Submitted URL: https://secure.leaf9.com/
Effective URL: https://leaf9.com/
Submission: On July 28 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 61 HTTP transactions. The main IP is 209.59.182.76, located in United States and belongs to LIQUIDWEB, US. The main domain is leaf9.com.
TLS certificate: Issued by R11 on July 5th 2024. Valid for: 3 months.
This is the only time leaf9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
40 leaf9.com
secure.leaf9.com
leaf9.com
729 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
237 KB
3 funnelytics.io
cdn.funnelytics.io — Cisco Umbrella Rank: 128724
track-v3.funnelytics.io — Cisco Umbrella Rank: 213093
11 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 workers.dev
tracker-shield.funnelytics.workers.dev — Cisco Umbrella Rank: 205754
712 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
171 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
105 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
61 12
Domain Requested by
39 leaf9.com leaf9.com
4 fonts.gstatic.com fonts.googleapis.com
2 track-v3.funnelytics.io cdn.funnelytics.io
2 www.facebook.com leaf9.com
2 www.google.com www.googletagmanager.com
www.gstatic.com
2 connect.facebook.net leaf9.com
connect.facebook.net
1 tracker-shield.funnelytics.workers.dev cdn.funnelytics.io
1 content.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com leaf9.com
1 cdn.funnelytics.io leaf9.com
1 static.hotjar.com leaf9.com
1 www.googletagmanager.com leaf9.com
1 fonts.googleapis.com leaf9.com
1 secure.leaf9.com 1 redirects
61 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
www.instagram.com
Subject Issuer Validity Valid
leaf9.com
R11
2024-07-05 -
2024-10-03
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-06 -
2024-08-04
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.funnelytics.io
Amazon RSA 2048 M02
2023-10-04 -
2024-10-30
a year crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
funnelytics.workers.dev
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
funnelytics.io
Amazon RSA 2048 M02
2024-05-19 -
2025-06-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://leaf9.com/
Frame ID: 82849EA5F5323C1ED0C90E86B226F8F6
Requests: 60 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcaeUlAAAAAFk2Dv7qVPd6GDQdKGaYDypVv_Ur&co=aHR0cHM6Ly9sZWFmOS5jb206NDQz&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=2nzzw7fdwetp
Frame ID: A4BF8E8765B1210C472DFF5E645C7114
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

LEAF9 | Strategic Website Development & Marketing Solutions

Page URL History Show full URLs

  1. https://secure.leaf9.com/ HTTP 301
    https://leaf9.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Overall confidence: 100%
Detected patterns
  • uikit.*\.js

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

98 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

16
IPs

5
Countries

1221 kB
Transfer

3115 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.leaf9.com/ HTTP 301
    https://leaf9.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leaf9.com/
Redirect Chain
  • https://secure.leaf9.com/
  • https://leaf9.com/
84 KB
17 KB
Document
General
Full URL
https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
24afdd4b0eda0a66fb2d5e364be869cc9ea4490736218075d3f5c5201501eb09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
16890
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Jul 2024 03:00:22 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Hummingbird-Cache
Served
Keep-Alive
timeout=2, max=100
Link
<https://leaf9.com/wp-json/>; rel="https://api.w.org/", <https://leaf9.com/wp-json/wp/v2/pages/1259>; rel="alternate"; title="JSON"; type="application/json", <https://leaf9.com/>; rel=shortlink
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding,User-Agent

Redirect headers

cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 28 Jul 2024 03:00:22 GMT
expires
Sun, 28 Jul 2024 04:00:22 GMT
location
https://leaf9.com
server
Apache
x-pingback
https://secure.leaf9.com/xmlrpc.php
62ed582f0c01e1aa834d3dfeb5d8e7d7.css
leaf9.com/wp-content/uploads/hummingbird-assets/
131 KB
20 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/62ed582f0c01e1aa834d3dfeb5d8e7d7.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
98cc7060c4af4e57c1f5361c85317ade6b5a28f8da5bb4e76fdb29c87b7259c1

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:21 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
20586
Expires
Tue, 27 Aug 2024 03:00:22 GMT
81be8c921c22b04c89ea6eb21985869b.css
leaf9.com/wp-content/uploads/hummingbird-assets/
173 KB
25 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/81be8c921c22b04c89ea6eb21985869b.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
df7bdaf3ac7836e4899ad445dd87a5a0ec2776cdf14d4a1febbd4214e163b02e

