Submitted URL: http://mymorning79.com/iCDIaZ_Aje1HePzjBq1BsY8920As-0FYON0fOD-P1KQoMWj2fXpEvuPLLav_1XC6
Effective URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Submission: On June 21 via manual from ME — Scanned from US

Summary

This website contacted 17 IPs in 1 countries across 17 domains to perform 82 HTTP transactions. The main IP is 3.133.213.185, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is www.leafprotect.com. The Cisco Umbrella rank of the primary domain is 861877.
TLS certificate: Issued by Amazon on August 2nd 2021. Valid for: a year.
This is the only time www.leafprotect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
42 leafprotect.com
www.leafprotect.com — Cisco Umbrella Rank: 861877
2 MB
11 inwjau.com
s.inwjau.com — Cisco Umbrella Rank: 149554
55 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1467
insight.adsrvr.org — Cisco Umbrella Rank: 660
match.adsrvr.org — Cisco Umbrella Rank: 384
9 KB
6 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 21480
cdn.trustedform.com — Cisco Umbrella Rank: 23107
41 KB
4 gstatic.com
fonts.gstatic.com
70 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
ajax.googleapis.com — Cisco Umbrella Rank: 329
36 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
107 KB
2 helixbi.io
sdk.helixbi.io — Cisco Umbrella Rank: 145535
gw.helixbi.io — Cisco Umbrella Rank: 118596
16 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246
24 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
916 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 696
350 B
1 d3js.org
d3js.org — Cisco Umbrella Rank: 24300
73 KB
1 speedtrkgood.com
speedtrkgood.com
818 B
1 mrktrecord13.com
mrktrecord13.com
316 B
1 mymorning79.com
mymorning79.com
333 B
82 17
Domain Requested by
42 www.leafprotect.com www.leafprotect.com
d3js.org
cdn.trustedform.com
11 s.inwjau.com www.googletagmanager.com
s.inwjau.com
4 match.adsrvr.org js.adsrvr.org
4 fonts.gstatic.com fonts.googleapis.com
4 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
2 cm.g.doubleclick.net 2 redirects
2 dpm.demdex.net 2 redirects
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 cdn.trustedform.com www.leafprotect.com
api.trustedform.com
2 www.googletagmanager.com www.leafprotect.com
www.googletagmanager.com
2 cdnjs.cloudflare.com www.leafprotect.com
2 fonts.googleapis.com www.leafprotect.com
1 pixel.rubiconproject.com 1 redirects
1 insight.adsrvr.org 1 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 gw.helixbi.io www.leafprotect.com
1 sdk.helixbi.io www.leafprotect.com
1 d3js.org www.leafprotect.com
1 ajax.googleapis.com www.leafprotect.com
1 speedtrkgood.com 1 redirects
1 mrktrecord13.com 1 redirects
1 mymorning79.com 1 redirects
82 23

This site contains links to these domains. Also see Links.

Domain
homeservicescompliance.com
www.leaffilter.com
optout.homeservicescompliance.com
Subject Issuer Validity Valid
homegeniepro.com
Amazon
2021-08-02 -
2022-08-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-11 -
2023-06-11
a year crt.sh
*.helixbi.io
Amazon
2021-10-09 -
2022-11-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
helixbi.io
Amazon
2021-10-05 -
2022-11-02
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
inwjau.com
R3
2022-05-06 -
2022-08-04
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.trustedform.com
Amazon
2021-10-12 -
2022-11-09
a year crt.sh
cdn.trustedform.com
Amazon
2022-04-14 -
2023-05-13
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Frame ID: 4604BC52F8377151DE3D2913C322269F
Requests: 84 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
Frame ID: 18215ACF5374509DBDD5C3E17DFB42AE
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41
Frame ID: 07589120FD819E53B6509BD02844CCC2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: B6791BE0E884E8AF73E3ACEF0735831A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_gid=CAESELn_EBYP5iNFkTdLfk7Q1Ac&google_cver=1
Frame ID: E085136EB1880D052D0E40880B1524AB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 9F59CE34920827E831563C9F13310E61
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Leaf Protect - Gutter Guards

Page URL History Show full URLs

  1. http://mymorning79.com/iCDIaZ_Aje1HePzjBq1BsY8920As-0FYON0fOD-P1KQoMWj2fXpEvuPLLav_1XC6 HTTP 302
    https://mrktrecord13.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8l... HTTP 302
    https://speedtrkgood.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8l... HTTP 302
    https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

