urlscan.io logo urlscan.io
SecurityTrails logo

lawsuitwinning-usa.com Open in urlscan Pro
172.67.148.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ladbh6fg.com/62jk1xr/bg7pjz1/?aff_sub1=2&aff_sub2=8481_18&aff_sub3=37_126394_780_3254174_md
Effective URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Submission: On January 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 87 HTTP transactions. The main IP is 172.67.148.175, located in United States and belongs to CLOUDFLARENET, US. The main domain is lawsuitwinning-usa.com.
TLS certificate: Issued by GTS CA 1P5 on December 17th 2023. Valid for: 3 months.
This is the only time lawsuitwinning-usa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.120.82.94 396982 (GOOGLE-CL...)
1 1 54.196.173.211 14618 (AMAZON-AES)
1 1 54.92.196.123 14618 (AMAZON-AES)
20 104.21.64.44 13335 (CLOUDFLAR...)
7 142.250.64.106 15169 (GOOGLE)
16 104.130.58.50 27357 (RACKSPACE)
1 172.64.141.13 13335 (CLOUDFLAR...)
1 142.251.40.234 15169 (GOOGLE)
1 142.251.40.163 15169 (GOOGLE)
1 2 54.191.253.155 16509 (AMAZON-02)
33 172.67.148.175 13335 (CLOUDFLAR...)
1 104.18.27.50 ()
1 172.64.175.24 ()
1 192.96.202.199 ()
87 12
1    34.120.82.94 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 94.82.120.34.bc.googleusercontent.com
ladbh6fg.com
1    54.196.173.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-173-211.compute-1.amazonaws.com
lp.cns0nna.com
1    54.92.196.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-196-123.compute-1.amazonaws.com
admtrx.com
20    104.21.64.44 (None, )

ASN13335 (CLOUDFLARENET, US)
rtrcr52.com
7    142.250.64.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net
ajax.googleapis.com
16    104.130.58.50 (United States)

ASN27357 (RACKSPACE, US)
common.admediary.com
1    172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    142.251.40.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net
fonts.googleapis.com
1    142.251.40.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f3.1e100.net
fonts.gstatic.com
2    54.191.253.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-253-155.us-west-2.compute.amazonaws.com
findloansforme.com
33    172.67.148.175 (United States)

ASN13335 (CLOUDFLARENET, US)
lawsuitwinning-usa.com
1    104.18.27.50 (None, )

ASN- ()
cdn.mouseflow.com
1    172.64.175.24 (None, )

ASN- ()
secureanalytic.com
1    192.96.202.199 (None, )

ASN- ()
n2.mouseflow.com
Apex Domain
Subdomains		 Transfer
33 lawsuitwinning-usa.com
lawsuitwinning-usa.com
431 KB
20 rtrcr52.com
rtrcr52.com
84 KB
16 admediary.com
common.admediary.com
44 KB
8 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
279 KB
2 mouseflow.com
cdn.mouseflow.com
n2.mouseflow.com
58 KB
2 findloansforme.com
findloansforme.com
1 KB
1 secureanalytic.com
secureanalytic.com
event.secureanalytic.com Failed
3 KB
1 gstatic.com
fonts.gstatic.com
15 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
10 KB
1 admtrx.com
admtrx.com
572 B
1 cns0nna.com
lp.cns0nna.com
631 B
1 ladbh6fg.com
ladbh6fg.com
647 B
87 12
Domain Requested by
33 lawsuitwinning-usa.com lawsuitwinning-usa.com
ajax.googleapis.com
20 rtrcr52.com rtrcr52.com
16 common.admediary.com rtrcr52.com
7 ajax.googleapis.com rtrcr52.com
findloansforme.com
lawsuitwinning-usa.com
2 findloansforme.com 1 redirects rtrcr52.com
1 n2.mouseflow.com cdn.mouseflow.com
1 secureanalytic.com lawsuitwinning-usa.com
1 cdn.mouseflow.com lawsuitwinning-usa.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com rtrcr52.com
1 use.fontawesome.com rtrcr52.com
1 admtrx.com 1 redirects
1 lp.cns0nna.com 1 redirects
1 ladbh6fg.com 1 redirects
0 event.secureanalytic.com Failed secureanalytic.com
87 15

This site contains links to these domains. Also see Links.

Domain
inpermit.com
Subject Issuer Validity Valid
rtrcr52.com
GTS CA 1P5		 2023-11-27 -
2024-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.admediary.com
R3		 2023-11-14 -
2024-02-12		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
lawsuitwinning-usa.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
cdn.mouseflow.com
Cloudflare Inc ECC CA-3		 2023-10-25 -
2024-10-23		 a year crt.sh
secureanalytic.com
E1		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.mouseflow.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-28 -
2024-09-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Frame ID: D0C6A2492930E917A5761A31F58E425B
Requests: 85 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LawsuitWinning-USALawsuit Winning USA

Page URL History Show full URLs

  1. http://ladbh6fg.com/62jk1xr/bg7pjz1/?aff_sub1=2&aff_sub2=8481_18&aff_sub3=37_126394_780_3254174_md HTTP 302
    https://lp.cns0nna.com/4P7M9M/LW9WN6/?source_id=3118&sub1=f64331e3a5aa41e18cacfed865b589fc HTTP 302
    https://admtrx.com/?a=3600&c=19449&s1=&s1=3118&s2=3646a32c8c6c448aa22905bc740e5df8&s3=4P7M9M HTTP 302
    https://rtrcr52.com/l1/?&s1=3600 Page URL
  2. https://rtrcr52.com/submit Page URL
  3. http://findloansforme.com/?https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&s... Page URL
  4. http://findloansforme.com/ HTTP 302
    https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