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:21 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
24955
Expires
Tue, 27 Aug 2024 03:00:22 GMT
post-1259.css
leaf9.com/wp-content/uploads/elementor/css/
32 KB
3 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/uploads/elementor/css/post-1259.css?ver=1717080202
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
96f417c42e9b9ea78401708932721b8930474ad1c9639e563f255df78434cc70

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 May 2024 14:43:22 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
3010
Expires
Tue, 27 Aug 2024 03:00:22 GMT
5e1a4bc53cc326f2e43339e281f7124a.css
leaf9.com/wp-content/uploads/hummingbird-assets/
148 KB
23 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/5e1a4bc53cc326f2e43339e281f7124a.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
8deaf729c74021e49971086f4594c110f9132b6ede5165ea4e6ff125f595e176

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:22 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
22960
Expires
Tue, 27 Aug 2024 03:00:22 GMT
css
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 28 Jul 2024 03:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jul 2024 03:00:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Jul 2024 03:00:23 GMT
cad7a429972b3d00f183c9e9313e9377.css
leaf9.com/wp-content/uploads/hummingbird-assets/
86 KB
16 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/cad7a429972b3d00f183c9e9313e9377.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
4dcc540952bbfa19840baeff206270bab07049d823392ba9cc9d86798a30dec8

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:22 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
15990
Expires
Tue, 27 Aug 2024 03:00:22 GMT
805c453930bbf34ebe32ce236c8e1e46.js
leaf9.com/wp-content/uploads/hummingbird-assets/
99 KB
34 KB
Script
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/805c453930bbf34ebe32ce236c8e1e46.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:23 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
34451
Expires
Tue, 27 Aug 2024 03:00:22 GMT
js
www.googletagmanager.com/gtag/
300 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XJN7E9H9WT
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b5a1503fe44187f8cb94784ff687f0e027bba5fc9b806900cd516b51325ef0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 03:00:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107236
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jul 2024 03:00:24 GMT
leaf9-logo-new-reg.png
leaf9.com/wp-content/uploads/2023/05/
12 KB
12 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/leaf9-logo-new-reg.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
e9c8d6aded18eead265f9fe10c79153f58c66e2d582fc6b761f40ac0c20b2765

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Last-Modified
Tue, 09 May 2023 19:17:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=96
Content-Length
12060
Expires
Tue, 27 Aug 2024 03:00:22 GMT
leaf9-logo-new-whitegreen.png
leaf9.com/wp-content/uploads/2023/05/
12 KB
12 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/leaf9-logo-new-whitegreen.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
b7a2eab78fa1d3ada00d295674f2f1aee4b2ed0e9353ead95eadfe849e608cb2

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Tue, 09 May 2023 19:17:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
11985
Expires
Tue, 27 Aug 2024 03:00:23 GMT
widget-animated-headline.min.css
leaf9.com/wp-content/plugins/elementor-pro/assets/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/plugins/elementor-pro/assets/css/widget-animated-headline.min.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
29184f17949b90964c8794f9cc168b8ebfdf870f54622124a2196ab7ddf5f7ae

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
1680
Expires
Tue, 27 Aug 2024 03:00:23 GMT
strategy.png
leaf9.com/wp-content/uploads/2023/05/
12 KB
12 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/strategy.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
8331901154615baf29abcac9013171f1bcabee98b09295c2285aa8b97c8d527a

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Last-Modified
Thu, 18 May 2023 16:13:31 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
11826
Expires
Tue, 27 Aug 2024 03:00:22 GMT
code.png
leaf9.com/wp-content/uploads/2023/05/
10 KB
10 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/code.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
16d28c40e2ce0ce6a8752ad4e241354bc777f4399c8321532921f56fd07ac062

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Thu, 18 May 2023 16:13:30 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=94
Content-Length
9752
Expires
Tue, 27 Aug 2024 03:00:23 GMT
widget-icon-list.min.css
leaf9.com/wp-content/plugins/elementor/assets/css/
10 KB
1 KB
Stylesheet
General
Full URL
https://leaf9.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
d5b0b0cfa73017b83aae5c55f0e85bc8f0d4e8d371802e4df1feb38a87875736

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
975
Expires
Tue, 27 Aug 2024 03:00:23 GMT
leaf9-logo-white.png
leaf9.com/wp-content/uploads/2023/04/
4 KB
4 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/04/leaf9-logo-white.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
0908e92c4b2dbeae3747444adbc15af26a829dec54724b898e32aa09b0ee003f

