPBAFOAE.
.sojern.com/	1970-01-20 23:58:59	Name: gid Value: CAESEHjeMXuuNCqqpFGPzMJ2d54
.sojern.com/	1970-01-20 23:58:59	Name: cid Value: f62b5fa6-e81f-f228-6095-61dbfdc67459#1696377600000
.theleela.com/	1970-01-20 15:14:49	Name: _clsk Value: 17tozeu\|1696403114048\|1\|1\|v.clarity.ms/collect
.doubleclick.net/	1970-01-21 00:49:23	Name: IDE Value: AHWqTUnFRMGZ-ChAR8cP3Q0bsvHA0nXt5owNrKEBtOPbEwT2McNBC5ijhfpsJMlW7g0
.sojern.com/	1970-01-20 23:58:59	Name: adfid Value: 6181505017587602024
.sojern.com/	1970-01-20 15:56:35	Name: ttdid Value: 7d7bc208-88de-4c36-a8d6-140d6af68c69
.sojern.com/	1970-01-20 17:22:59	Name: apnid Value: 9034886183843981830
.theleela.com/	1970-01-20 23:58:59	Name: _hjSessionUser_2902568 Value: eyJpZCI6ImZkMjI0ZmNhLWQzNTYtNTY4NC05NDhjLWRmZGQzOTc3NmY5OCIsImNyZWF0ZWQiOjE2OTY0MDMxMTQxODUsImV4aXN0aW5nIjpmYWxzZX0=
.theleela.com/	1970-01-20 15:13:24	Name: _hjFirstSeen Value: 1
.theleela.com/	1970-01-20 15:13:23	Name: _hjIncludedInSessionSample_2902568 Value: 0
.theleela.com/	1970-01-20 15:13:24	Name: _hjSession_2902568 Value: eyJpZCI6IjUyYjUyNDJmLTQ2NWEtNGMzZS04MTgyLTJhYWZmYTYxNGNkOSIsImNyZWF0ZWQiOjE2OTY0MDMxMTQxODcsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.theleela.com/	1970-01-20 15:13:24	Name: _hjAbsoluteSessionInProgress Value: 1
.theleela.com/	1970-01-20 15:14:49	Name: _uetsid Value: 5db23ad0628411ee82b1957058d0df24
.theleela.com/	1970-01-21 00:34:59	Name: _uetvid Value: 5db27180628411eebb157748cb88262b
.bing.com/	1970-01-21 00:34:59	Name: MUID Value: 3738201C8F1C66A62C6433BC8E36671E
.bat.bing.com/	1970-01-20 15:23:27	Name: MR Value: 0
www.theleela.com/	1970-01-20 15:23:27	Name: AWSALBTG Value: OcnK20uWw/kXUpT6r1co9+FOIM2x+jsGZboRJn17nrH1Jb4pcWfjzG8lXMB/a9gTM47xaCqt9SHjsmiktkSJ3UkCr8EcxAzKyNBeaIb0C5ewnnHsme8HhXk/I+Vva/yVpXZRdoBG6l93aM2TThIFGUiV7D1WNiCsx/Kax1Z3bhsc
www.theleela.com/	1970-01-20 15:23:27	Name: AWSALBTGCORS Value: OcnK20uWw/kXUpT6r1co9+FOIM2x+jsGZboRJn17nrH1Jb4pcWfjzG8lXMB/a9gTM47xaCqt9SHjsmiktkSJ3UkCr8EcxAzKyNBeaIb0C5ewnnHsme8HhXk/I+Vva/yVpXZRdoBG6l93aM2TThIFGUiV7D1WNiCsx/Kax1Z3bhsc
www.theleela.com/	1970-01-20 15:23:27	Name: AWSALB Value: fZC6qkykmxnRrTq7dwqaNr779yXd5NyS5VjobLmLuwZxxAnaT6QQamNKXPtisK0M7/q6tHT0xzBC8jsuoh/UvLqhd+GpEbG8rMjAlL//7Lv+xUUeJZQibFQ51TIj
www.theleela.com/	1970-01-20 15:23:27	Name: AWSALBCORS Value: fZC6qkykmxnRrTq7dwqaNr779yXd5NyS5VjobLmLuwZxxAnaT6QQamNKXPtisK0M7/q6tHT0xzBC8jsuoh/UvLqhd+GpEbG8rMjAlL//7Lv+xUUeJZQibFQ51TIj
.theleela.com/	1970-01-21 00:49:23	Name: _ga_TSX82TEL56 Value: GS1.1.1696403113.1.0.1696403114.59.0.0
.c.bing.com/	1970-01-20 15:23:27	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:34:59	Name: SRM_B Value: 3738201C8F1C66A62C6433BC8E36671E
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:34:59	Name: MUID Value: 3738201C8F1C66A62C6433BC8E36671E
.c.clarity.ms/	1970-01-20 15:23:27	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:13:23	Name: ANONCHK Value: 0
.triptease.io/	1970-01-21 00:00:25	Name: triptease-user-id Value: 01HBWR2M1159QJ7XT73C2MSXVC
.triptease.io/	1970-01-20 15:13:51	Name: triptease-session-id Value: 01HBWR2M11A8X4GRXNN04M1AHR