87
Requests

94 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

12
IPs

2
Countries

925 kB
Transfer

2232 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ladbh6fg.com/62jk1xr/bg7pjz1/?aff_sub1=2&aff_sub2=8481_18&aff_sub3=37_126394_780_3254174_md HTTP 302
    https://lp.cns0nna.com/4P7M9M/LW9WN6/?source_id=3118&sub1=f64331e3a5aa41e18cacfed865b589fc HTTP 302
    https://admtrx.com/?a=3600&c=19449&s1=&s1=3118&s2=3646a32c8c6c448aa22905bc740e5df8&s3=4P7M9M HTTP 302
    https://rtrcr52.com/l1/?&s1=3600 Page URL
  2. https://rtrcr52.com/submit Page URL
  3. http://findloansforme.com/?https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email= Page URL
  4. http://findloansforme.com/ HTTP 302
    https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ladbh6fg.com/62jk1xr/bg7pjz1/?aff_sub1=2&aff_sub2=8481_18&aff_sub3=37_126394_780_3254174_md HTTP 302
  • https://lp.cns0nna.com/4P7M9M/LW9WN6/?source_id=3118&sub1=f64331e3a5aa41e18cacfed865b589fc HTTP 302
  • https://admtrx.com/?a=3600&c=19449&s1=&s1=3118&s2=3646a32c8c6c448aa22905bc740e5df8&s3=4P7M9M HTTP 302
  • https://rtrcr52.com/l1/?&s1=3600

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rtrcr52.com/l1/
Redirect Chain
  • http://ladbh6fg.com/62jk1xr/bg7pjz1/?aff_sub1=2&aff_sub2=8481_18&aff_sub3=37_126394_780_3254174_md
  • https://lp.cns0nna.com/4P7M9M/LW9WN6/?source_id=3118&sub1=f64331e3a5aa41e18cacfed865b589fc
  • https://admtrx.com/?a=3600&c=19449&s1=&s1=3118&s2=3646a32c8c6c448aa22905bc740e5df8&s3=4P7M9M
  • https://rtrcr52.com/l1/?&s1=3600
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
2f06618662105b1982892b7a2593d9992877b0c7c462625442cc8f5806391e92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
849cb28c3c53101b-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 02:44:54 GMT
expires
Tue, 01 Jan 2000 00:00:00 GMT
last-modified
Tue, 23 Jan 2024 02:44:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ced%2BIhrraA2CWXdouDxSoSdAHkfDNOPOPujeatsxpCfX7VoDIBicPCjClMn76viEDIH3FRWhnUSbEFJQr9Msh9%2FDaBg%2B41sMNP%2BYD94ATpzk%2B9DesOR3VEIQJLw4pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27

Redirect headers

cache-control
private
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 02:44:53 GMT
location
https://rtrcr52.com/l1/?&s1=3600
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:20:42 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/ 		188 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/jquery-ui.min.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 15:34:49 GMT
adm_global.js
common.admediary.com/js/ 		584 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_global.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
e3055298e7cc36340257a3df910f796342a9e5f93218ed70edd0797530720c9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:37 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"248-5be1288c73a40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
212
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_validate.js
common.admediary.com/js/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_validate.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
12102851881cc9ad92a8e8befd0864e8cc6ab6aed499cfed04aafa81db99730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:43 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"aa83-5be128922c7c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6649
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_prepop.js
common.admediary.com/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_prepop.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
05857ee6e96fa1de8419fef3b5a92a6a85956a4583587313fb504f0f82404e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 15:09:22 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"3aff-5ffd2e6b74365-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3047
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_staticdata.js
common.admediary.com/js/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_staticdata.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
c5cc9b28c8440b205755d31b3581b873fffeb842f04d9e9ff5490a94da1610e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 22:49:33 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"51ec-6078cc0edbc02-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2624
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_lead.js
common.admediary.com/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_lead.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
f13106bffb48ca1d8b703698c776605df8bd10b9cb0085ac3a474eee4759ea7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 15:09:27 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"41cd-5ffd2e70753f6-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2714
expires
Wed, 24 Jan 2024 02:44:54 GMT
jquery.popunder.js
common.admediary.com/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/jquery.popunder.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
bb1ec7e6c4c16c331947b9c7da60f04247ea3ef6d9961b1d3d376fb8f50340a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 06:17:56 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"355b-5be42427a8d00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3405
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_weather.js
common.admediary.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_weather.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
aca28693be924ebda401a62b06e3c3910838e482410c149055abd20ffb9a23bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 14:50:12 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"103d-5be0d10f69100-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1090
expires
Wed, 24 Jan 2024 02:44:54 GMT
adm_track.js
common.admediary.com/js/ 		2 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_track.js?gitkUmBL29gzF4Ya
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
fcb2a3e0b45ff89577b43af40108a392a2526473deaed7ae690bfc2a19a413ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:43 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"6be-5be128922c7c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
550
expires
Wed, 24 Jan 2024 02:44:54 GMT
prepoptranslate.js
rtrcr52.com/_short/js/cash/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_short/js/cash/prepoptranslate.js?ecENUt7862zoHBgF
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4ad5d4f0df33409d3a3a26d6d19fffec3dcefbc53d9f08aeb9f491415ecd66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 29 Jun 2021 19:05:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b83-5c5ec4ae48fc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CziSRfH1Ne%2BM6LWQoCvHyu3ENKm8f8fldDM2e4wsLx4wK1HHg6oWh9VQ5NiV9FctIUeun72n%2BmDrpSyBNwKaUaz1R5%2FRw1pJPlH4XJXVb%2FII8NbQpKkAT8qZGh8wtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb28e88ee101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:54 GMT
validate.js
rtrcr52.com/js/ 		0
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/validate.js?l7ioPWFe2HRUYcg0
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0-5be129611f000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS%2BeP5X3xlrHIu1h7Yd4Vm3eUw59V%2BVnJbNy6C6NuInEPnXUOoFGbhs0e4%2FgE4y0mdXhL3uajEs2qwgUzMCuEHihV6kmhpKeYU7B%2BXONN9zaogfviMcckdpEELrwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
849cb28e88f1101b-LAX
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Wed, 24 Jan 2024 02:44:54 GMT
common.js
rtrcr52.com/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/common.js?zPaUgYRq7vmxE5zN
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20f7f998737718cadc6d32d3a32980a34bd0001275bbd53a3e4f479146cb1d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3957-5be129611f000-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdm6SWmaDrXVVHs8p6s28oBCz0DdMrsWIgRDh6%2BMKRGkXY0x73CasLh%2B7m2LknfN99J2ZC9SXsmTToGGwbbNsqv1t3yyy8G2MOvBpyZ4sLNgck6uTDpZTIAmwUT3Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb28e88f4101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:54 GMT
jspopunder.js
rtrcr52.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/jspopunder.js?bUsWF192EzLYm0qR
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa130a42a1a1051cbd9cb04f3344788d1242eca02dd69a3d05667517ad3d560e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:53:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1ab8-5be0d1c778340-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rj4F%2FrHZwgNk0hHEGIQmTUkbQexmmSsFHRrAytrJk2BDJ8HRtx3GC%2FD7Lmtkn1pPMaj1SPLebrqH1YaS97uiS6C%2FmWz6%2FfFyLuK%2F2xxA4OnwSULjZURXuiaZ28n8rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb28e88f6101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:54 GMT
geo.js
rtrcr52.com/js/ 		77 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/geo.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ba72bbd51bd246abdd66137b6daa6994202a50a1dafdfb906071f54b7498b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 24 Mar 2021 06:21:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4d-5be424e84d380-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN7EF%2BUr84q8OlSIv4B68E9Xuhy4k8JjJxK8ti%2FWV7QPL7IUO2GCXr4CBznuOPl3ye7%2F8JEazfjtp8MtOwTmeKzqmsM4qoVhiN%2BUsfwfM5y4bfD%2FCEmAJM5ms4VK8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb28e88f8101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:54 GMT
common.css
rtrcr52.com/_content/roi/css/ 		926 B
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_content/roi/css/common.css?WHUBze0W13kxocvg
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f1935e3b083d9d6cc18d41d84d843c1091f9f72b0fc5de799d0c33c82ac434