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Wed, 19 Apr 2023 02:43:16 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=91
Content-Length
3592
Expires
Tue, 27 Aug 2024 03:00:23 GMT
main.bundle.js
leaf9.com/wp-content/plugins/textbuilder/public/dist/
0
343 B
Script
General
Full URL
https://leaf9.com/wp-content/plugins/textbuilder/public/dist/main.bundle.js?ver=1.1.1
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Thu, 20 Jun 2024 20:45:58 GMT
Server
Apache
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
0
Expires
Tue, 27 Aug 2024 03:00:23 GMT
d3693171459d006de6cd8e483c7e588a.js
leaf9.com/wp-content/uploads/hummingbird-assets/
25 KB
8 KB
Script
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/d3693171459d006de6cd8e483c7e588a.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
c79fa99abf460e733c9cc2c4b05bf5fa30d5fdee62ff07ad2c1ff06fd21f6c78

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:47:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
7324
Expires
Tue, 27 Aug 2024 03:00:23 GMT
bdt-uikit.min.js
leaf9.com/wp-content/plugins/bdthemes-element-pack/assets/js/
136 KB
47 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/bdthemes-element-pack/assets/js/bdt-uikit.min.js?ver=3.15.1
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
f85596ec3f6f6b81a52b4f554929e419de62cc825c27c7d78b916fd0d0ac7c20

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 21:42:33 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=95
Content-Length
47770
Expires
Tue, 27 Aug 2024 03:00:23 GMT
webpack.runtime.min.js
leaf9.com/wp-content/plugins/elementor/assets/js/
5 KB
3 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.5
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
2ab86704a301b18ea8ebe07f25798988c32a123117a255f790fc1ef6d681617b

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
2214
Expires
Tue, 27 Aug 2024 03:00:23 GMT
frontend-modules.min.js
leaf9.com/wp-content/plugins/elementor/assets/js/
62 KB
18 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.21.5
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
14d6197227f267c5ad7b8a20ac06f808a73153b3b9b70cbc467a3812b378aa11

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
17564
Expires
Tue, 27 Aug 2024 03:00:23 GMT
core.min.js
leaf9.com/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://leaf9.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Jul 2024 01:42:21 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=96
Content-Length
7106
Expires
Tue, 27 Aug 2024 03:00:23 GMT
d7bf4723ea46619630f9ecb1b6945677.js
leaf9.com/wp-content/uploads/hummingbird-assets/
42 KB
13 KB
Script
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/d7bf4723ea46619630f9ecb1b6945677.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
27be4a9f8bb58234b99d2ff98619c34911524e00dc0954d8f07138719761f08d

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:46:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=96
Content-Length
12825
Expires
Tue, 27 Aug 2024 03:00:23 GMT
webpack-pro.runtime.min.js
leaf9.com/wp-content/plugins/elementor-pro/assets/js/
6 KB
3 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
3953294ce60e7b22423d99f097e963be6ba72f093a8bbeb5b5adc15fc1cbfa6f

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=93
Content-Length
2652
Expires
Tue, 27 Aug 2024 03:00:23 GMT
cce46acaef3219d1bc7f4be298ba899c.js
leaf9.com/wp-content/uploads/hummingbird-assets/
13 KB
5 KB
Script
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/cce46acaef3219d1bc7f4be298ba899c.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
bbd90e143917692a4337dcdf0f9bdeb628ff4a3f7c3d9b3230b4b5f3de504c53

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:47:46 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=95
Content-Length
4923
Expires
Tue, 27 Aug 2024 03:00:23 GMT
03ee91b11fe5423c4d31292141ad1481.js
leaf9.com/wp-content/uploads/hummingbird-assets/
62 KB
15 KB
Script
General
Full URL
https://leaf9.com/wp-content/uploads/hummingbird-assets/03ee91b11fe5423c4d31292141ad1481.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
f0a92c0a5f316a0f3f77f6100f157c13ac67c1099eb670023aaf316e5b5b3d62