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	URL: https://www.theleela.com/gha-signup?utm_source=Website&utm_medium=email+&utm_campaign=DISCOVERYLogin&utm_id=DISCOVERYLogin&utm_source=revinate&utm_medium=email&utm_campaign=TLPU%20Celebrate%20With%20Us%20(October%20%2723)%20-%20Batch%205-519779 Message: Refused to apply style from 'https://www.theleela.com/prod/content/assets/css/css_2Zzi2uLcrV_jlv4vEXqQ-xmQy4CvEr58AMStZfp2bWo.css?VersionId=3Et8f_LgKa2Duie.e3lRdLmpBTc.CIqY' because its MIME type ('application/xml') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
analytics.google.com
api.triptease.io
bat.bing.com
beacon.sojern.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
customs.affilired.com
fcmatch.google.com
fcmatch.youtube.com
googleads.g.doubleclick.net
gtm.theleela.com
ib.adnxs.com
match.adsrvr.org
messages.guest-experience.triptease.io
onboard.triptease.io
pixel.sojern.com
rb.gy
script.hotjar.com
static.hotjar.com
static.sojern.com
stats.g.doubleclick.net
targeted-messages.triptease.io
unpkg.com
url6914.theleela.com
v.clarity.ms
vc.hotjar.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.theleela.com
www.theleela.com
104.106.162.18
104.16.124.175
104.17.25.14
104.21.87.93
107.178.244.119
13.107.21.200
13.107.253.38
13.225.195.104
13.225.195.69
142.250.31.156
142.250.31.97
142.251.163.139
142.251.163.147
142.251.167.100
151.101.193.229
151.101.66.133
167.89.118.120
172.253.115.155
172.253.122.138
172.253.122.156
172.253.62.94
172.253.63.148
185.167.164.43
20.114.189.135
20.125.209.212
216.239.34.181
216.239.36.21
23.212.251.12
3.161.213.53
3.162.3.7
3.162.3.99
31.13.80.12
31.13.80.36
34.225.140.54
35.186.195.233
35.244.188.9
52.223.40.198
68.67.160.137
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
025fbb3af25f91b809018cac4a8ab10d0328cddb87f42ed650fb84baee1612e5
02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
038ed9692d094c2952fcdc22ad7f851c90381748d2dd2fbf8b419cf2407a5a31
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0d21adccec469c00455ce3ec7eac5abdde476f167af1ea4ae9b6ddb1638c75
10e26ab699ce3440b299c1274ea67f63e07a6124a189daf8d53c8acb35c09a5a
152a1442663634bd24aa56044dca5e00e76fa801443fab852e11a78546117208
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
19768d0a9a36a10b41536d15497dd6a5f8289dad900ea45b5e20bd6d53d51327
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f23d01e70c74e9f4f04b77d2dd90a069f9cf6b4fdd4ff17ac156de5299ae90c
2d653008a8b80fe521c9579a0bf700e1073a5f6765e2a77de65e70d547ccb3c6
30fab2d3861b1344e5a97e83fecd24ec83b3469b40b97e5178e235ef06ce9399
3107e5779ba7aef5eb3d38abf73567905761c49a6da871adb8798425745d49db
329cea20c22a34616057504fb9937f03ca4265beed1513e66df199f0a1a3854b
3aa12b95ef1db0939d5679de31977e3b3d87f7d31602a69199b332ce2280a43a
3c62ad8f9fa9915efda45764018f5fdcc98468da4d31270093250489fe38e8da
3e5a68123efe6574d40f67092723e60e648b6a1bc780bfd6e95d15b78af777b6
44967af7d7413422ff93ef8e795f138ffa16e64d705bf2fcdbb164145e7d651f