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:22:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39e-5be128b24a4b1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvCsuc07Sk%2F1bbbJMJHK8dCdewx6QytTmocUGcoHIkajXwa20X67g8mMFjifcuY%2BekxIs4NYSGlqEnxuciHtXkgbN7IQiCcv9KD2iZBsD975ibBHVF8zl4b%2F5Fmp7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb28e88ea101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:54 GMT
common.js
rtrcr52.com/_content/roi/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_content/roi/js/common.js?V4cW3F9iJ6gEN0a1
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/l1/?&s1=3600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8962d0d8b3ef6a90c87c0af63ec1ec2ea9cf9637af06fa46e74b66eacf78dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/l1/?&s1=3600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:54 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 04 Aug 2021 15:25:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2229-5c8bd69536340-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYMwn9V%2FPlCzk8k8YHu%2F833EnK9p50Zvt05PpOuS%2FBiE0hhJg%2B%2FP7wvPE%2BSCoJpLAsXJvKBAR%2BkFToSEtK%2BEVl1YIvqzf0Oc6JqkGN7SUEbiCqSq26%2Bnu4GRbQUgCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb28e88fd101b-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:54 GMT
submit
rtrcr52.com/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
f53c760a3f8b575a09cfcee3d6d97dc3183663e0d1e9c32057b9622a89e6f47d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://rtrcr52.com
Referer
https://rtrcr52.com/l1/?&s1=3600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
849cb292ec647cc8-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 02:44:55 GMT
expires
Tue, 01 Jan 2000 00:00:00 GMT
last-modified
Tue, 23 Jan 2024 02:44:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P317kOXBmXIJZQSLr7QS%2BZV%2Bse0jw%2Farn%2FGV2edu2%2B8wyi3Jv7oVrTVyd4tKG8x4vOrFXnAjn3WenGazc2%2B4Yu8%2FEAUOEjEUlJyl0rfMzMu63FzPPSTk5Fi1aDkgOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:20:42 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/ 		188 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/jquery-ui.min.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 15:34:49 GMT
adm_global.js
common.admediary.com/js/ 		584 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_global.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
e3055298e7cc36340257a3df910f796342a9e5f93218ed70edd0797530720c9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:37 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"248-5be1288c73a40-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
212
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_validate.js
common.admediary.com/js/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_validate.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
12102851881cc9ad92a8e8befd0864e8cc6ab6aed499cfed04aafa81db99730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:43 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"aa83-5be128922c7c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
6649
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_prepop.js
common.admediary.com/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_prepop.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
05857ee6e96fa1de8419fef3b5a92a6a85956a4583587313fb504f0f82404e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 15:09:22 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"3aff-5ffd2e6b74365-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3047
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_staticdata.js
common.admediary.com/js/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_staticdata.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
c5cc9b28c8440b205755d31b3581b873fffeb842f04d9e9ff5490a94da1610e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 22:49:33 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"51ec-6078cc0edbc02-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2624
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_lead.js
common.admediary.com/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_lead.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
f13106bffb48ca1d8b703698c776605df8bd10b9cb0085ac3a474eee4759ea7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 15:09:27 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"41cd-5ffd2e70753f6-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
2714
expires
Wed, 24 Jan 2024 02:44:55 GMT
jquery.popunder.js
common.admediary.com/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/jquery.popunder.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
bb1ec7e6c4c16c331947b9c7da60f04247ea3ef6d9961b1d3d376fb8f50340a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 21:21:43 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"355b-5be128922c7c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3405
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_weather.js
common.admediary.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_weather.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
aca28693be924ebda401a62b06e3c3910838e482410c149055abd20ffb9a23bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Wed, 24 Mar 2021 06:17:56 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"103d-5be42427a8d00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
1090
expires
Wed, 24 Jan 2024 02:44:55 GMT
adm_track.js
common.admediary.com/js/ 		2 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://common.admediary.com/js/adm_track.js?CsF1H54zYvL83Eqc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.130.58.50 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
Apache/2.4.46 (codeit) PHP/7.3.27 /
Resource Hash
fcb2a3e0b45ff89577b43af40108a392a2526473deaed7ae690bfc2a19a413ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 14:50:12 GMT
server
Apache/2.4.46 (codeit) PHP/7.3.27
etag
"6be-5be0d10f69100-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
550
expires
Wed, 24 Jan 2024 02:44:55 GMT
prepoptranslate.js
rtrcr52.com/_short/js/cash/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_short/js/cash/prepoptranslate.js?G2eLc9oRvYFEsW1i
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4ad5d4f0df33409d3a3a26d6d19fffec3dcefbc53d9f08aeb9f491415ecd66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 29 Jun 2021 19:05:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b83-5c5ec4ae48fc0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67DTO1F5vPlUGFjc4EJPLsR5pioYzO45G1ap%2F0FbMOO7m1wytazZcaa72ydR%2B%2FLbnB6RSKTTbyirJWmOfPEv2X68gN0RsrmZ5vLVYLtajZICgugXKrri%2BZVxVvqV6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294de417cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
jquery.maskedinput-1.3.min.js
rtrcr52.com/_short/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_short/js/jquery.maskedinput-1.3.min.js?xvRWUgBPi13tz60k
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6f6d22dcfb4311ae291ba0c098bf6ef474f72d0500b856d5a5664207699d5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 24 Mar 2021 06:17:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d23-5be42427a8d00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RcUOv6F%2FJ2qi8OaLSsfZzXK2LpnshlbXg%2Bc1Ml%2B2qOZpVUDWfn8o2phV%2BXx9Sm2SXTDr759ZEXiPImruwdVcJY4CYn7GDXgEOhWkmeLEZmtg7g6W7Zg%2By5IzJwPpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294de447cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
submit.js
rtrcr52.com/js/ 		308 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/submit.js?pvi51qmEo4Wgs9Hc
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b6f502a0cfad96d7cf2cea1fd44bd9e15affaf62930ebc35c0fc943b30cdd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"134-5be129611f000-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPEgDRSrZ%2FqhX9Bj%2Bgk61%2FTCS8u4WnBtKnKad4e64iv8Iz5bnUjrr3EQWF1d33LJ6GozHS7bkh67J3jwUVhSiSNZInkJRjX7jUinOkg0uvuz%2BKaERCR%2BqF71IMuD9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294de457cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
common.js
rtrcr52.com/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/common.js?KW5k698svBPtmReH
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20f7f998737718cadc6d32d3a32980a34bd0001275bbd53a3e4f479146cb1d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:25:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3957-5be1295f36b80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR%2BOzg3VMtbc6hRvEqKAsvalIGpDMc1PPItwVXmZ885ubqnkqx%2BH38oc4%2BsPIiW2YyeAaVfm9yBgVDu1YREJf7oFvB2E0yBdMzSunsflkQAExyiZn0U0PKtqJwPYrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294ee567cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
jspopunder.js
rtrcr52.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/jspopunder.js?vomWsJ45Y3iP79vE
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa130a42a1a1051cbd9cb04f3344788d1242eca02dd69a3d05667517ad3d560e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:53:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1ab8-5be0d1c778340-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZmVvn2eZowbTgnH4RBB0yCNeR0JWVfvNgYRKmyKwo04k60nhotxp28hO0LTz5ffirIrZn2CjA%2BkzlZTa15vc4jQH4uZ0JhHudf9ay490gKxamxS3QV5vnxjn9EafA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294ee587cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
geo.js
rtrcr52.com/js/ 		77 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/js/geo.js
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ba72bbd51bd246abdd66137b6daa6994202a50a1dafdfb906071f54b7498b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:25:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4d-5be129611f000-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVawg%2FIYPaVLxZvGfAXru28tgIRoUCEiHvJy9EI3%2BZ54eV14s%2Fm%2Bg%2BYEMzN0Vocg9KHidMz922R10GgufF1X%2BEf385DImOUVM1c7NYnWBAM8FPko0%2FG0fFz7pANNJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294ee5a7cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
common.css
rtrcr52.com/_content/roi/css/ 		926 B
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_content/roi/css/common.css?FzLo0a4HFix7cges
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f1935e3b083d9d6cc18d41d84d843c1091f9f72b0fc5de799d0c33c82ac434