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jun 2024 20:47:46 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=92
Content-Length
15307
Expires
Tue, 27 Aug 2024 03:00:23 GMT
9d98e773-cca2-4fa4-a3e0-b90ee7b853cc
https://leaf9.com/
1 KB
0
Other
General
Full URL
blob:https://leaf9.com/9d98e773-cca2-4fa4-a3e0-b90ee7b853cc
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
fbevents.js
connect.facebook.net/en_US/
224 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 28 Jul 2024 03:00:24 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=12, mss=1297, tbw=2796, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
Jyf0IZcZPYEYwNTQiY2eXlXhkIJX8c8Ko8hk5x3fJKGV5tTeA2mDr9Qnr7UuHnu3O0CwUt1QUkg/I13K0zg6EA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-76421.js
static.hotjar.com/c/
11 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-76421.js?sv=6
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
246a518bef97fb55ab0546143e835e6235b05d03ab7a7ca66f9abf3d1c0c8837
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 03:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/052aa1395d4dc679a0f2020ef4c92af6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
CQSbUOFE-WCSAYDsI_vTKyUKLpIT-iTrdFT_ymlU1wFpzSeEktJEyA==
leaf9-logo-new-reg.png
leaf9.com/wp-content/uploads/2023/05/
12 KB
0
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/leaf9-logo-new-reg.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
e9c8d6aded18eead265f9fe10c79153f58c66e2d582fc6b761f40ac0c20b2765

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:22 GMT
Last-Modified
Tue, 09 May 2023 19:17:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
12060
Expires
Tue, 27 Aug 2024 03:00:22 GMT
leaf9-logo-new-whitegreen.png
leaf9.com/wp-content/uploads/2023/05/
12 KB
0
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/leaf9-logo-new-whitegreen.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
b7a2eab78fa1d3ada00d295674f2f1aee4b2ed0e9353ead95eadfe849e608cb2

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Tue, 09 May 2023 19:17:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
11985
Expires
Tue, 27 Aug 2024 03:00:23 GMT
LEAF9-Portfolio-21-1.jpg
leaf9.com/wp-content/uploads/2023/04/
160 KB
160 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/04/LEAF9-Portfolio-21-1.jpg
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/uploads/elementor/css/post-1259.css?ver=1717080202
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
1a5f10210be42c128cfbcc064c266564eb7b5576574e14c7b7d6f82ebcdfcd32

Request headers

Referer
https://leaf9.com/wp-content/uploads/elementor/css/post-1259.css?ver=1717080202
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Mon, 01 May 2023 01:53:40 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
163624
Expires
Tue, 27 Aug 2024 03:00:23 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:58:52 GMT
x-content-type-options
nosniff
age
399692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:58:52 GMT
uicore-icons.woff
leaf9.com/wp-content/plugins/uicore-framework/assets/fonts/
11 KB
7 KB
Font
General
Full URL
https://leaf9.com/wp-content/plugins/uicore-framework/assets/fonts/uicore-icons.woff?bc5uma
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/uploads/hummingbird-assets/5e1a4bc53cc326f2e43339e281f7124a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
4856606bde43c3abdfd6ab39ee7a769b6659fad927823eebdc1f43e85f86c018

Request headers

Referer
https://leaf9.com/wp-content/uploads/hummingbird-assets/5e1a4bc53cc326f2e43339e281f7124a.css
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 21:42:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
7259
Expires
Tue, 30 Jul 2024 03:00:23 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:10:57 GMT
x-content-type-options
nosniff
age
388167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:10:57 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:04:16 GMT
x-content-type-options
nosniff
age
258968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 03:04:16 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:19:22 GMT
x-content-type-options
nosniff
age
387662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:19:22 GMT
track-v3.js
cdn.funnelytics.io/
44 KB
10 KB
Script
General
Full URL
https://cdn.funnelytics.io/track-v3.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c204c346ee03fbcf8ae6d1a2e7974ef9fd3dec5848d74b44cd23a68bdcd3b247

