urlscan.io logo urlscan.io
SecurityTrails logo

help.firstleaf.com Open in urlscan Pro
104.16.53.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://help.firstleaf.club/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Effective URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Submission: On November 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 33 HTTP transactions. The main IP is 104.16.53.111, located in and belongs to CLOUDFLARENET, US. The main domain is help.firstleaf.com.
TLS certificate: Issued by R3 on November 8th 2023. Valid for: 3 months.
This is the only time help.firstleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 8 104.16.53.111 13335 (CLOUDFLAR...)
17 104.18.72.113 13335 (CLOUDFLAR...)
2 104.18.70.113 13335 (CLOUDFLAR...)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 104.16.51.111 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
33 9
1    2606:4700:10::6816:2be0 (United States)

ASN13335 (CLOUDFLARENET, US)
help.firstleaf.club
8    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
help.firstleaf.com
17    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
theme.zdassets.com
ekr.zdassets.com
2    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
p23.zdassets.com
2    2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6816:3e65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.firstleaf.com
2    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
penrosehill.zendesk.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
19 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2137
p23.zdassets.com — Cisco Umbrella Rank: 27714
theme.zdassets.com — Cisco Umbrella Rank: 10000
ekr.zdassets.com — Cisco Umbrella Rank: 2470
682 KB
9 firstleaf.com
help.firstleaf.com
www.firstleaf.com
2 MB
2 zendesk.com
penrosehill.zendesk.com
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1002
85 KB
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
968 B
1 firstleaf.club
help.firstleaf.club
200 B
33 7
Domain Requested by
14 static.zdassets.com help.firstleaf.com
static.zdassets.com
8 help.firstleaf.com 1 redirects help.firstleaf.com
static.zdassets.com
2 penrosehill.zendesk.com 1 redirects static.zdassets.com
2 theme.zdassets.com help.firstleaf.com
p23.zdassets.com
2 use.fontawesome.com help.firstleaf.com
use.fontawesome.com
2 p23.zdassets.com help.firstleaf.com
1 ekr.zdassets.com static.zdassets.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.firstleaf.com help.firstleaf.com
1 fonts.googleapis.com help.firstleaf.com
1 help.firstleaf.club 1 redirects
33 11

This site contains links to these domains. Also see Links.

Domain
www.firstleaf.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
help.firstleaf.com
R3		 2023-11-08 -
2024-02-06		 3 months crt.sh
zdassets.com
E1		 2023-10-23 -
2024-01-21		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
firstleaf.com
GTS CA 1P5		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
penrosehill.zendesk.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Frame ID: 9ABAA0E2B37A2F5F60D867B6A946C136
Requests: 28 HTTP requests in this frame

Frame: https://help.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 3717722AB97512A7B84ED711D8F8E992
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: 77C2C322DC0234C383CE251CDC49F609
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Firstleaf Guarantee – Firstleaf

Page URL History Show full URLs

  1. https://help.firstleaf.club/hc/en-us/articles/1500000909721-Firstleaf-Guarantee HTTP 301
    https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

91 %
HTTPS

56 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

3150 kB
Transfer

4768 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://help.firstleaf.club/hc/en-us/articles/1500000909721-Firstleaf-Guarantee HTTP 301
    https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://penrosehill.zendesk.com/auth/v2/host/without_iframe.js HTTP 302
  • https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
Request Chain 26
  • https://help.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://help.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1500000909721-Firstleaf-Guarantee
help.firstleaf.com/hc/en-us/articles/
Redirect Chain
  • https://help.firstleaf.club/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
  • https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7d455a296da25d2d08e039c7e4448e63c60cf2f9084bf18ac40be0de2d8d11
Security Headers
Name Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, public
cf-cache-status
MISS
cf-ray
82cceac328ab9220-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 27 Nov 2023 19:53:24 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
protocol
HTTP/1.1 always
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIW3geANqRWRbW0ki7Sm6az5YfAgK%2Fjg4IAoXE1qMbGUSnzkNIHT2WPn%2Fp2cS9qtrRSznh98BDsi10JVRKs37U10sUaMyEd1NZ4F%2BLedLl11s2GrigumY1icSnz8ah3hBb0jAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200;
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-request-id
82cceac346f69220-FRA
x-runtime
0.160374
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
x-zendesk-origin-server
app-server-7f8fb87d58-6mjkh
x-zendesk-processed-host-header
help.firstleaf.com