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:22:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39e-5be128b51cd9a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et8IQKiNCK7iKtnAyBDbzbPMf4wrytfeYjVrXAf4WQNi9rVPKewyAz8ZTbSi5Xbf3T%2FSWyyKYDJhpOtXDyyBaXrI5Clg%2BEFoait6E5B9Nj5q%2BCH1LSHmsL1%2FQCHiYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb294ee5b7cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:55 GMT
common.js
rtrcr52.com/_content/roi/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/_content/roi/js/common.js?r0vEeaF4i2kLH9g5
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8962d0d8b3ef6a90c87c0af63ec1ec2ea9cf9637af06fa46e74b66eacf78dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 04 Aug 2021 15:25:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2229-5c8bd69536340-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmn7kjRq6Eapz8jlL3VBq0kIT3m268tON7MPdsubi7CCpSrjSx3jLD568f8MfKd8ZiNgs%2BpKZ9TZAV2%2BF0MYQp%2FPiZLJy0pBwh6E28SbfqKXtjtAO1nTVq4aisznNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb294ee5c7cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:55 GMT
all.css
use.fontawesome.com/releases/v5.1.1/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.1/css/all.css
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463

Request headers

Referer
https://rtrcr52.com/
Origin
https://rtrcr52.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
38968
etag
W/"597b70b2ce6b1483f72526c906918fe9"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIbrfboz96bm9ORi3uaCa%2BQGrVsHzGqyyArEzHjhdiuvEQEp4qJyapewjCQBWOuzkeYCcUzr76y%2FGr0pN1%2FqmSkrOLdbT2JkB%2BsuTdl7Vbd8ierWeHyMfcxQYDjKjfI24C%2BW68FD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
849cb295fe9c5301-LAX
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Source+Sans+Pro
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
9d56740b8662c107cbd528fdcf2c05c748a1e413ae8712b3720ece7ce4048b65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 02:44:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 02:44:55 GMT
animate.min.css
rtrcr52.com/css/ 		56 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/css/animate.min.css
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e211d427be73f45fc7b20c8be474b677d8512b6eb496b90b712c4a41af58c5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:53:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e1c1-5be0d1c86a976-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcFt7ST3bpwUFAztv4yh42G97HwSAk%2F%2F7Nz5FeJoD9SXe7P0hdjjaeBmORPhbVGjCCp8iFuQnq%2Bp8GanPg3thIzw5Mag7Vw%2F2AcDUl5Z1yKh4p3cC%2F9MtWBc4BaCJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb294ee5d7cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:55 GMT
style.css
rtrcr52.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rtrcr52.com/css/style.css
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e066e009577487b084a9180b557f5b564c6476da09eba73d84fae2c161a2db9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:53:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1592-5be0d1c86ad5e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61GChZmeVsMP7v4Kq337hVggfrbfuvD7%2FELpvPgYlqUhov1lwIMTUaM4jWsFtTc26GoYcTSANPz%2FhfrRHd89WyUuAKEErn3Cfho8KkfxdEwxIyAPy0n3gIB6ytCq4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb294ee5e7cc8-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:55 GMT
loading.gif
rtrcr52.com/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtrcr52.com/images/loading.gif
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/submit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.64.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abcc6499ff6010cc4c52439760cd56d745be780ac55c6a252b7acb64c6da3f33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtrcr52.com/submit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:55 GMT
cf-cache-status
BYPASS
last-modified
Wed, 24 Mar 2021 06:21:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ba2a-5be424e92326d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSXu6JCcF26Nob1eN18R82gqKuW0cLraZeHHVh2Dq%2BYGKXp9yCwsdLzvS2IxTT68n6hcxtjQTfKEod%2FEde3FJKUoF7dRrlh9K3aN8Y1T8U2EiBgCyPlKVezKxft2aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
849cb294ee5f7cc8-LAX
alt-svc
h3=":443"; ma=86400
content-length
47658
expires
Thu, 22 Feb 2024 02:44:55 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://rtrcr52.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:14:31 GMT
x-content-type-options
nosniff
age
307825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:14:31 GMT
/
findloansforme.com/ 		947 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://findloansforme.com/?https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Requested by
Host: rtrcr52.com
URL: https://rtrcr52.com/js/common.js?KW5k698svBPtmReH
Protocol
HTTP/1.1
Server
54.191.253.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-253-155.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
41f7bf55b4f187bb7f416cdb1ddc25aac36610b31dbcbfcc6567b43f5e482e71

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
947
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 02:44:57 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: findloansforme.com
URL: http://findloansforme.com/?https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://findloansforme.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:20:42 GMT
Primary Request legal-help
lawsuitwinning-usa.com/
Redirect Chain
  • http://findloansforme.com/
  • https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
47 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
737fde1090ad078c7ad8bae53681acb9ce2e1c9f63cbdf1e87abdd67cada6f13

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://findloansforme.com
Referer
http://findloansforme.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
849cb2a98f6d2b87-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 02:44:58 GMT
expires
Tue, 01 Jan 2000 00:00:00 GMT
last-modified
Tue, 23 Jan 2024 02:44:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6otivjv40OXT0bMlUHmcazLSOAk5FxPk%2Bzti%2FMy1D2gTfJe6G4bkxhplDOwsF%2Fuseh%2BdSF3M4g8qMbnmCdBlQ6gxyfruPo90HFJBp63FKZCh6UfAb8TScpe4TxoMWB0gjpJ5dfv8wlML"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.27

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 02:44:58 GMT
Keep-Alive
timeout=5, max=99
Location
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33621
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:20:42 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/ 		188 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/jquery-ui.min.js
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 15:34:49 GMT
adm_local.js
lawsuitwinning-usa.com/_short/js/ 		121 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_local.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b2d45db1fc1d9e1a7ac20835212cb3becc9c4ae3fa7838a194ff6c8bfa4ec4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 06 Jul 2021 20:16:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"79-5c67a179c9200-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIjDAg0d5uK8VPcorF%2FT0xvnrzv6viLfyz5s%2BuGqclVB2Xk8j0Ho4pV4U2nZmLIq4U2JiNQJ397r1jEcFNieitjQrjNG7soTFEfngfmqSue5t0Zdc%2FVo2s38M5reb%2BazSsZOSxVAHfjE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab5ae32b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
adm_validate.js
lawsuitwinning-usa.com/_short/js/ 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_validate.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12102851881cc9ad92a8e8befd0864e8cc6ab6aed499cfed04aafa81db99730b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"aa83-5be0d10f69100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7s1Bj8F7W%2FUpuquSYmdikFzHu%2Ba5rhTZHVxDmy1o9KNVAdWEUf9MdO1Y%2BFyAoyJ%2BflbX18l76q4GPxkp2wcgvONtilQB1NnbuaJZyvjqfYVfIXpq%2BXsbz3fkkYQH8UetUNmeuZvzdxv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab5ae72b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
adm_prepop.js
lawsuitwinning-usa.com/_short/js/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_prepop.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05857ee6e96fa1de8419fef3b5a92a6a85956a4583587313fb504f0f82404e75