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 03:00:26 GMT
content-encoding
br
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jun 2024 08:18:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
x-amz-server-side-encryption
AES256
etag
W/"c218c527ae112f26250ea299ccc49208"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
gDzINsbzm-UvlBHXz1kCTrbv6e5BJblvA1ei33G7onf8RQ-UnNDsCQ==
themify.woff
leaf9.com/wp-content/plugins/uicore-framework/assets/fonts/
55 KB
34 KB
Font
General
Full URL
https://leaf9.com/wp-content/plugins/uicore-framework/assets/fonts/themify.woff?-fvbane
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/uploads/hummingbird-assets/cad7a429972b3d00f183c9e9313e9377.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer
https://leaf9.com/wp-content/uploads/hummingbird-assets/cad7a429972b3d00f183c9e9313e9377.css
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 21:42:34 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=94
Content-Length
34523
Expires
Tue, 30 Jul 2024 03:00:23 GMT
fa-solid-900.woff2
leaf9.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
76 KB
77 KB
Font
General
Full URL
https://leaf9.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/uploads/hummingbird-assets/cad7a429972b3d00f183c9e9313e9377.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://leaf9.com/wp-content/uploads/hummingbird-assets/cad7a429972b3d00f183c9e9313e9377.css
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
font/woff2
Cache-Control
max-age=172800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Expires
Tue, 30 Jul 2024 03:00:23 GMT
optimize.png
leaf9.com/wp-content/uploads/2023/05/
13 KB
13 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/optimize.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
bd9fddab10d2648b32ae1b95bdac466754f4cf41170dd84e6776c94da3c1edb8

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Thu, 18 May 2023 16:13:31 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=90
Content-Length
12917
Expires
Tue, 27 Aug 2024 03:00:23 GMT
process.png
leaf9.com/wp-content/uploads/2023/05/
18 KB
19 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/process.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
da87933432155743a27095804286e0a7bc3570b3b232b89cfbd10096142ef766

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:23 GMT
Last-Modified
Thu, 18 May 2023 16:13:31 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=95
Content-Length
18754
Expires
Tue, 27 Aug 2024 03:00:23 GMT
report.png
leaf9.com/wp-content/uploads/2023/05/
8 KB
8 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/05/report.png
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
7cbeb2f3b07e067e6c0922d9040d7edc4f19e3143d201b5a1a5bfd583ce48fa3

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:24 GMT
Last-Modified
Thu, 18 May 2023 16:13:31 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
8033
Expires
Tue, 27 Aug 2024 03:00:24 GMT
BenKouba.jpg
leaf9.com/wp-content/uploads/2023/04/
86 KB
86 KB
Image
General
Full URL
https://leaf9.com/wp-content/uploads/2023/04/BenKouba.jpg
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
9a4eed1b19c1c85d6e84710ef7d2beeb627d2dc8ce2d85e730c70e6ba6cd6090

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:24 GMT
Last-Modified
Sun, 23 Apr 2023 02:03:21 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=93
Content-Length
87760
Expires
Tue, 27 Aug 2024 03:00:24 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/
517 KB
205 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/uploads/hummingbird-assets/d3693171459d006de6cd8e483c7e588a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
Origin
https://leaf9.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:50:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209238
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 04:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Jul 2025 11:50:45 GMT
726911057429362
connect.facebook.net/signals/config/
68 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/726911057429362?v=2.9.162&r=stable&domain=leaf9.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cfa1df533a5259c5878b37dc170742837a710d9ba8e2cdb30438458a11706f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 28 Jul 2024 03:00:25 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=1, c=67, mss=1297, tbw=64245, tp=-1, tpl=-1, uplat=632, ullat=0
pragma
public
x-fb-debug
7w5s5j3UwKeuvoMXU5lIKPCPRiWEeH7OjV0zcP5Mh+WrlK2pVB3zVZJWLTsXYqm1nIVOblUHvh88+f+PloznFQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XJN7E9H9WT&gtm=45je47o0v9111339292za200&_p=1722135624470&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=1928554046.1722135625&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722135624&sct=1&seg=0&dl=https%3A%2F%2Fleaf9.com%2F&dt=LEAF9%20%7C%20Strategic%20Website%20Development%20%26%20Marketing%20Solutions&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3210
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XJN7E9H9WT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jul 2024 03:00:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leaf9.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fleaf9.com%2F&frm=0&rnd=390368711.1722135625&auid=2071238717.1722135625&npa=1&gtm=45je47o0v9111339292za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&tft=1722135624965&tfd=3218&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XJN7E9H9WT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