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
82cceac268d59bef-FRA
date
Mon, 27 Nov 2023 19:53:23 GMT
expires
Mon, 27 Nov 2023 20:53:23 GMT
location
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
server
cloudflare
vary
Accept-Encoding
application-5dedcabe00a896eb2c214ed2973f0975.css
static.zdassets.com/hc/assets/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/application-5dedcabe00a896eb2c214ed2973f0975.css
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ace26882bd590a050d612c679d4e25e8cb6dc4cfa58c81806050cd45359adde
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
OkyxV37yM8M4aQp1hVnqD3WDgd.PzUak
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FRATDPNS8ETRS7G5
age
223035
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
dpD8hvUu02boHU+U2feXz4OQcdMH72yP23VFHdOz8e9l1BJOauAM6Mb+/0qYXpg5gNPqAYfMYE0=
last-modified
Thu, 09 Nov 2023 12:28:08 GMT
server
cloudflare
etag
W/"ab4cc5d52d40b0752bf2b47ae2bb94b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEoih5809yrUwO9RnOi7x3tAeNXXIdk7U2VAnDWPRxccrhWjpRCQaPm3nr4iHZUkF8kIBsyudCJrxBfAp7TdM3Ncv0lPf8Q7jI3optuOTuIGCTlJZsRHR8OcQctDIMC20XTLzAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82cceac57e593679-FRA
theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
static.zdassets.com/hc/assets/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
836316444e9cede5ce83cfe98734b9c8ab27192a9634a59b82c118a8e6792037
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
TWDplm7KHTjH3jGIvLjk4jliQguifYR.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WMCWCXWEF4E40821
age
64401
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
MjCYnmnExP+6hkechrSuLIahlHbACLYMKFbdmPu8YUsyR2hLkAyRBDNrgpMqsWusQP1TS09/2tf8cMGi8Se5QQ==
last-modified
Thu, 09 Nov 2023 12:28:15 GMT
server
cloudflare
etag
W/"359c3fce9769020f14763e4e3615597d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDc74we92P5PP3d33iGNlwduk8MMmHN179p7gOZHviuudXW6vIKZHMDFJh54b%2F1ZU5ARYw9yF2iBg659GYWrxgHPhA0kBVEi1dJ0fJJd4NjSoZj87Qw0L13MQjzi1PWtmzJelmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82cceac57e553679-FRA
style.css
p23.zdassets.com/hc/theming_assets/837534/606457/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p23.zdassets.com/hc/theming_assets/837534/606457/style.css?digest=15312552235543
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae00f380120bd1927418df8f05a2b909da7a3945b7cc7212126992d64660207
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
app-server-65d8d5678c-wk2vl
protocol
HTTP/1.1 always
x-request-id
81f3944f4eb1e952-IAD
x-ua-compatible
IE=edge
x-runtime
0.015722
server
cloudflare
etag
W/"1ae00f380120bd1927418df8f05a2b90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTecEPKQkCN8spvGZIPozhYEg3yyv%2FA0FAG6rG61lbz%2FEAGOwplSfKvjvX0%2FTrY38%2Bhn8uOkPL2ziA%2BHv17XnUe%2F3dyCCpqK91CPeEE1u%2FRFJa6sU3BpowOQKuQYvQheZw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p23.zdassets.com
cf-ray
82cceac558541e53-FRA
jquery-09d07e20ce042ef10e301661ad1f316c.js
static.zdassets.com/hc/assets/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/jquery-09d07e20ce042ef10e301661ad1f316c.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1fc56c5af917b653be54d619245c4079c1afec0991321f0d358679b1ef529a0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
I2blFF4wKGtary.Ot3JOZ8lnPvpkdj3y
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YZ2B1YZ5W61C6XPN
age
314351
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
CpmI22Cs/pFsGGXR4kctlc6qk95CDx6c8fW+NjnLC1XrVyHVJO8SwYumfz3XVz8oc0Byw/nrkau6QM9WxhRjig==
last-modified
Wed, 01 Nov 2023 15:51:00 GMT
server
cloudflare
etag
W/"06821d0f1e25137c2297502c6ced525d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVB2%2BY9SQUjzmBYAGZiqi1wcKQmHyZuYox1hzz2iGc398%2BHCyE8hs25LAuTBOsCTkpnNh5eNmnu45kcKRB7n0diQzB%2BE6vcZ7C%2FiqFDJULO0UCBynl0G4tdugvrmlVlr1bYrhvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac57e5a3679-FRA
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://help.firstleaf.com/
Origin
https://help.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccEH0Y1z%2B1l1AAtu0xWNr1dKsoTZ3J4N%2Br4MUutMseGGwmqfvYRfcCfdV3R%2B7T3adILNiIxksuMg8tnN7ifUpOcmK5mn4RiY4xcJGBSvw7mxpdexOtcgUZhbJswJ3UBUi67%2F0LRT6VRef8zkSaEbRi5n"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
82cceac54d1d196d-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Nov 2023 19:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 19:53:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Nov 2023 19:53:24 GMT
script.js
p23.zdassets.com/hc/theming_assets/837534/606457/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p23.zdassets.com/hc/theming_assets/837534/606457/script.js?digest=15312552235543
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb824b0e3d79dc89031914cea3a90ec645270c044779f38776a4456d3223260
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
app-server-868cf5b7db-vc8v7
protocol
HTTP/1.1 always
x-request-id
822b8c4fd96320b5-IAD
x-ua-compatible
IE=edge
x-runtime
0.015469
server
cloudflare
etag
W/"3eb824b0e3d79dc89031914cea3a90ec"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJfOscfgM2ICsB44v44b4hGKXw0sQaV4NjFLuu44%2BXeYx0nuYgBeVMOKJVEw95nY8kF3NYPKk50y12qdOls4eWt6L%2FaL0ummGcDYkxc45B2HSsmUPs4EDUpSR8Bmk8ioedU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=604800, public
x-zendesk-processed-host-header
p23.zdassets.com
cf-ray