82
Requests

96 %
HTTPS

48 %
IPv6

17
Domains

23
Subdomains

17
IPs

1
Countries

2374 kB
Transfer

4186 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mymorning79.com/iCDIaZ_Aje1HePzjBq1BsY8920As-0FYON0fOD-P1KQoMWj2fXpEvuPLLav_1XC6 HTTP 302
    https://mrktrecord13.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8lrdewqciehbhkkv HTTP 302
    https://speedtrkgood.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8lrdewqciehbhkkv&ckmguid=be49ceb1-3594-474c-83e0-58db4f203b69 HTTP 302
    https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
Request Chain 54
  • https://insight.adsrvr.org/track/up?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
Request Chain 80
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTMzODg5OTAtMjVhZi00MGNiLTkwOGItZGRlZGFhMzdkZGVm&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YTMzODg5OTAtMjVhZi00MGNiLTkwOGItZGRlZGFhMzdkZGVm&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_tc= HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_gid=CAESELn_EBYP5iNFkTdLfk7Q1Ac&google_cver=1
Request Chain 82
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.leafprotect.com/lpd29/
Redirect Chain
  • http://mymorning79.com/iCDIaZ_Aje1HePzjBq1BsY8920As-0FYON0fOD-P1KQoMWj2fXpEvuPLLav_1XC6
  • https://mrktrecord13.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8lrdewqciehbhkkv
  • https://speedtrkgood.com/?E=EDYqO4GUmsbYFid2OSIoA%2fq%2fG1%2bTbKm%2fDbfaF54T%2fx8%3d&s2=40jvpmbnetl8lrdewqciehbhkkv&ckmguid=be49ceb1-3594-474c-83e0-58db4f203b69
  • https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
29 KB
9 KB
Document
General
Full URL
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
423756e5595a751aea277d94e31035800a3ad19acdec5883503e4cb75316c77f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=691200,max-age=691200;no-cache
content-encoding
gzip
content-length
8974
content-type
text/html
date
Tue, 21 Jun 2022 17:10:30 GMT
etag
"0cace6b3f69d81:0"
last-modified
Mon, 16 May 2022 16:10:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

cache-control
private
content-length
213
content-type
text/html; charset=utf-8
date
Tue, 21 Jun 2022 17:10:30 GMT
location
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
css
fonts.googleapis.com/
5 KB
588 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900,300italic,400italic,700italic
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3d55692df1a3ceed6066bb892b66180681a279a1671ee931f23afa599efc40b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:25:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 21 Jun 2022 17:10:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Jun 2022 17:10:30 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 15:48:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 21 Jun 2022 17:10:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Jun 2022 17:10:30 GMT
style.css
www.leafprotect.com/lpd29/assets/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://www.leafprotect.com/lpd29/assets/css/style.css
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9865bc67868d02db5971f3ee46d4879063a0f21f5e5fd63c1f8e86a350b29ee4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
gzip
etag
"37dca513f69d81:0"
last-modified
Mon, 16 May 2022 16:09:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
3757
all.css
www.leafprotect.com/lpd29/assets/css/
70 KB
16 KB
Stylesheet
General
Full URL
https://www.leafprotect.com/lpd29/assets/css/all.css
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d646c4fbb71ea0f802daa283e0903f71b66a65a19fd47c7b59125e8ac426a0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
gzip
etag
"fd15c513f69d81:0"
last-modified
Mon, 16 May 2022 16:09:27 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
16323
styles2.css
www.leafprotect.com/lpd29/assets/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.leafprotect.com/lpd29/assets/css/styles2.css
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dfd13dce176d0618ef070548d1270e8c292e6643a1d0eaf3e9f96f803383ebf5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
gzip
etag
"be8efc513f69d81:0"
last-modified
Mon, 16 May 2022 16:09:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
1420
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Jun 2023 01:09:46 GMT
jquery-ui.min.js
www.leafprotect.com/lpd29/assets/js/
248 KB
89 KB
Script
General
Full URL
https://www.leafprotect.com/lpd29/assets/js/jquery-ui.min.js
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3da553cd44af722d8694511929b0ef169bdc64da092d8d337b429b0a3e7fe5ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
gzip
etag
"41385f593f69d81:0"
last-modified
Mon, 16 May 2022 16:09:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
d3.v4.min.js
d3js.org/
217 KB
73 KB
Script
General
Full URL
https://d3js.org/d3.v4.min.js
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8585db4092b8a9d26201e0d58e343d1b40fa034c4b9c343878923d7649bb1699

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
507
last-modified
Mon, 11 Apr 2022 19:35:39 GMT
server
cloudflare
x-github-request-id
4908:0B19:24E1A3:607DEB:62B1751C
etag
W/"6254830b-36305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aT8MiXpwQwGYWw%2B30uut5DngPJwraMbj9BMwviizBj4YXi33S97UyqyfmsVW38cjs%2Fbr4tKmLmLeTzHtaaFJxRmhkrORj7wGKBPZuRpUACv49kGJGBqlkQXHc2YTN6cbSmnSw%2BzU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71ee5baad9a602ba-MIA
x-proxy-cache
HIT
expires
Tue, 21 Jun 2022 17:01:19 GMT
jquery.validate.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/
50 KB
12 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.js
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53126c3d97961d6d5828df1b2cd55237022736580c5dea7746e64392c315019
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1716021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11717
timing-allow-origin
*
last-modified
Fri, 29 May 2020 16:54:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed13e63-c70a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH9Lpwgf%2BuHvth%2Fqyrm48wJAG%2F45DBOkgEmQ6n%2BBG78gvaLIC86TfF44ryxDJ2wL4cq04DTuecdGoV%2BGZ74eFvWxQbQQepBPO4dN5dwhGZkuKIzeC%2FxpqVzf5VPrU7wrUDtPW8y0o9KqP3OhXoKz6OIL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71ee5baacad28dee-MIA
expires
Sun, 11 Jun 2023 17:10:30 GMT
additional-methods.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/
51 KB
12 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/additional-methods.js
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f927033ee76826d059fb84aa7f34de7a100957e07629eb156994e956d5e9921
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
9652932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11755
timing-allow-origin
*
last-modified
Fri, 29 May 2020 16:54:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed13e63-caef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJFrpveiQgv3VyZ4sRajMChRztxeFbIXX6r2QP3HJXMvmvl3%2F06h9HPQRA1hF0IKDvIbmQLU2Un%2BF%2FdcRvjCPBt3hOLx5iBJM7pCRVBHCOxNs3G8EN0oIM2Tp8306gvIcVVXW40AxXsWe%2F24qk1bQu3A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71ee5baacad38dee-MIA
expires
Sun, 11 Jun 2023 17:10:30 GMT
coupon.png
www.leafprotect.com/lpd29/assets/img/
508 B
723 B
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/coupon.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de083de36fdcdd06cc2fee1a9745b710533f879f4f15489263948406a3db0894