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 06 Jul 2023 15:09:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3aff-5ffd2e705831b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tElk%2Bvjq3ukMFO2S5vKdFFZOu6V3dIBYxjywQWRV7L2AjMc9qEoHf2yEpuig0LloBcbJuq%2BBCwr4njHfb1u72OaUClHkAmWKH%2BEMAxG3nYRHuOSUpCLxRapw04mSrJTcxAyNHXGcrfz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab5ae92b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
adm_staticdata.js
lawsuitwinning-usa.com/_short/js/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_staticdata.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cc9b28c8440b205755d31b3581b873fffeb842f04d9e9ff5490a94da1610e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 12 Oct 2023 22:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"51ec-6078cc0ee93c4-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQk5hkdpBy3F16zG7mH1MpDZ5cbaILKYiZR7SUa0%2FfE%2FXp1xVMbN%2FSTl6tpzvvoXiiidTemcxxsiZfjVv%2BgqHA4FQdh2oAEy6haKJGszr%2B0X%2Bg7l%2BCkDowl5ZS9wBZnI4KqdnXeaj%2BZV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab5aea2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
jquery.popunder.js
lawsuitwinning-usa.com/_short/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/jquery.popunder.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1ec7e6c4c16c331947b9c7da60f04247ea3ef6d9961b1d3d376fb8f50340a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:21:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"355b-5be128922c7c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLXhvilnGexLK0zavDWCbOMlpTp9rdHhvDEmuvd%2BmggbMkj7v43LiFlsVTwk1SIsuvbQzgZQJnPkraVmrcFb%2Bm24zWxsIsHp7slzkTtPTjBUbQEQkHWFTpQKlHk55%2Bt7lwRXbv%2BBJE%2FA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab6afd2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
adm_weather.js
lawsuitwinning-usa.com/_short/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_weather.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca28693be924ebda401a62b06e3c3910838e482410c149055abd20ffb9a23bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"103d-5be0d10f69100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Uup6RCJcHycsKcly03oSInk2SDRCxYVq5GwUHkAwtG888eiE5S4sA8CRa0WGh5AHiwdKwfCnzRXjfpANcilYyKsrGiEEs5egHjYVL7bHRj1zTIyUYzi1e4pXKF6CSOiRn9BR2N%2FSe12"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab6b002b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
adm_track.js
lawsuitwinning-usa.com/_short/js/ 		2 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/adm_track.js?kiPRBmtE46Y7k5qo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb2a3e0b45ff89577b43af40108a392a2526473deaed7ae690bfc2a19a413ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 24 Mar 2021 06:17:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6be-5be42427a8d00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQRg%2B%2Bgt7kQLAM%2BvEKJGoJAmCM8T2opR5dJUyAlP%2BqJybhI1cVo9KUAljtD%2BP2HlbMdB72QXit53FzHnJEhX0T9hUIdNwbJRHJVLtuve%2BHvlIdizVjzVdGulsAJdMoPRcW1B2DbsDDy2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab6b032b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
prepoptranslate.js
lawsuitwinning-usa.com/_short/js/cash/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/cash/prepoptranslate.js?JP2vetozUk849g5i
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4ad5d4f0df33409d3a3a26d6d19fffec3dcefbc53d9f08aeb9f491415ecd66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 29 Jun 2021 19:05:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b83-5c5ec4b031440-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrqUWDtjUi7VjMMuBuRNZA8Ueh1yrnqUOvatrA68kfqVyVWBYoBr3Y%2BNkHBmOS1%2Fg5gvRJsJC8g%2BCAsCzoTlpyrwUui%2FIOthh%2BI3PYBYbTf%2Fc7j3I7ZeoUQw0jWeY1JCN8xYUf4Lu%2BSo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2ab6b042b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
jquery.maskedinput-1.3.min.js
lawsuitwinning-usa.com/_short/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/js/jquery.maskedinput-1.3.min.js?KoE7vH0i4cg8PUme
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6f6d22dcfb4311ae291ba0c098bf6ef474f72d0500b856d5a5664207699d5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 14:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d23-5be0d10f69100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1BDUxMdiQzH%2FWth4W7nDuxbGBkueug7eVPwnjJ%2FP4bQ3z16la55aiAR1NtgFnZK5bOtwSTKHkwELGlhORfzQ572Buth7BiWuYMP1hhpM4KMubcwMjdSJR0pqkN%2B9L4ROR1RFVhvxtxk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdba82b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
submit.js
lawsuitwinning-usa.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/js/submit.js?O7Jvzg3ioNL0YeH5
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1570ddd0d84ddabe7251e111a8b52bbe22f56104ed8ea183ac68dea7103f5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 14 Dec 2023 22:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1223-60c7f8196065e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI%2FRYvFtT6ZxQ%2BLqIJydA6dKA6y3MzaqA9hRfaY%2FXcHroSRpGPGgWXKNjFchO4iglsAnOoTyUKPC8dhM99yxK4eNgyf%2BOTdtbb7ESs5MoTqM7lxI7ySke5%2BN3xbBvPo5GtNIhGlvYM6a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdbaa2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
common.js
lawsuitwinning-usa.com/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/js/common.js?GEJUgYkLza41iPWo
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff7baa3cd6ab6b110d6bb66ae99bf9df3f32a00e30e0a5124614cb704553eac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 21 Dec 2023 18:16:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3de7-60d091a5dc7a9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLN6nUh4znt0fQlc7FXnG2Rv8kbsIUc4iohJsZvRsoblhhGYwMSTSZ8Tt2AzDFbZ3cPQnWHyJFCFdhEZ1ckWqlPhAYS2CxtRflXQde4U5eUKSI%2Bn6TSgNaeX9jq7OmhwC5T7Uy4hNCb4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdbab2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
jspopunder.js
lawsuitwinning-usa.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/js/jspopunder.js?EL4RYt8Jko5P71aq
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a99a6a656ad58cd11f555c6b404280f10942d853edfadd9faa6fdb46c12690