82cceac558581e53-FRA
bcfc2b373c7506f0a231f84e2c3283eff328a05c.png
theme.zdassets.com/theme_assets/837534/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.zdassets.com/theme_assets/837534/bcfc2b373c7506f0a231f84e2c3283eff328a05c.png
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be741d321cb47cc26567b245454af77b920e9bdcf484bb44916ee2e24b0e3c49
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
QrNmKRise_T3s0GaeoXLRmvzTF9fNsVB
via
1.1 97f993f9d41d16f3f36b8c466857e2d6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
AMS58-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2483
last-modified
Thu, 11 Oct 2018 05:00:54 GMT
server
cloudflare
etag
"e2fdc85becdb0b296a00621ae049f06e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo1RX2kZE68HHS%2Fvu7rnsRxw2qyLd8BcgTySvxsXn2C32fBT3GE8rqqF9J04e9Mp%2B7%2BGriViJ%2FAIFuev5%2BbuS8qUmipxFCg4qW%2BaBTwICKc2jd9TpE97ijlgkM4S9q75EpB%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
cf-ray
82cceac55d5965c5-FRA
x-amz-cf-id
r0iMbhXkIA4VW8e5JKJAD2kfX9yDG1Nfb_c9Zw2HQCYsnknyXiW_-A==
2019-07-10_1311.png
help.firstleaf.com/system/photos/361118426233/ 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.firstleaf.com/system/photos/361118426233/2019-07-10_1311.png
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb082c34e145d591044598dfe6b52d2044774722e1c0ed3245da81cc786363a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
lm8SwYvcs9pDIeCE77Re7bNNgG4y0P5a
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption
AES256
content-length
579
last-modified
Sun, 06 Mar 2022 06:36:33 GMT
server
cloudflare
etag
"99b7584227e2406e1fa170eeca377b92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnwppVG1e9TSoCFG%2FKQe8iuEpVK%2FBXE9mCTwyBmn5wZATgTws7n78F2T9OtzG%2BnnSdBfAnIeeb3PezmvyXoSk4oJ6JViPY4H1P%2BwRGAz6Gcvb1ZJogetFIAtWjiOEQpALJA5mA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-robots-tag
none, noarchive
cf-ray
82cceac53b279220-FRA
15315212583063
help.firstleaf.com/hc/article_attachments/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help.firstleaf.com/hc/article_attachments/15315212583063
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1cfa3eea5177ff384947e748d0c015d8a38f28108f04477c17f6b15a9100c46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
BHCBNLnOQdQhtXEcDxqj_9hW82zmEsXj
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption
AES256
x-amz-replication-status
FAILED
content-disposition
inline; filename="Rating Gif.gif"
content-length
2397907
last-modified
Thu, 23 Mar 2023 22:55:09 GMT
server
cloudflare
etag
"26558e5b60a650297ac8a43a399bb3b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJrzgkrMUj%2FJtkfY7cJ6zOp%2By64%2Ba3PByG4V9lijh%2BvbDVjnb3oNoUzkTH67SmNCLs9SErWU1XGtMCIe9uXsNN1yF%2FeCSLs8y1jtE6ZZJXdW8w4Uy67xMz5GJknacfEiNxFmpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=120, public
accept-ranges
bytes
cf-ray
82cceac6bc869220-FRA
x-robots-tag
none, noarchive
logo-dot.png
www.firstleaf.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstleaf.com/images/logo-dot.png
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c00e3f69a532be7aa63c14385c12c3e0a5d3c0ec7c397396a7de25c8ff7a614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
via
1.1 46e82159f07d7f814d9b72723b038152.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS58-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6879
last-modified
Wed, 24 Aug 2022 12:51:20 GMT
server
cloudflare
etag
"ffce9f2224fadb806f0d605e224c20e0"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82cceac70e90bb9e-FRA
x-amz-cf-id
ZtErPfEeW0yeWT23_zRaG5dZAV9uL6mn9LPvJj1Q9UO_O0r29V_rZg==
en-us.799adce4dfbb87d2bed1.js
static.zdassets.com/hc/assets/ 		212 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/en-us.799adce4dfbb87d2bed1.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d5549676e2bb4426acce6b42ad31f4658811549b00acb761a8deabcb3f2fde
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
KcDUL5pGRZvGZHYu0NCjmC5Q11dYAiJ2
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
0D041HA8ZWB9NFVW
age
32850
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
V+4MSJJ1S29EJQ3xD3AahzN3PuOmdZjiH4OUoyBRgH3KMgI/nmpvw6h3Or5+pXhzW1GKNaIYZuU=
last-modified
Wed, 08 Nov 2023 09:15:55 GMT
server
cloudflare
etag
W/"799adce4dfbb87d2bed1e5e82c14ec0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Erbo3fx0B%2BlommOCduqSsRyoguenoNFRmJ8iMsuUKLDdnsLMg1cPpcaKZTp503%2BdYViYciYDJaIrqlThS1wFu7Vs4I2imYptgsGO6EchQMvwW7h8Um5ucsXJkzSuVFdSGeFOi%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac6cfbb3679-FRA
host-without-iframe.js
static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/
Redirect Chain
  • https://penrosehill.zendesk.com/auth/v2/host/without_iframe.js
  • https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
KSmUWZZPaK1vsWrmUQVn23dSj1b63R2s
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WWF08M8Z1AXD1SJ2
age
2796
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
M+zMeoL6F/X7PSw0opjQ46Qk0csghNBp9gplTW55uGWE1h5L/oyOrj3q0qYWSwSEJiEW3hj/MUo=
last-modified
Wed, 25 Oct 2023 18:53:30 GMT
server
cloudflare
etag
W/"35166401913bc433e702156b229abb6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJDnzw%2Bcm31xmDa%2FTBDC4SII2JojDP6XPSPgAKcJOIoIBhSZvS6D3VJ%2Feak4u2QMsEB5NFTfzDaymYJbr%2F9cxZI7NNcLEQ3wSB00A%2BUhjl9dmr2%2FzAt1qbKbeOcCkw0kTs%2BYOUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
82cceac829753679-FRA