4952197bbf06a03b5ffee0f8191df7a4dfba4072ef1106292cd449cfd5564107
49e22ef25714e751e92ca76fcdf792814f9f76f285bd4de94780a6901c89d935
4ad748b1136985e21629ae9adaf812890ef55efb951483043560593c2390cc0a
4f07ec21c06b13c0c67e016f212bc15e6c32138a32bb12d03109df41eb129baf
5267a8e538ada2caf9115327a88512de40734f4436f7a869cc6c3e48eceb8fff
573df05aa08d415383b527f34ba575f6d58ba0fef033b6da852ce2327f04b0a0
5d5341e2778373491e298e8a932b6f2099c9a950968b969ac0374e074289f7d3
5f0f0927b6e1840690d536f890809763b04eb647d360855ebb1614a709d86cb8
670e8e527d9c241e2af64199907d704921ba0de8376d47470e071084541ff6b3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7709a3a753368dd902babe99c18fe83e46687d7a96f243d0106e61636dd0b757
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8a704e5b63565a99c8b8b6da6c5caa08eae7cb42b39365a4f53eeeb19b7bb4d3
8d01cf5dbd3a6c03be0f3e79a70b93418d0e09221ffad29daa168562686acd83
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cab8c591031a707de96ac54d338e5fd4d5a3445a12be2d68576e7998241a025
a1d883a4321ca251de3cb45e5e2ff4cab8e0258746c50930b062d6bc284099c7
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b356739117ab58ed7eddcfccbed1d73f4f26e3b9b3d5af494213a71acda7238c
bb5b96de3e8a06089b9b57c3d6d777ada48126c56c2c8742a01b502f1081d2ec
bfe30a4c9c2872daf50a376489bab9945d876d7b09ea3ac2ba2e745e42b06670
c3ab4de985c305576fa7614c3c9f764579f29f45cf121df0f64066808a10a6b7
c5d4a77d0d84e2dd42795871e3a7acb30dfce6d54500298cfc414b1d7408daa1
cdfdc577f1e6a578ebb7c24ee2cec64619b9e13dc41d43888a93b1d383502291
ce39fa6ce22dac5c36a375062dc7a618f623c7c146a3bce675ec4d7a64c50d92
d71d12f5c4fb4751dd4aa62557ed9c052881f0d8df2b17f4aa68cc8d80d6c6a0
d752ae2a03d40ce0412b777d4b7dd5c0d305037ae945a2f4f449e7b1bd4a0caa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6f901d11024feb2fa86c30a27fb0c361b122dc8a1e528782cbe6b5c363027b8
e887364143c0f8c83b3080f5266d1c5295089a3e96c26f826ef2520104f2f20f
e887a4e091adb3d75a4092a652fdd7cf34c979a2fb1a6c2128f34c9c51921e29
ea460b27394ce76804196d4256009ee2bed013f4e630b3dbd57a7c5bb5521e42
ed7eb84b16f5384af3924da2549c9816136b0b6492c955e7da5b75367ba77567
ee7e4aa2b3f83e4a82a1c1fe8fc1ba9f9b1c739de79763e57b562283e5d328f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31f69d875364ccdc21e5253c404c37cdc60f934fbee041282749cff3de19263
f5f13da28e611c512a64a0c5db8b6f7f62c3f5209ae572b7f7d15312f99323f1
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

www.theleela.com Open in urlscan Pro 13.225.195.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

88 %HTTPS

0 %IPv6

25 Domains

43 Subdomains

31 IPs

4 Countries

1484 kBTransfer

4728 kBSize

46 Cookies

16 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theleela.com Open in urlscan Pro
13.225.195.104 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

88 %
HTTPS

0 %
IPv6

25
Domains

43
Subdomains

31
IPs

4
Countries

1484 kB
Transfer

4728 kB
Size

46
Cookies

88 HTTP transactions
5 data transactions