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"537d70533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
508
logo.png
www.leafprotect.com/lpd29/assets/img/
13 KB
13 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/logo.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ff6cd35767a3ae36d7f1e1dfb5a3f3047f93ee246edddf5a1e90516316627a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"a1fe33543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
13021
18OffGraphic.png
www.leafprotect.com/lpd29/assets/img/
65 KB
65 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/18OffGraphic.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b21d485ee5d1c7a65d18f3fcabaa749759e977a8b88eea991542deb31e836409

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"5e9c8b523f69d81:0"
last-modified
Mon, 16 May 2022 16:09:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
66276
18offgraphicmobile.png
www.leafprotect.com/lpd29/assets/img/
62 KB
62 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/18offgraphicmobile.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c26c22bd9aadddefd0359187759d39dd419f379e1611ad743f8dff3219c9e874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"33fe8d523f69d81:0"
last-modified
Mon, 16 May 2022 16:09:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
63489
check.png
www.leafprotect.com/lpd29/assets/img/
7 KB
8 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/check.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f10294e99ae026bc10a26696946fc16e8fc55de90ed838aa3072e19230ccac4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"c075b533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
7545
warranty.png
www.leafprotect.com/lpd29/assets/img/
12 KB
12 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/warranty.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
016a6ae91c64df0d7ee6f0c5490f9d838afa01e422af561939217dfe9bbd23c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"6acf8c563f69d81:0"
last-modified
Mon, 16 May 2022 16:09:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
12123
free_gutter_cleaning.png
www.leafprotect.com/lpd29/assets/img/
9 KB
9 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/free_gutter_cleaning.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c73d6d5e2b2435fa0feddbf96995c2cee4d435c24fff3e458615d03cd6e145c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"6cb78a533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
9177
card_1.jpg
www.leafprotect.com/lpd29/assets/img/
29 KB
29 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_1.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a2f1dd4688ec153517bc1573209ed851655b6ad7ae904f336cab1bbab92e7a4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"2967533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
29883
card_2.jpg
www.leafprotect.com/lpd29/assets/img/
34 KB
34 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_2.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
65402ddeab106000c1d8ec35d612b582e342f07ff271f6c4eac7b1a5c07ac7b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"6b1c30533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
34431
card_3.jpg
www.leafprotect.com/lpd29/assets/img/
40 KB
40 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_3.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39ddc24297413a82320e45fe09534e5c95b3c5f724b4ab6bd10822a13f4c9dc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"75584a533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
40578
card_4.jpg
www.leafprotect.com/lpd29/assets/img/
28 KB
28 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_4.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ef5f64b8cb2a8e0f00807dc81fa4a22d9fa64cc25bdc0882015520e20aaffbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"fba658533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
28757
five_stars.png
www.leafprotect.com/lpd29/assets/img/
1 KB
2 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/five_stars.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26df3d49054793fba9186ef2fb4109703886118b69ebb4732d2fbbb5006043bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"e62d81533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
1455
testimonials.png
www.leafprotect.com/lpd29/assets/img/
15 KB
16 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/testimonials.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9917ecca471b0c86af2132bf490b39745fc87e756333d8f2215e292581cb5c62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"5fa9c0543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
15698
reviews.jpg
www.leafprotect.com/lpd29/assets/img/
101 KB
101 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/reviews.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
46d3e55d6ab483338811861e2291c140a3a42df7a5a318212d7e530c5f6f8584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"c77268543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
103447
lifetime_warranty.png
www.leafprotect.com/lpd29/assets/img/
58 KB
58 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/lifetime_warranty.png
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
041219cc782a37daf1b0744713b583f63f2ec01dbc995f3ce8c3fe03fc2c8747