Redirect headers

date
Mon, 27 Nov 2023 19:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server
classic-app-server-76457b7df9-rqvdm
content-length
165
x-xss-protection
1; mode=block
x-request-id
82cceac6e9239171-FRA, 82cceac6e9239171-FRA
x-runtime
0.055056
server
cloudflare
x-zendesk-zorg
yes
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qadi65Kghd709bSUqa78SiBzCFg2GNcuovCUvKXZHXzrDxJyK8TML9a%2BqRyPxJv4nzIrrBXNj2UpHCrTvCwi4PhSfUHcTtZcdVz4V8d8Q8G%2F4hSP3RrjEzM71PGnGuUbwqEB4oyuZry"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://static.zdassets.com/auth/111e8e6e01b3952840fd6ff2ae791fb522c67b19/v2/host-without-iframe.js
cache-control
max-age=86400, public
cf-ray
82cceac6e9239171-FRA
moment-4ef0d82f9fc65c8a28f659aa3430955f.js
static.zdassets.com/hc/assets/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/moment-4ef0d82f9fc65c8a28f659aa3430955f.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd03b0b6236cb66eb345ef4921d76c8d9be436ea7cc7c89f9e62163c3e0a4a64
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
MdRi9iXzkEJ_cn1aGypuDyrRASu59owk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
JJ57H7WH2XK9D9JV
age
577646
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
bAfnJU9fn6wARHYvscU7vR44Au+Xxo28WXhWfajZ/hLTcfD59bpF4Nun0bcKxEC0O0qnCEzP8rw=
last-modified
Thu, 09 Nov 2023 12:28:14 GMT
server
cloudflare
etag
W/"e1ae1e8e526e50ac4d8ce91396726097"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loge0Ywb1t1aoIN2ZieN34VduLS4xF%2BXL8BbaqsFJcaKyDtgEyjIlGkv6Va9%2Fg8jBF1lMoG6vzicbEhU9t4H85JOIX8jB7jB96jGJqtG3YO0qeAPdK%2Bo6fOqEB3Btu99GWexyKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac6cfbd3679-FRA
hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
static.zdassets.com/hc/assets/ 		585 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ffc51801303d272f3094aa258b6c492606aa4374f058fd44906b3af7508396
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
YT7jCTDBBf_jomkXKnv134TOTSMLmEOX
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KNY57S290ZDGS3DA
age
28594
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
xZkViL4Q6yBd2n76zOspwQD+PeI2hSj2mlSyGIQHOQ/1ZFIWEzQh9vZndKHEBYd7NQzd3to3fx4=
last-modified
Mon, 20 Nov 2023 11:53:22 GMT
server
cloudflare
etag
W/"1fa0c89f08aac93d4294dcd7eae68410"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiVyZ8Qf%2BDB46dctePwWa9p9t0py%2Bd16DS2xNleriMM4scZEE41Yyi416GaQbUJZd81atH70JidzQo9nQw6GU0mQC3L0bYdyG1moy5zViPhAKdicAvLpjPv206X0L6n2XseohjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac6cfbe3679-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://help.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"418dad87601f9c8abd0e5798c0dc1feb"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwZ98cQvu6e5Sr9EKrwd%2BY6My6mNHobDb6cEvU2%2FO0Th%2Fkgl575Z42OT8x4wzX6SqwhvTFHGCyfFoBxh2j5fLweV8e%2FFQGsR7aulsA5AiRwIlEMNttC8rrV2NtmZk0oAit0ECnur1UtSEYTg25RxZe39"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
82cceac6cec4196d-FRA
alt-svc
h3=":443"; ma=86400
content-length
74256
copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff
static.zdassets.com/hc/assets/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/copenhagen-icons-268fb7c014de8a06d7d40310b5000daa..woff
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://static.zdassets.com/hc/assets/theming_v1_support-e05586b61178dcde2a13a3d323525a18.css
Origin
https://help.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
NOhflpV0YZnLQJqn28YB5Z6pLRVuYffS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
YZT22Z570RC2S0WD
age
131065
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
HCtcCIAPOS4upWDGYk2F+Ul0H3gX32ni8aCfLSBAj/Tjm+d6dAVyF1aTcH5XL76D9CHZoaSqeCU=
last-modified
Thu, 09 Nov 2023 10:15:59 GMT
server
cloudflare
etag
W/"74ee60bf509aab9976dd0c4358b7bd5c"
access-control-max-age
0
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orQoBbY25M26gFNN4FNg7CNFIt%2B16iybRoOhbzs03pzN8AH3rafDLC%2FAwA9pj08z35pGtu07XiP7XtqptaRPHgbFBbFDaP6p%2BF77clXwm%2BvrWoHuOzRpJhDEAIU%2B2h5ge4X0vOk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Type, Content-Length, ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=604800
cf-ray
82cceac6eed74d5b-FRA
c027dc8275f68386fdb3a9f9585a5a02986100d6.ttf
theme.zdassets.com/theme_assets/837534/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://theme.zdassets.com/theme_assets/837534/c027dc8275f68386fdb3a9f9585a5a02986100d6.ttf
Requested by
Host: p23.zdassets.com
URL: https://p23.zdassets.com/hc/theming_assets/837534/606457/style.css?digest=15312552235543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c8b9746200a0b039328e390a847c9f3aa2e7ddf78306df86c4b4b0cf03aa72
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://p23.zdassets.com/
Origin
https://help.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
KYgihw9MENjqyr_BsItUIwM2d3BkmaJC
via
1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Oct 2018 05:00:51 GMT
server
cloudflare
etag
W/"cf9c71c7ec98eb85ac6c3cbb1fe8f370"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/x-font-ttf
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmjgiMt61pi9hdPt2QJKfTYSMDrxk3Le7mRP4o8Oo3W6H7nG9XJZvK0nTIODBoaNdpnmg8AIr7P4MGmSbfAyv7IFcl%2BX3kHng3OgYyrxO8tLRvL%2BddyR9brGT30cI87Nv3%2BMMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=86400