modules.6c69b5997f314810cfe8.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-76421.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 09:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
407958
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56293
last-modified
Tue, 23 Jul 2024 09:40:30 GMT
etag
"30c513084f4759247a82ab90e6ffe4cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4IzeHkAUq_PDe-l1c6D5_89hacik0ZEOyXbGv_ed98lMNFbHehXFsg==
wp-emoji-release.min.js
leaf9.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://leaf9.com/wp-includes/js/wp-emoji-release.min.js?ver=fbd31350e08abf99a66a3359bca8a8f2
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2024 01:38:37 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=89
Content-Length
5062
Expires
Tue, 27 Aug 2024 03:00:24 GMT
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=76421&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.34.100.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-100-118.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
197294c59d9ed7f6fcca48d60152cce3dd378eab8169bb4eee1bc2ece58f14d0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 28 Jul 2024 03:00:25 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
anchor
www.google.com/recaptcha/api2/ Frame A4BF
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcaeUlAAAAAFk2Dv7qVPd6GDQdKGaYDypVv_Ur&co=aHR0cHM6Ly9sZWFmOS5jb206NDQz&hl=en&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=2nzzw7fdwetp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aiz800U7qU_ViJLAH36-Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leaf9.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aiz800U7qU_ViJLAH36-Rw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jul 2024 03:00:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
572a898e-0fa4-4326-875a-127bc2cb8086
tracker-shield.funnelytics.workers.dev/settings/
121 B
712 B
XHR
General
Full URL
https://tracker-shield.funnelytics.workers.dev/settings/572a898e-0fa4-4326-875a-127bc2cb8086
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aea3812d99d90058557ca7344c144a8e14e30536a5402f92895b2a45ff42724

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 03:00:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amzn-requestid
eba818a6-241d-432c-8fa3-54f5b9eb732f
x-amzn-trace-id
Root=1-66a5b449-65f9d34d25a975c321a55eda;Parent=2354f350de055787;Sampled=0;lineage=329fa906:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMcs3c%2Bh0JqmKzvCB4RxBwL3UTpWtzCFyX%2FnMy004OwR0KSlUXO5DpVebxlEwY2RBxt8mhGlix7jp1Vc5X1BRMqIK29c1Zu3SWsGK6mhQkIRMOlVy42sGgFGArIfmvehIXc9YyMiGM4ZVVhjzvqy3d3VuZHN%2BaTBQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
8aa19e6c7bc9193c-FRA
x-amz-apigw-id
bmkbmHO84osECZg=
alt-svc
h3=":443"; ma=86400
animated-headline.3efc6517c2a055f6c242.bundle.min.js
leaf9.com/wp-content/plugins/elementor-pro/assets/js/
8 KB
3 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/elementor-pro/assets/js/animated-headline.3efc6517c2a055f6c242.bundle.min.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.21.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
afa16733e624088e79c385be814bd23dab1efb21ec8148eff2310d3729cf9321

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:26 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
2723
Expires
Tue, 27 Aug 2024 03:00:24 GMT
text-editor.2c35aafbe5bf0e127950.bundle.min.js
leaf9.com/wp-content/plugins/elementor/assets/js/
1 KB
1 KB
Script
General
Full URL
https://leaf9.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by
Host: leaf9.com
URL: https://leaf9.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.21.5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
a5c467eeec880a0019a4da61595410a94cc75ad8e63552fc8705245221bfa126

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 12:42:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=94
Content-Length
666
Expires
Tue, 27 Aug 2024 03:00:24 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=726911057429362&ev=PageView&dl=https%3A%2F%2Fleaf9.com%2F&rl=&if=false&ts=1722135625711&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722135625689.271388288787729086&cs_est=true&ler=empty&cdl=API_unavailable&it=1722135624781&coo=false&rqm=GET
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 28 Jul 2024 03:00:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=726911057429362&ev=PageView&dl=https%3A%2F%2Fleaf9.com%2F&rl=&if=false&ts=1722135625711&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722135625689.271388288787729086&cs_est=true&ler=empty&cdl=API_unavailable&it=1722135624781&coo=false&rqm=FGET
Requested by
Host: leaf9.com
URL: https://leaf9.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 28 Jul 2024 03:00:26 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7396516190702479412", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1297, tbw=3097, tp=-1, tpl=-1, uplat=236, ullat=0
pragma
no-cache
x-fb-debug
DaJQmFDOvNskSlxRszfu+JShV+VIHmHLzi/U5yBqzY++xaL+2Qch8pQyIUC78ySellhd32qBaNlcDvzSCpzq8g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7396516190702479412"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sessions
track-v3.funnelytics.io/
37 B
278 B
XHR
General
Full URL
https://track-v3.funnelytics.io/sessions
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.156.106.127 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-156-106-127.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
595ef3117c60b0069abb09f13159a02f2385d765d8df64b9976d088a74d4d671