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"9eeb20543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
59254
us_flag.jpg
www.leafprotect.com/lpd29/assets/img/
6 KB
7 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/us_flag.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb421fbe640f317bb05bece4737e97b22fefe54bdf93c667a0a247b7a0da839b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"81b64f553f69d81:0"
last-modified
Mon, 16 May 2022 16:09:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
6612
cd.js
sdk.helixbi.io/
16 KB
16 KB
Script
General
Full URL
https://sdk.helixbi.io/cd.js?ct_a=100779&ct_u=5AE6119516F7FA2A155F866558676EC6
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:4000:b:e21a:63c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jul 2020 22:46:04 GMT
server
AmazonS3
age
20012
etag
"fc0b3a91ad17eca1f1af0dea86fbb192"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 21 Jun 2022 11:37:00 GMT
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
16072
x-amz-cf-id
B_7fXigF5AqGx_xDumGEF5vEAEmQzW5YVuC8v4mvKxFGpBHyktrRdQ==
gtm.js
www.googletagmanager.com/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86267648ca0e7437a0e832e88f80ab5b6e97903bff0864268257b82ccf89faf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38702
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:03:44 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Jun 2022 17:10:31 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
8 KB
4 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Server
2600:9000:2162:e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 15:11:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C3
etag
W/"af2c721f28d4f08f6dd1e2d1538d6d5e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 fa486964c67c2a458a5e0fcec0e6f602.cloudfront.net (CloudFront)
x-amz-version-id
M4BYxzuwDsSLMzNpxHSURX978fUhoR5T
x-amz-cf-id
sdlTEDKbv3M_x5hSIybd52mGYHxhbsTbtc0QaIkWwptquPeS5jmmhA==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
date
Tue, 21 Jun 2022 17:10:31 GMT
server
awselb/2.0
content-length
134
content-type
text/html
testimonials.mp4
www.leafprotect.com/lpd29/assets/img/
857 KB
0
Media
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/testimonials.mp4
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
last-modified
Mon, 16 May 2022 16:09:39 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5fcd70583f69d81:0"
content-type
video/mp4
Content-Range
bytes 0-27267925/27267926
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
Content-Length
27267926
header_background.jpg
www.leafprotect.com/lpd29/assets/img/
601 KB
601 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/header_background.jpg
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff97f8db94b3aca8108e42d2ae57adf24b1a04eb03acc99888b14e40306cfef5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"2fc5fa533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
614918
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leafprotect.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:35:49 GMT
x-content-type-options
nosniff
age
509682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:35:49 GMT
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leafprotect.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:31:57 GMT
x-content-type-options
nosniff
age
509914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:31:57 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leafprotect.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:33:19 GMT
x-content-type-options
nosniff
age
509832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:33:19 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900,300italic,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.leafprotect.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 07:20:37 GMT
x-content-type-options
nosniff
age
35394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 07:20:37 GMT
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
gw
gw.helixbi.io/
43 B
223 B
Image
General
Full URL
https://gw.helixbi.io/gw?g.t=1655831431272&g.r=i&g.d=100779&g.u=5AE6119516F7FA2A155F866558676EC6&dv.gv=0.1.0&g.x=34DC768I39-3GBI-A5J3&g.i=1.1.0-JSW&v.i=34DC768I39-3GBI-A5J3&g.a=pv&p.t=Leaf%20Protect%20-%20Gutter%20Guards&s.sr=1600x1200&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1655831431272&s.s=1655831431272&v.fs=1655831431272&h.cm.id=7366&h.cm.lp=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F&h.cm.a1=42728&h.cm.a3=361656992&h.cm.fr=1655831431272&h.cm.rc=1&h.cm.ts=1655831431272&h.et=campaigns
Requested by
Host: www.leafprotect.com
URL: https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.74.249 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-74-249.us-west-2.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:10:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
server
Jetty(9.4.2.v20170220)
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
lfziplist.csv
www.leafprotect.com/lpd29/
241 KB
242 KB
XHR
General
Full URL
https://www.leafprotect.com/lpd29/lfziplist.csv
Requested by
Host: d3js.org
URL: https://d3js.org/d3.v4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
049cad6770942630aa89737ffd3c16b8aab32691147315e319d7d82065a4453d

Request headers

accept
text/csv,*/*
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"d586022675d81:0"
last-modified
Tue, 31 May 2022 15:50:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/octet-stream
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
247046
leaf_filter_medium_master_lookup.csv
www.leafprotect.com/lpd29/
82 B
305 B
XHR
General
Full URL
https://www.leafprotect.com/lpd29/leaf_filter_medium_master_lookup.csv
Requested by
Host: d3js.org
URL: https://d3js.org/d3.v4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
046992b1eb981447dd8ec5cdc413f8f41db8e3ce56c4bcea1e8d49e47a038158