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-ray
82cceac6ec835b50-FRA
x-amz-cf-id
kHGCcQtSxhtbzMwH_E0jizk27IBgYPxC8rUldWtZst0CFVLqFiTWhw==
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://help.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Sat, 25 Nov 2023 11:07:40 GMT
x-content-type-options
nosniff
age
204344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 11:07:40 GMT
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=web_widget/penrosehill.zendesk.com
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
SJN8N1JDMTD43WG0
age
40
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified
Wed, 09 Aug 2023 01:01:02 GMT
server
cloudflare
etag
W/"42d94c325a0b012e41f9c3907853625a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1ECj4IE3HNQEnvLxfnAZCDJVmld%2BDgeNvG6ty212qEEF3kJs7TWa8aE%2FHVQShmQZDrFUbljza2zlqv01dVMjp0jNZGmCQzOQGzDtax2fJbyZgCtEAIZx0y8QN8F4ce5nxNq3gU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
82cceac879dc3679-FRA
react-5fcf28921178b9778b63f560ee9c13f4.js
static.zdassets.com/hc/assets/ 		138 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/react-5fcf28921178b9778b63f560ee9c13f4.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acad293b7f644e4c6d243e933c291953accfd518c15e56b01d19dcf0e803f9d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
YKs8qBl9RlgkjY9BJ37yPtbZ.mlv0nIF
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1EA2J8HQGQVT00HY
age
35037
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
M3CE+4hqv0k2lXEYzDw+ZhZRWq+5eB2Drjt5dbbetQ6THdtkMTA66Y92TxDn1jUW14LmUfDxOI6e+BCMxooy/A==
last-modified
Mon, 13 Nov 2023 10:02:37 GMT
server
cloudflare
etag
W/"7fd68b955d3f5a3a65e4a05d45da514e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oq0R4EfuIytbYiQroVb3YPpMffopg1Oxvg8RDGAiHt3IZj%2B3gO6VEN%2Ff2GVueUiP6Vdve09ykz5z%2FgY99KwtZsAVJCaaGMb83S2q1v53efYDghb2Y%2BFIrxbPDb6azc2TWGEjYaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac889e83679-FRA
61618-e00125bb003008fb81737a0eb569cb2b.js
static.zdassets.com/hc/assets/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/61618-e00125bb003008fb81737a0eb569cb2b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674b5cf8d02b7fcdf3274afd0363177c7a5016ad6820b53714fd886da97a38c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
2JsYJ66Bm3jzzv.2hn12C3pnIZDMMfCw
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
NWQ75DJNTFD7KVXG
age
241234
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
eUVuFUmKkQnOf917v5itzSOulu0iZFdCuKTiREM10xPL4xyZwqZv4pWc3ynExDnQWBv4KgO7/tE=
last-modified
Tue, 31 Oct 2023 13:32:52 GMT
server
cloudflare
etag
W/"e5f85e6bd463e2e2730ee981abc816ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJimKpAS8A9mn9smam6LNO%2BaKJCjdiRdBpyM5x6M2%2B6KxhNHa4djdUc%2B%2FQzVtQxVtPfQhdGlkUpFGkpmCvyHlZ7D6QJPqpZ%2Fy79MI63JDu3sSoroKgHdGIQhziuYLijUgwzyqhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac889eb3679-FRA
subscribe-0addb3e97f4953f0915a38fbd60b70ce.js
static.zdassets.com/hc/assets/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/hc/assets/subscribe-0addb3e97f4953f0915a38fbd60b70ce.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83026b248b9c71298269febcc870ea78fd0aa30d5b79e903d20164a85628c619
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
x-amz-version-id
DorajA.7jMxn3skrrFBSPMpQ.M7Rbzsn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RJJZ55HPEKGPKVPF
age
469581
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
URD3ClXcRQT+ugQL+n2wIkd/0RFBb+IprsAjof02+9LnvohK1769Re2FwLbXIHXezIAdQI1Gud0=
last-modified
Thu, 09 Nov 2023 12:28:14 GMT
server
cloudflare
etag
W/"5c8ad941f466ac5428774bbcf2813949"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1JJv7aCWDGS8yDjGTqoF0n1dJ14VgiPJ1TtwkM1CGItoBtkhOBKZ9nnKEZx9VLf7yMBP5ANvwGcpesIaZ9Kh70tUpd%2ByyAxH3x3AOflvceuY8tFZLDiC4EnZL2pg8GInyn3cOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
82cceac889ed3679-FRA
view.json
help.firstleaf.com/api/v2/help_center/en-us/articles/1500000909721/stats/ 		0
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://help.firstleaf.com/api/v2/help_center/en-us/articles/1500000909721/stats/view.json
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
strict-transport-security
max-age=259200;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
app-server-7f8fb87d58-4b44w
protocol
HTTP/1.1 always
x-xss-protection
1; mode=block
x-request-id
82cceac88dfd9220-FRA
x-ua-compatible
IE=edge
x-runtime
0.070602
server
cloudflare
x-zendesk-api-version
v2
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB%2FPxg63SGF0gMsHNwuFJ5LNvySTX7kINIaCm%2B7UCVXp%2F4e5Ybp1PAca7rKiWMNq1QVcq12m7xIkTMq6eXiqFeGtaRv9A5r4FYZQLZTWNNhO08lzOlZVccEK%2BbEc6gzQ4T7lLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://help.firstleaf.com
access-control-expose-headers
X-Zendesk-API-Warn
cache-control
no-cache
access-control-allow-credentials
true
x-zendesk-processed-host-header
help.firstleaf.com
cf-ray
82cceac88dfd9220-FRA
activity
help.firstleaf.com/hc/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://help.firstleaf.com/hc/activity
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-ef7cae9701a37a5a19c4a3b80d561416.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
application/json