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 13 Dec 2023 20:02:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1864-60c69a57aa108-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFNQNfWZOHfkwabnlggrJp09WianX9%2BOT5D71k4tpqUQHwURHHSKLndoV43ayLPfgG%2FR1%2BWOMs5Eo1rwICcmfoVUpb7h61qwFCvVbhsoIa8e5jxDtQqJgwKsjkDpCpCeRWMYww3Dr9TI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdbae2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
geo.js
lawsuitwinning-usa.com/js/ 		232 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/js/geo.js
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999ed8d446cf6c6f9bb36060668a73216211c2fbc1a9982ab081654809d8ec93

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 22 Jun 2023 15:39:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e8-5feb9b0ff1c6c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XS1DqZSN6eDGetED5elcUVLwPu8DnrfBEWLiygEpVQXSKhQpP%2FNzthROTrtXWoy334XVqGjnid2gsKekNQmctiuC4niVQAR4r%2FINwkKkmjN3dgkmQYN9zEsua1IemTNJBE9ShYis4I%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdbaf2b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
common.css
lawsuitwinning-usa.com/_content/roi/css/ 		926 B
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_content/roi/css/common.css?vL4PWEqRo0e15Jzt
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f1935e3b083d9d6cc18d41d84d843c1091f9f72b0fc5de799d0c33c82ac434

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sun, 21 Mar 2021 21:22:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"39e-5be128b24a4b1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cAO%2BawQl%2BGzt%2B2Sa0JI%2Fgq54lTMrFM9zOzj%2BXEbLba%2FuUHSAqlMgjsWjMosww86vhkwVgsv3FuNom5wFVi4XSWid6RJXFhTouMOQAh%2BN8Gdgn3Lhdm1ue7j1U%2FrqhFkai43eKMGSbof"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb2ab6b012b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:58 GMT
common.js
lawsuitwinning-usa.com/_content/roi/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_content/roi/js/common.js?foJ46vg0eYks73N8
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8962d0d8b3ef6a90c87c0af63ec1ec2ea9cf9637af06fa46e74b66eacf78dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Wed, 04 Aug 2021 15:25:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2229-5c8bd69aef0c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Xn5ufx%2FO%2BBbxngFrddEtcx4%2FIE1RhysX%2B7Nr6FboZnF37wuv4JSHsX3UmNSUBkbN4hPH08eTjQtpITDsUPyBiwKNs0CCckfwvjGXExTPIugc1Rkm3QbqY20VttlKnb35FDBUOgJrskD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
849cb2abdbb02b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 02:44:58 GMT
styles.css
lawsuitwinning-usa.com/legal-help-assets/css/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/legal-help-assets/css/styles.css
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d00f1edd5dd60d0ddc10af85f8e353048d4fb59631282b760f168a9b060520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:58 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Thu, 14 Dec 2023 22:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a322-60c7f8195951f-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50KLFQM5PqlrOpTDyWYKZ7A4X7EIJcbLplj4qiMf9LYm0Niqb1zJBHSX2UsXCjIGlXBIf2g%2BsQ9pdQTktA8mOfUEvx1YRrZ45hSkRxfquseHlw%2BrSgiSWOUhoUcMwRzIilSoOrFbf0tp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
849cb2ab6b022b87-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 22 Feb 2024 02:44:58 GMT
logo.png
lawsuitwinning-usa.com/legal-help-assets/imgs/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lawsuitwinning-usa.com/legal-help-assets/imgs/logo.png
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd50d3c9d46b60f9307a6347ba7128e1ecab950d56d92c1d5d48e6637c7c886