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 28 Jul 2024 03:00:26 GMT
x-amzn-trace-id
Root=1-66a5b44a-337f897d1708ce8a72fbdc29;Parent=3b8750fd925cbb19;Sampled=0;lineage=0771d7cb:0
x-amzn-requestid
a65fba46-713f-4d4e-9081-4bf2d8999950
content-length
37
x-amz-apigw-id
bmkbsEq44osEibg=
content-type
application/json
steps
track-v3.funnelytics.io/
58 B
299 B
XHR
General
Full URL
https://track-v3.funnelytics.io/steps
Requested by
Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.156.106.127 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-156-106-127.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
4d9baddd1466dcb45ec21099bc75df3e46f3650773d05435c0dd958c63593154

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 28 Jul 2024 03:00:27 GMT
x-amzn-trace-id
Root=1-66a5b44b-4796f1e956f89e940a7a6c79;Parent=3ee39e718da83822;Sampled=0;lineage=807920d6:0
x-amzn-requestid
33c78646-caa0-45df-a57a-1918687aad40
content-length
58
x-amz-apigw-id
bmkbxEFX4osEfHQ=
content-type
application/json
leaffavicon.png
leaf9.com/wp-content/uploads/2023/04/
6 KB
6 KB
Other
General
Full URL
https://leaf9.com/wp-content/uploads/2023/04/leaffavicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
09c36846526cf095a0f9099f7afe6a92d89ad52a5e32464a6f6db92531d600d7

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:25 GMT
Last-Modified
Sat, 22 Apr 2023 22:14:20 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=98
Content-Length
5728
Expires
Tue, 27 Aug 2024 03:00:25 GMT
leaffavicon.png
leaf9.com/wp-content/uploads/2023/04/
6 KB
0
Other
General
Full URL
https://leaf9.com/wp-content/uploads/2023/04/leaffavicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.59.182.76 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache /
Resource Hash
09c36846526cf095a0f9099f7afe6a92d89ad52a5e32464a6f6db92531d600d7

Request headers

Referer
https://leaf9.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 28 Jul 2024 03:00:25 GMT
Last-Modified
Sat, 22 Apr 2023 22:14:20 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
5728
Expires
Tue, 27 Aug 2024 03:00:25 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| uicore_animations_list object| _wpemojiSettings function| jQuery function| gtag object| dataLayer function| fbq function| _fbq function| hj object| _hjSettings object| uicore_frontend object| funnelytics object| gforms_recaptcha_recaptcha_strings object| topbarItems object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| uicoreJsonp function| Waypoint object| element_pack_ajax_login_config object| ElementPackConfig function| bdtUIkit object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunkelementor object| elementorModules object| elementorFrontendConfig object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| recaptcha function| debounce function| copyToClipboard object| elementorFrontend object| webpackChunkelementor_pro object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorProFrontend object| closure_lm_805988 function| onYouTubeIframeAPIReady object| cookies object| twemoji

7 Cookies

Domain/Path Name / Value
.leaf9.com/ Name: _ga_XJN7E9H9WT
Value: GS1.1.1722135624.1.0.1722135624.0.0.0
.leaf9.com/ Name: _ga
Value: GA1.1.1928554046.1722135625
.leaf9.com/ Name: _gcl_au
Value: 1.1.2071238717.1722135625
.leaf9.com/ Name: _hjSessionUser_76421
Value: eyJpZCI6ImQ3MDkzNTY2LTk4ZTYtNWRjZi05MmVjLWI4NDMzZDQzODUzZCIsImNyZWF0ZWQiOjE3MjIxMzU2MjU0MzMsImV4aXN0aW5nIjp0cnVlfQ==
.leaf9.com/ Name: _hjSession_76421
Value: eyJpZCI6ImM5ZDg0MTY3LTkyNGUtNDBkYi05OTM2LWMyNjlkZWY1OTg2YyIsImMiOjE3MjIxMzU2MjU0MzUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.leaf9.com/ Name: _fbp
Value: fb.1.1722135625689.271388288787729086
.leaf9.com/ Name: _fs
Value: 16654749488-15373582402