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
82cceac890d29220-FRA, 82cceac890d29220-FRA
x-runtime
0.002378
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy4oKMTNl3tjYPrzqsZsU%2BJaEeU%2BikdyVMUuo6JbfRE9SYy%2Fm1eXI6G9h9E1wzMG0GyQBXdqzfBImBUxfiZKzL2%2BMoRFWmJ5Ec4p6mxbdvA7GujZrSz0hEZNhqkz60kI9BQ4DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
vary
Accept-Encoding
x-zendesk-zorg
yes
cf-ray
82cceac88e019220-FRA
bc787998-75bc-400c-9ddc-536830f7ba93
https://help.firstleaf.com/ 		819 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://help.firstleaf.com/bc787998-75bc-400c-9ddc-536830f7ba93
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Content-Length
819
Content-Type
main.js
help.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 3717
Redirect Chain
  • https://help.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://help.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://help.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/hc/en-us/articles/1500000909721-Firstleaf-Guarantee
Protocol
H2
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad25089a8ee0a7bfcd3bd7cafaf320da308edf035714f5ed84bd349646134b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Wab6mAw9ZYEUaow4V72B7vAxe9sRV9bT1K3upnqdwSPVntOqIUr5St1KO8ysUpM19%2BITXIU%2Fe2u0ltaRlz9LrmIQ0%2BV1WXRoWbi4kljHQvFvcHaNoePrUgr%2BQ9CUw13Jy9tRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82cceac8ce2f9220-FRA