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
cf-cache-status
BYPASS
last-modified
Wed, 13 Dec 2023 19:11:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7029-60c68ed9dc2d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTHmyasBMUobxja08XtFxEnWwnsaopr3v%2BiJdwcdy33iZdbh%2Fq4nlRsvDRe89mufBkvBGYGLbYvqyOLpBbLzHFyRRvUPtPcYTGPFox9bhUT5mP6zBH%2ByOSBP%2BDOUy8tdnWRGRk4sLfow"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
849cb2abdbb22b87-LAX
alt-svc
h3=":443"; ma=86400
content-length
28713
expires
Thu, 22 Feb 2024 02:44:58 GMT
7f4ae8c9-3a44-4155-8b3f-ccfdd81e1d24.js
cdn.mouseflow.com/projects/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/7f4ae8c9-3a44-4155-8b3f-ccfdd81e1d24.js
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.50 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
851b18cb10b13864a0521aeacc0be4fa36fd6ec254a83d899ac73d9055acc760
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
30860
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-mf-script-region
US
last-modified
Mon, 15 Jan 2024 16:00:32 GMT
server
cloudflare
etag
W/"6ecec8f7cb47da1:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
849cb2aebbc87c9d-LAX
expires
Wed, 24 Jan 2024 02:44:59 GMT
57dkpo9gw8
secureanalytic.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureanalytic.com/scripts/push/script/57dkpo9gw8?url=lawsuitwinning-usa.com
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.175.24 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd891e72b801298fafc66bf91cc5852f1e913fe149bf85bf39bf547ac22f8c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 21:44:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq0AzNkBzWAlzAXc%2FHH7HvE596ugaIwoPkE4h5V%2F7jJ5Lje50fKxZ0Wp30%2FvFmG8VeDSWcQRbpQnPpK1SvxUa5Y2eZ0qeRs3qisSv2qwItD8kt2jNiNXOVljknpiQHrkcAritPw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
849cb2aebb9a69aa-LAX
expires
0
header-bg.png
lawsuitwinning-usa.com/legal-help-assets/imgs/ 		331 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lawsuitwinning-usa.com/legal-help-assets/imgs/header-bg.png
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e74b9dc192111471b967e2db7c168f04b643c0faabf12c8129acc5b340084ec9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
cf-cache-status
BYPASS
last-modified
Wed, 13 Dec 2023 19:11:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"52cf5-60c68eda88d9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpoFpBBy1bMwc2VrnlW3KaiHkimAMXdYdpq2X64Zh9cWl8QDbxKApIo6vWakpLkI%2Baeq2iUKKA9Q1LhlC%2F3aEK3Nh4QnSCUMuayAv%2FoRlVdlPDEoZsFRXvF3KC4MA9Mz6DjiDyDPsvBT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
849cb2ad9ab77bf5-LAX
alt-svc
h3=":443"; ma=86400
content-length
339189
expires
Thu, 22 Feb 2024 02:44:59 GMT
round.png
lawsuitwinning-usa.com/legal-help-assets/imgs/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lawsuitwinning-usa.com/legal-help-assets/imgs/round.png
Requested by
Host: lawsuitwinning-usa.com
URL: https://lawsuitwinning-usa.com/legal-help-assets/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c32c207215060e96f745e22dc85bd08d13f3632b22817138b54456e8226fe9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lawsuitwinning-usa.com/legal-help-assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
cf-cache-status
BYPASS
last-modified
Wed, 13 Dec 2023 19:11:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"28a1-60c68eda779fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILi9IHpmT%2FdYwXBIHMRYChAr%2FcrEcXURmb9h5QdxrScJ5pJX6lgRqkVBafEwBsxjfOtg9NalkpeQXT%2B9ZBd%2FM7lleFfX7yBv1zF3v2CyfLzbn1Tf%2F6UWLQihADQt6v19p7wou6KxMH2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
849cb2ad9ab97bf5-LAX
alt-svc
h3=":443"; ma=86400
content-length
10401
expires