Request headers

accept
text/csv,*/*
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
etag
"a088ec6b3f69d81:0"
last-modified
Mon, 16 May 2022 16:10:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/octet-stream
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
82
js
www.googletagmanager.com/gtag/
193 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
338e2f11beca787859ab0d9221e06b04fd526de39c38f2ecfe633b3c121b779d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70737
x-xss-protection
0
expires
Tue, 21 Jun 2022 17:10:31 GMT
up_loader.1.1.0.js
js.adsrvr.org/
4 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-138-162.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 20 Jun 2022 18:17:31 GMT
Via
1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
82381
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C2
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
ydz2Mz3brV_Nqgi_e0EVfzGQN0IFQXXdW8uEVxB_2xdwhMIsjCHtIQ==
minimal.js
s.inwjau.com/2/866659/
6 KB
3 KB
Script
General
Full URL
https://s.inwjau.com/2/866659/minimal.js?dt=8666591654525602143000&pd=mkt
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
171a57c3aac46adcb6b3971caac2d20be0f321bf30ee44b1f30ce871058a422b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Jun 2022 17:10:31 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2610
Expires
0
collect
analytics.google.com/g/
0
350 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3HHP2G7VL2&gtm=2oe6f0&_p=384810039&_z=ccd.v9B&_gaz=1&cid=2099478799.1655831432&ul=en-us&sr=1600x1200&_s=1&sid=1655831431&sct=1&seg=0&dl=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&dt=Leaf%20Protect%20-%20Gutter%20Guards&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:10:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leafprotect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
350 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HHP2G7VL2&cid=2099478799.1655831432&gtm=2oe6f0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Jun 2022 17:10:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leafprotect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?oz_pl=1&dt=8666591654525602143000&pd=mkt&ci=866659&_x=1
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/866659/minimal.js?dt=8666591654525602143000&pd=mkt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.inwjau.com/2/2.62.0/
160 KB
50 KB
Script
General
Full URL
https://s.inwjau.com/2/2.62.0/main.js
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/866659/minimal.js?dt=8666591654525602143000&pd=mkt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
88b108afe172ccaa440286f0786299af4b4801012a4b0dde7f58cfb5c03fcde9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 17:10:31 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
51059
Expires
Fri, 27 Feb 2054 11:34:38 GMT
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?oz_pl=1&dt=8666591654525602143000&pd=mkt&ci=866659&_x=1
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/866659/minimal.js?dt=8666591654525602143000&pd=mkt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:31 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
certs
api.trustedform.com/
475 B
686 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.75.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-75-131.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
5ff4e1a19dc619ac8e6b55f71f3cbd29b8c820aff3239ecb204d1b0ef28d52d4

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
/
match.adsrvr.org/track/upb/ Frame 1821
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
975 B
1 KB
Document
General
Full URL
https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
04cd806d5c12cf3bc97b4c5ba9579d771020f0954a02ef75933576719a0af2e5

Request headers

Referer
https://www.leafprotect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 21 Jun 2022 17:10:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 21 Jun 2022 17:10:32 GMT
location
https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831431973&oz_l=189&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
4cd0e447-45a9-4f7a-8149-26383d08ad41
https://www.leafprotect.com/ Frame 0758
185 B
0
Other
General
Full URL
blob:https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831432128&oz_l=4716&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
trustedform-1.8.26.js
cdn.trustedform.com/
97 KB
36 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.8.26.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16558314310820.28878853578322095
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:e00:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
YhD1w8vOtRO5jDnJaxxF8bLdiuVEBdVt
content-encoding
gzip
last-modified
Tue, 10 May 2022 15:11:25 GMT
server
AmazonS3
age
26
etag
W/"d9aa7fe810084b856ea5e1fed26caefa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa486964c67c2a458a5e0fcec0e6f602.cloudfront.net (CloudFront)
date
Tue, 21 Jun 2022 17:10:09 GMT
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
15OA6xelnNyVPM3xISjl9qPi8Q634EMszk16VkD-QlBp_6ph4Qw9nA==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 1821
487 B
964 B
Script
General
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Flpd29%2F%3Fhxc_id%3D7366%26hxc_a1%3D42728%26hxc_a2%3D%26hxc_a3%3D361656992&upid=j47mfq7&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-138-162.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Tue, 21 Jun 2022 02:42:01 GMT
Via
1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
52112
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C2
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
NCxbfpez80CoM1oqBvyBtcEr2Taw9IgDcLd8FfMBN2vPozt01B_HXQ==
snapshot
api.trustedform.com/certs/247c3c9c2f4a8ed3f786c18edcebc169bfc80672/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/247c3c9c2f4a8ed3f786c18edcebc169bfc80672/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.75.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-75-131.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 21 Jun 2022 17:10:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
coupon.png
www.leafprotect.com/lpd29/assets/img/
508 B
723 B
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/coupon.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de083de36fdcdd06cc2fee1a9745b710533f879f4f15489263948406a3db0894

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"537d70533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
508
logo.png
www.leafprotect.com/lpd29/assets/img/
13 KB
13 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/logo.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ff6cd35767a3ae36d7f1e1dfb5a3f3047f93ee246edddf5a1e90516316627a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"a1fe33543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
13021
18OffGraphic.png
www.leafprotect.com/lpd29/assets/img/
65 KB
65 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/18OffGraphic.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b21d485ee5d1c7a65d18f3fcabaa749759e977a8b88eea991542deb31e836409