Redirect headers

date
Mon, 27 Nov 2023 19:53:24 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfSK7HiA12DiL7pbAP2P2cz2rh8WGa660CQ9Vi4z6YhAUv%2FnUuSuRUc1DE182mOY7cRRiWeLYO9r8ZNtAswP8hj%2BnFVzafyEvzgo8%2FV%2FlE57zJQASm5cYjuHqYtqrSQ7eRNNyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
82cceac8ae1a9220-FRA
penrosehill.zendesk.com
ekr.zdassets.com/compose/web_widget/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/penrosehill.zendesk.com
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=web_widget/penrosehill.zendesk.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad4276f7c290bdcbcb4e468f88a3cff789687c8a70c6828956bcfcd4c2aa1a1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://help.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:25 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
82996459eb48e104-SEA, 82996459eb48e104-SEA
x-runtime
0.024389
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7ad4276f7c290bdcbcb4e468f88a3cff"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWk5S%2BuDj4tpYPzsQZ0BDJYbzNpJFD1nMWI18sJ%2BRT%2Fwhu64ard4tLgxxiMQ%2FP1c35eGymQnuyQI617b6DGqzHBWcxU1uhNQkAnXzpP1otCRbvtrvz9DtFH2zBTOOnvWjAI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
82cceac8b9224d5b-FRA
82cceac328ab9220
help.firstleaf.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3717 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://help.firstleaf.com/cdn-cgi/challenge-platform/h/g/jsd/r/82cceac328ab9220
Requested by
Host: help.firstleaf.com
URL: https://help.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
application/json

Response headers

date
Mon, 27 Nov 2023 19:53:24 GMT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
82cceac93e9a9220-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMcBhIdXwkElNXVo6bAy45xsZ9G%2FJlsHl3KcVtSHwUfmGPpu7Az7IV2rED6KeY2zBlFH%2B5crOEb%2FaSFudJwAjf%2F0FGaL%2FIKANwjv8At0UYnOLOlO%2F0%2FAnWQH3ql8uSWFKwuHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
web-widget-main-0345ad6.js
static.zdassets.com/web_widget/classic/latest/ Frame 77C2 		923 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=web_widget/penrosehill.zendesk.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:25 GMT
x-amz-version-id
4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5NG7YA8N871VD5J1
age
1627951
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZySt8kL6ROzjbORLYN+I+W/w/yJpdfSQoR8pczX7IS0KJ4757YvEDq2mRj/feQlz/RRnW6+iyR4=
last-modified
Mon, 06 Nov 2023 00:49:00 GMT
server
cloudflare
etag
W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRFSPnIq6G2eKKamIOqMJe0KbO5BzaRBWaRvkKFZ%2FiJ3W2D7lYij6J%2B%2BRoUKKNVIxP5RkoQolngdFKthShfzCQ6E1eRKyYgS3Nwg1%2BHvZU%2FfyCdJxBIQvBfDhV9eh4OKihXGHYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82cceaccdef43679-FRA
expires
Tue, 05 Nov 2024 00:48:59 GMT
en-us-json-0345ad6.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 77C2 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:25 GMT
x-amz-version-id
I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5NGA2S0B2H0YW5PK
age
1536931
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
+ecFi86oIbndutdGPxhS6gCnsAL2qj/AlpaZ/VYH9WCeuIGfqWcDnSAg10xBstjut+Oj5v6q9yY=
last-modified
Mon, 06 Nov 2023 00:49:02 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Osj%2FgIBPoke0JZN%2BXDQubmIPj23ojMFLSJC%2FPD3k0%2BRqGSMDnjd0t19g03COSOcBKcV1%2FJ6Z2lcVaRIGSl4C4BooLToM30eWFqG%2B0FSgxhLQjOiOoJuW9jW%2FF%2BK5vSUKiTus2Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82cceacda81a3679-FRA
expires
Tue, 05 Nov 2024 00:49:01 GMT
config
penrosehill.zendesk.com/embeddable/ Frame 77C2 		751 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://penrosehill.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66588b9c23774d448f8e58d1a250f32845152730b25deb05decc869ff23489b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 27 Nov 2023 19:53:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6c58497b58-f2wxg
x-cached
MISS
x-request-id
82cceacddaaa68fd-FRA
x-runtime
0.001838
last-modified
Mon, 27 Nov 2023 18:53:43 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJGz2PDApVdBccyrhoRcOVRllyk62kIxOXQDxOnYYpj7lwmyehrVesyfCrUF%2Fp20dtFNathUzP5fyPkgENZOIP9dQbLgum5iA7l2b1aOZq%2B0hT44WVeUhH8PG3I%2B11nUJnkIAhxSTiT6"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
82cceacddaaa68fd-FRA