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.funnelytics.io
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
leaf9.com
region1.google-analytics.com
script.hotjar.com
secure.leaf9.com
static.hotjar.com
track-v3.funnelytics.io
tracker-shield.funnelytics.workers.dev
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.32.27.19
15.156.106.127
172.217.18.4
176.34.100.118
18.66.102.106
188.114.97.3
2001:4860:4802:34::36
209.59.182.76
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.160.150.5
67.227.198.33
0908e92c4b2dbeae3747444adbc15af26a829dec54724b898e32aa09b0ee003f
09c36846526cf095a0f9099f7afe6a92d89ad52a5e32464a6f6db92531d600d7
0b5a1503fe44187f8cb94784ff687f0e027bba5fc9b806900cd516b51325ef0f
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
14d6197227f267c5ad7b8a20ac06f808a73153b3b9b70cbc467a3812b378aa11
16d28c40e2ce0ce6a8752ad4e241354bc777f4399c8321532921f56fd07ac062
197294c59d9ed7f6fcca48d60152cce3dd378eab8169bb4eee1bc2ece58f14d0
1a5f10210be42c128cfbcc064c266564eb7b5576574e14c7b7d6f82ebcdfcd32
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
246a518bef97fb55ab0546143e835e6235b05d03ab7a7ca66f9abf3d1c0c8837
24afdd4b0eda0a66fb2d5e364be869cc9ea4490736218075d3f5c5201501eb09
27be4a9f8bb58234b99d2ff98619c34911524e00dc0954d8f07138719761f08d
29184f17949b90964c8794f9cc168b8ebfdf870f54622124a2196ab7ddf5f7ae
2ab86704a301b18ea8ebe07f25798988c32a123117a255f790fc1ef6d681617b
3953294ce60e7b22423d99f097e963be6ba72f093a8bbeb5b5adc15fc1cbfa6f
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
4856606bde43c3abdfd6ab39ee7a769b6659fad927823eebdc1f43e85f86c018
4aea3812d99d90058557ca7344c144a8e14e30536a5402f92895b2a45ff42724
4b20abde9f7eb27dc344dbbb35f59aba01e4cc70262c07c260beadef9072f25e
4cfa1df533a5259c5878b37dc170742837a710d9ba8e2cdb30438458a11706f4
4d9baddd1466dcb45ec21099bc75df3e46f3650773d05435c0dd958c63593154
4dcc540952bbfa19840baeff206270bab07049d823392ba9cc9d86798a30dec8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
595ef3117c60b0069abb09f13159a02f2385d765d8df64b9976d088a74d4d671
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
7cbeb2f3b07e067e6c0922d9040d7edc4f19e3143d201b5a1a5bfd583ce48fa3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
8331901154615baf29abcac9013171f1bcabee98b09295c2285aa8b97c8d527a
8deaf729c74021e49971086f4594c110f9132b6ede5165ea4e6ff125f595e176
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96f417c42e9b9ea78401708932721b8930474ad1c9639e563f255df78434cc70
98cc7060c4af4e57c1f5361c85317ade6b5a28f8da5bb4e76fdb29c87b7259c1
9a4eed1b19c1c85d6e84710ef7d2beeb627d2dc8ce2d85e730c70e6ba6cd6090
a5c467eeec880a0019a4da61595410a94cc75ad8e63552fc8705245221bfa126
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afa16733e624088e79c385be814bd23dab1efb21ec8148eff2310d3729cf9321
b7a2eab78fa1d3ada00d295674f2f1aee4b2ed0e9353ead95eadfe849e608cb2
bbd90e143917692a4337dcdf0f9bdeb628ff4a3f7c3d9b3230b4b5f3de504c53
bd9fddab10d2648b32ae1b95bdac466754f4cf41170dd84e6776c94da3c1edb8
c204c346ee03fbcf8ae6d1a2e7974ef9fd3dec5848d74b44cd23a68bdcd3b247
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
c79fa99abf460e733c9cc2c4b05bf5fa30d5fdee62ff07ad2c1ff06fd21f6c78
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d5b0b0cfa73017b83aae5c55f0e85bc8f0d4e8d371802e4df1feb38a87875736
da87933432155743a27095804286e0a7bc3570b3b232b89cfbd10096142ef766
df7bdaf3ac7836e4899ad445dd87a5a0ec2776cdf14d4a1febbd4214e163b02e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c8d6aded18eead265f9fe10c79153f58c66e2d582fc6b761f40ac0c20b2765
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f0a92c0a5f316a0f3f77f6100f157c13ac67c1099eb670023aaf316e5b5b3d62
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f85596ec3f6f6b81a52b4f554929e419de62cc825c27c7d78b916fd0d0ac7c20