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"5e9c8b523f69d81:0"
last-modified
Mon, 16 May 2022 16:09:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
66276
18offgraphicmobile.png
www.leafprotect.com/lpd29/assets/img/
62 KB
62 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/18offgraphicmobile.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c26c22bd9aadddefd0359187759d39dd419f379e1611ad743f8dff3219c9e874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"33fe8d523f69d81:0"
last-modified
Mon, 16 May 2022 16:09:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
63489
check.png
www.leafprotect.com/lpd29/assets/img/
7 KB
8 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/check.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5f10294e99ae026bc10a26696946fc16e8fc55de90ed838aa3072e19230ccac4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"c075b533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
7545
warranty.png
www.leafprotect.com/lpd29/assets/img/
12 KB
12 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/warranty.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
016a6ae91c64df0d7ee6f0c5490f9d838afa01e422af561939217dfe9bbd23c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"6acf8c563f69d81:0"
last-modified
Mon, 16 May 2022 16:09:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
12123
free_gutter_cleaning.png
www.leafprotect.com/lpd29/assets/img/
9 KB
9 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/free_gutter_cleaning.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c73d6d5e2b2435fa0feddbf96995c2cee4d435c24fff3e458615d03cd6e145c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"6cb78a533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
9177
card_1.jpg
www.leafprotect.com/lpd29/assets/img/
29 KB
29 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_1.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a2f1dd4688ec153517bc1573209ed851655b6ad7ae904f336cab1bbab92e7a4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"2967533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
29883
card_2.jpg
www.leafprotect.com/lpd29/assets/img/
34 KB
34 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_2.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
65402ddeab106000c1d8ec35d612b582e342f07ff271f6c4eac7b1a5c07ac7b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"6b1c30533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
34431
card_3.jpg
www.leafprotect.com/lpd29/assets/img/
40 KB
40 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_3.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
39ddc24297413a82320e45fe09534e5c95b3c5f724b4ab6bd10822a13f4c9dc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"75584a533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
40578
card_4.jpg
www.leafprotect.com/lpd29/assets/img/
28 KB
28 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/card_4.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0ef5f64b8cb2a8e0f00807dc81fa4a22d9fa64cc25bdc0882015520e20aaffbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"fba658533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
28757
five_stars.png
www.leafprotect.com/lpd29/assets/img/
1 KB
2 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/five_stars.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26df3d49054793fba9186ef2fb4109703886118b69ebb4732d2fbbb5006043bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"e62d81533f69d81:0"
last-modified
Mon, 16 May 2022 16:09:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
1455
testimonials.png
www.leafprotect.com/lpd29/assets/img/
15 KB
16 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/testimonials.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9917ecca471b0c86af2132bf490b39745fc87e756333d8f2215e292581cb5c62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"5fa9c0543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
15698
reviews.jpg
www.leafprotect.com/lpd29/assets/img/
101 KB
101 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/reviews.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
46d3e55d6ab483338811861e2291c140a3a42df7a5a318212d7e530c5f6f8584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"c77268543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
103447
lifetime_warranty.png
www.leafprotect.com/lpd29/assets/img/
58 KB
58 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/lifetime_warranty.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
041219cc782a37daf1b0744713b583f63f2ec01dbc995f3ce8c3fe03fc2c8747

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"9eeb20543f69d81:0"
last-modified
Mon, 16 May 2022 16:09:32 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/png
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
59254
us_flag.jpg
www.leafprotect.com/lpd29/assets/img/
6 KB
7 KB
Image
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/us_flag.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eb421fbe640f317bb05bece4737e97b22fefe54bdf93c667a0a247b7a0da839b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
etag
"81b64f553f69d81:0"
last-modified
Mon, 16 May 2022 16:09:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
image/jpeg
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
content-length
6612
fingerprints
api.trustedform.com/certs/247c3c9c2f4a8ed3f786c18edcebc169bfc80672/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/247c3c9c2f4a8ed3f786c18edcebc169bfc80672/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.75.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-75-131.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 21 Jun 2022 17:10:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
testimonials.mp4
www.leafprotect.com/lpd29/assets/img/
68 KB
0
Media
General
Full URL
https://www.leafprotect.com/lpd29/assets/img/testimonials.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.133.213.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-133-213-185.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://www.leafprotect.com/lpd29/?hxc_id=7366&hxc_a1=42728&hxc_a2=&hxc_a3=361656992
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 21 Jun 2022 17:10:32 GMT
last-modified
Mon, 16 May 2022 16:09:39 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5fcd70583f69d81:0"
content-type
video/mp4
Content-Range
bytes 0-27267925/27267926
cache-control
max-age=691200,max-age=691200;no-cache
accept-ranges
bytes
Content-Length
27267926
truncated
/
10 KB
10 KB
Other
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
text/javascript
generic
match.adsrvr.org/track/cmf/ Frame B679
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
70 B
568 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 21 Jun 2022 17:10:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
DCS
dcs-prod-va6-1-v034-0710b5be5.edge-va6.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Df8dXXt5S/U=
google
match.adsrvr.org/track/cmf/ Frame E085
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTMzODg5OTAtMjVhZi00MGNiLTkwOGItZGRlZGFhMzdkZGVm&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddeda...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YTMzODg5OTAtMjVhZi00MGNiLTkwOGItZGRlZGFhMzdkZGVm&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-dde...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_gid=CAESELn_EBYP5iNFkTdLfk7Q1Ac&google_cver=1
70 B
568 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_gid=CAESELn_EBYP5iNFkTdLfk7Q1Ac&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 21 Jun 2022 17:10:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Jun 2022 17:10:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a3388990-25af-40cb-908b-ddedaa37ddef&google_gid=CAESELn_EBYP5iNFkTdLfk7Q1Ac&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 9F59
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a3388990-25af-40cb-908b-ddedaa37ddef&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
568 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Tue, 21 Jun 2022 17:10:32 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
content-length
0
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831432374&oz_l=3317&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831432542&oz_l=845&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
7258a03a-ee65-4f85-9c5d-abb483692155
https://www.leafprotect.com/
795 B
0
Other
General
Full URL
blob:https://www.leafprotect.com/7258a03a-ee65-4f85-9c5d-abb483692155
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27d38b2bf6e2587c97b6f90924caaf92458968e2a33d8c529a1ffa2ffba8544a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
795
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831432699&oz_l=671&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831432885&oz_l=4901&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/
0
145 B
XHR
General
Full URL
https://s.inwjau.com/2/2.62.0/866659/AVdZFQECBAtk5uSG/postback?dt=8666591654525602143000&pd=mkt&ci=866659&sid=AVdZFQECBAtk5uSG&oz_sc=81131cd7b24c41f8ecd817fb&oz_df=1655831437264&oz_l=289&cv=3
Requested by
Host: s.inwjau.com
URL: https://s.inwjau.com/2/2.62.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.204.98.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-98-216.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.leafprotect.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 21 Jun 2022 17:10:37 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery object| d3 object| dataLayer function| helixtrack_parse_commandline object| ct_t object| Helix_t string| helixcampaign object| vlead object| zipList function| initial_setup function| setupFormValidate function| fixupComplianceURL function| loadZipList function| zcheck function| onSubmitForm function| form_validate function| processConversion function| sendLeadToHelix function| sendLeadToPartners function| processPartnerTags function| pageSetup_postConversion function| checkMedium function| pageSetup_postError function| popupDialog function| closePopUpDialog object| dialogMessages function| sendLeafLead string| appID string| unifier object| google_tag_manager object| google_tag_data object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording function| onYouTubeIframeAPIReady object| gaGlobal function| ttd_dom_ready function| TTDUniversalPixelApi boolean| ozoki_sv object| $$$ string| saved_tc string| saved_sc string| ________ok object| regeneratorRuntime function| miCallback