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| I18N object| Zendesk object| HelpCenter function| moment object| webpackChunkhelp_center object| regeneratorRuntime function| zEmbed function| zE object| I18n object| zEWebpackACJsonp boolean| zEACLoaded function| $zopim

3 Cookies

Domain/Path Name / Value
.help.firstleaf.com/ Name: __cfruid
Value: 403efb0cddcab4256702ee22cf4cce3849cb1d92-1701114804
.penrosehill.zendesk.com/ Name: __cfruid
Value: 403efb0cddcab4256702ee22cf4cce3849cb1d92-1701114804
.help.firstleaf.com/ Name: cf_clearance
Value: BPW6R48nThH0v8L.SAcWLWKNWkKde905EAhUowFNQPU-1701114804-0-1-525ad668.ba3cd87a.55b8988-0.2.1701114804

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=259200;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
help.firstleaf.club
help.firstleaf.com
p23.zdassets.com
penrosehill.zendesk.com
static.zdassets.com
theme.zdassets.com
use.fontawesome.com
www.firstleaf.com
104.16.51.111
104.16.53.111
104.18.70.113
104.18.72.113
2606:4700:10::6816:2be0
2606:4700:10::6816:3e65
2606:4700:e2::ac40:8c0d
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2003
0ace26882bd590a050d612c679d4e25e8cb6dc4cfa58c81806050cd45359adde
1ae00f380120bd1927418df8f05a2b909da7a3945b7cc7212126992d64660207
20ffc51801303d272f3094aa258b6c492606aa4374f058fd44906b3af7508396
28d397270696b4361f8722b8c43ff2db5ba45891f35eeecedc913088dcc58ed5
2acad293b7f644e4c6d243e933c291953accfd518c15e56b01d19dcf0e803f9d
2ad25089a8ee0a7bfcd3bd7cafaf320da308edf035714f5ed84bd349646134b5
3eb824b0e3d79dc89031914cea3a90ec645270c044779f38776a4456d3223260
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
50d5b516d840c7f050b44630b17a495e6549316b53c4a81bff2c8d11f1f0500e
66588b9c23774d448f8e58d1a250f32845152730b25deb05decc869ff23489b3
674b5cf8d02b7fcdf3274afd0363177c7a5016ad6820b53714fd886da97a38c2
7ad4276f7c290bdcbcb4e468f88a3cff789687c8a70c6828956bcfcd4c2aa1a1
7f919bb8db7a2fe7126380d85836c540c3fc883cc4dff3f44ae1ecc697027a6c
83026b248b9c71298269febcc870ea78fd0aa30d5b79e903d20164a85628c619
836316444e9cede5ce83cfe98734b9c8ab27192a9634a59b82c118a8e6792037
8c00e3f69a532be7aa63c14385c12c3e0a5d3c0ec7c397396a7de25c8ff7a614
92c8b9746200a0b039328e390a847c9f3aa2e7ddf78306df86c4b4b0cf03aa72
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
ab7d455a296da25d2d08e039c7e4448e63c60cf2f9084bf18ac40be0de2d8d11
b54315aa20706ade20a86f6e6e84fdc06e18f4aa8a61f0584a30b717c3cfad9f
bd03b0b6236cb66eb345ef4921d76c8d9be436ea7cc7c89f9e62163c3e0a4a64
be741d321cb47cc26567b245454af77b920e9bdcf484bb44916ee2e24b0e3c49
bfb082c34e145d591044598dfe6b52d2044774722e1c0ed3245da81cc786363a
c2d5549676e2bb4426acce6b42ad31f4658811549b00acb761a8deabcb3f2fde
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
e1fc56c5af917b653be54d619245c4079c1afec0991321f0d358679b1ef529a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f1cfa3eea5177ff384947e748d0c015d8a38f28108f04477c17f6b15a9100c46