17 Cookies

Domain/Path Name / Value
.speedtrkgood.com/ Name: sq
Value: a4iv+rl0Q99f2V9vbHzcrbwC5q2ZLaK+wW7PwdGL+/6wOgz+5mLtjQ==
.speedtrkgood.com/ Name: ti
Value: evB3P73taULhMTChMDzpn7wC5q2ZLaK+wW7PwdGL+/6wOgz+5mLtjQ==
.speedtrkgood.com/ Name: c31839
Value: a4iv+rl0Q9/C0Kcd0r20Kcs6Ayz8a2Ji4eSLe/6S8HSLC57oIava7A==
.leafprotect.com/ Name: 100779_hxc
Value: o2~|#8477#!|#i/dn/je#!#8477#-#i/dn/gs#!#2766942542383#-#i/dn/sd#!#2#-#i/dn/ut#!#2766942542383#-#i/dn/mq#!#iuuqt&4B00xxx/mfbgqspufdu/dpn0mqe3:0#-#i/dn/b2#!#53839#-#i/dn/b4#!#472767::3#~~
.leafprotect.com/ Name: 100779_ps
Value: o2~|#d/u#!#276694254237:#-#w/j#!#45ED879J4:.4HCJ.B6K4#-#w/dg#!#2766942542383#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2766942542383#-#t/t#!#2766942542383#-#w/gt#!#2766942542383#-#w/dm#!#2766942542383#~
.leafprotect.com/ Name: 100779_ss
Value: o2~|#t/td#!#2#~
.leafprotect.com/ Name: 100779_cs
Value: o2~|#qh#!|~-#dnq#!|~~
.leafprotect.com/ Name: _gcl_au
Value: 1.1.1428260651.1655831431
.leafprotect.com/ Name: _ga_3HHP2G7VL2
Value: GS1.1.1655831431.1.0.1655831431.60
.leafprotect.com/ Name: _ga
Value: GA1.1.2099478799.1655831432
.adsrvr.org/ Name: TDID
Value: a3388990-25af-40cb-908b-ddedaa37ddef
.demdex.net/ Name: demdex
Value: 45740030427501884891143002245229155541
.dpm.demdex.net/ Name: dpm
Value: 45740030427501884891143002245229155541
.doubleclick.net/ Name: IDE
Value: AHWqTUnt8tgZkZ6ZA_a6N_UxK6miRhVFFhuNPSEtrmQjFv3nTlRywZme_jPaCCPsAZA
.rubiconproject.com/ Name: khaos
Value: L4OFA6KZ-16-1MYT
.rubiconproject.com/ Name: audit
Value: 1|NBaoiv8G2SyJyqt3oB4RDdgIMBngeC7qmPTwLHqRizubz16xSA9sXTdPOen3ssQInQQuXnwKVsuM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLtFL15nzC9gI1sH5AKLZC1fdtTGrCt2imqFNhRsx5C8PoNLyCZqmE+SvOPiZcgRZFNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIhobgtd_s6ToQBRIVCgZnb29nbGUSCwie1Jm53-zpOhAFEhYKB3J1Ymljb24SCwiGhuC13-zpOhAFGAUgAygDMgsIhv7i4vXs6ToQBTgBQgQiAggBWgd1dXQ2MDlyYAE.

2 Console Messages

Source Level URL
Text
worker error URL: blob:https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41
Message:
Mixed Content: The page at 'blob:https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41
Message:
Mixed Content: The page at 'blob:https://www.leafprotect.com/4cd0e447-45a9-4f7a-8149-26383d08ad41' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
api.trustedform.com
cdn.trustedform.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d3js.org
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
gw.helixbi.io
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mrktrecord13.com
mymorning79.com
pixel.rubiconproject.com
s.inwjau.com
sdk.helixbi.io
speedtrkgood.com
stats.g.doubleclick.net
www.googletagmanager.com
www.leafprotect.com
100.20.74.249
142.250.176.194
143.204.138.162
152.160.208.185
18.204.75.131
18.204.98.216
2600:9000:2140:4000:b:e21a:63c0:93a1
2600:9000:2162:e00:1c:7f1a:6680:93a1
2606:4700:20::ac43:497e
2606:4700::6811:180e
2607:f8b0:4004:c19::9d
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::200e
3.133.213.185
35.169.19.145
52.223.40.198
54.235.77.193
69.173.151.100
016a6ae91c64df0d7ee6f0c5490f9d838afa01e422af561939217dfe9bbd23c4
041219cc782a37daf1b0744713b583f63f2ec01dbc995f3ce8c3fe03fc2c8747
046992b1eb981447dd8ec5cdc413f8f41db8e3ce56c4bcea1e8d49e47a038158
049cad6770942630aa89737ffd3c16b8aab32691147315e319d7d82065a4453d
04cd806d5c12cf3bc97b4c5ba9579d771020f0954a02ef75933576719a0af2e5
0ef5f64b8cb2a8e0f00807dc81fa4a22d9fa64cc25bdc0882015520e20aaffbd
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
171a57c3aac46adcb6b3971caac2d20be0f321bf30ee44b1f30ce871058a422b
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f927033ee76826d059fb84aa7f34de7a100957e07629eb156994e956d5e9921
26df3d49054793fba9186ef2fb4109703886118b69ebb4732d2fbbb5006043bd
27d38b2bf6e2587c97b6f90924caaf92458968e2a33d8c529a1ffa2ffba8544a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
338e2f11beca787859ab0d9221e06b04fd526de39c38f2ecfe633b3c121b779d
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b
39ddc24297413a82320e45fe09534e5c95b3c5f724b4ab6bd10822a13f4c9dc7
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46
3da553cd44af722d8694511929b0ef169bdc64da092d8d337b429b0a3e7fe5ee
423756e5595a751aea277d94e31035800a3ad19acdec5883503e4cb75316c77f
46d3e55d6ab483338811861e2291c140a3a42df7a5a318212d7e530c5f6f8584
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f10294e99ae026bc10a26696946fc16e8fc55de90ed838aa3072e19230ccac4
5ff4e1a19dc619ac8e6b55f71f3cbd29b8c820aff3239ecb204d1b0ef28d52d4
5ff6cd35767a3ae36d7f1e1dfb5a3f3047f93ee246edddf5a1e90516316627a2
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65402ddeab106000c1d8ec35d612b582e342f07ff271f6c4eac7b1a5c07ac7b0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
8585db4092b8a9d26201e0d58e343d1b40fa034c4b9c343878923d7649bb1699
86267648ca0e7437a0e832e88f80ab5b6e97903bff0864268257b82ccf89faf0
88b108afe172ccaa440286f0786299af4b4801012a4b0dde7f58cfb5c03fcde9
8d646c4fbb71ea0f802daa283e0903f71b66a65a19fd47c7b59125e8ac426a0f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9865bc67868d02db5971f3ee46d4879063a0f21f5e5fd63c1f8e86a350b29ee4
9917ecca471b0c86af2132bf490b39745fc87e756333d8f2215e292581cb5c62
a2f1dd4688ec153517bc1573209ed851655b6ad7ae904f336cab1bbab92e7a4e
a3d55692df1a3ceed6066bb892b66180681a279a1671ee931f23afa599efc40b
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
b21d485ee5d1c7a65d18f3fcabaa749759e977a8b88eea991542deb31e836409
c26c22bd9aadddefd0359187759d39dd419f379e1611ad743f8dff3219c9e874
c73d6d5e2b2435fa0feddbf96995c2cee4d435c24fff3e458615d03cd6e145c4
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
de083de36fdcdd06cc2fee1a9745b710533f879f4f15489263948406a3db0894
dfd13dce176d0618ef070548d1270e8c292e6643a1d0eaf3e9f96f803383ebf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53126c3d97961d6d5828df1b2cd55237022736580c5dea7746e64392c315019
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb421fbe640f317bb05bece4737e97b22fefe54bdf93c667a0a247b7a0da839b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1
ff97f8db94b3aca8108e42d2ae57adf24b1a04eb03acc99888b14e40306cfef5