Thu, 22 Feb 2024 02:44:59 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%2263EABCD7%22%2C%22add_step_impression%22%3A1%7D&_=1705977899132
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaM91vUgVvV1BHMhEOiePG3WbLHnm5C30cky5OxKKXvFrRagmQaxsgHd5bOBtuoE7qV3ZmUNmXyFFV0eUzV0E4CEkTYHuGQsrBoj4sE6RZ9aQ7VzqoeKpa%2BXhHTl1UnqTL59cuIlQ1ZH"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addae77bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%226E14C8C1%22%2C%22add_step_impression%22%3A0%7D&_=1705977899134
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNQ3oZhlJGWSe2nvbsjU75pv5QcGPBbNnUy16DIfoKUZaPdkzOHKLTsdwUOgHrcu2puEWgIqEMXimVG%2Bg%2FcL0x4ipTEOf44yEV4SZ0n%2BLI3CZtXmD2nf1L3mlBm1%2FXwc4lHUFBgDXz0x"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addae97bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%220E8A0083%22%2C%22add_step_impression%22%3A0%7D&_=1705977899135
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCZMX%2BRm30z2Wehz6fe4binAxz4rn27rdJVtST6YkXsPRKZmjAZBMxSnkscr%2Bt5aY1N07go2h6IVG6ekC81qZ2pQyAUOtgRupSixbxJtm0vYzBLOJW2QRJdD52FuF455x32C1C3%2Frxy5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaeb7bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%229D057151%22%2C%22add_step_impression%22%3A0%7D&_=1705977899136
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vujqJ9%2BZW79TL0mPZcXbJD85kgE5vXhHISyp4UGEpEjUSGN%2BtmV2e4nXGxuOiJb8HvYZdVm3Y0hOfv1v7QixZ9TX2xzQGSNtbO%2F9H4KHoj6Rn42HKrKCfZOv9EjN9eoiZcnoS830uwi"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaed7bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%22A53F7FD0%22%2C%22add_step_impression%22%3A0%7D&_=1705977899137
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwEgCRo3kdl%2B82%2FONkI5OKOS5iMeAnYHFnCEYLhPtUhfvQ8EKcwKfIaAtJVTnL2kv45N1iMVfFTvgy15cvgvi1ljFv8MKOUQ%2FItKgCFLKzfn71lsg5%2FQ%2FraQ4NNAgTV1vMIlxMHmfg%2FZ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaef7bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%225B938ED3%22%2C%22add_step_impression%22%3A0%7D&_=1705977899138
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkuTy1cvyltdgGQpiJcq%2BFpemqB5gpqJB19mLh1G%2F7RYyQjt3rVwWZOc0Y0d97AWh1ianaPg9TG3ca1hfsVelr0yC%2Fk1MFj69aB74wqgYSqafoFyCQbGP7dfgfKE0Dt7zDW4%2BJRkHyr%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaf37bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%22E3DDE635%22%2C%22add_step_impression%22%3A0%7D&_=1705977899139
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPHZavqbnYENYz5SQQK8HH%2FoGUDZSli7Q%2BU%2F2YUkHNaeFXoRNy7082NlDVLCiDYeaXsRjMiTzpLwu6HpzyPJra%2FUpbuJisWc7v7UvwcPUcaw9Rwj9cguG0kXJBDYs4Q5b7aaMI%2BN2sSz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaf67bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
process_helper.php
lawsuitwinning-usa.com/inc/ 		84 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/inc/process_helper.php?request=%7B%22request%22%3A%22impression_insert%22%2C%22lead_instance_id%22%3Anull%2C%22placement_key%22%3A%225BB1E1D5%22%2C%22add_step_impression%22%3A0%7D&_=1705977899140
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1

Request headers

Accept
*/*
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47o01EGW2GCtGXLYTiEkIiinN%2FiSo65woM1n2ha1I2xT3lyEGTNtDVMef4cIt%2Bibeb7flpXgwpXJ8aVezYOZv9gkM6Bb5FI8FV%2FIGZDxJ%2BscFUzs9Wdqsgrz5eaJ9iof%2Ff5YLtg%2Fhm3y"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2addaf87bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
lead.php
lawsuitwinning-usa.com/_short/ 		118 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/lead.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
0a782c418b3004958652477e6226d62be428fc570724abc150bbed5b6db12901

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulv9iZvR6d0MQeI5LCidZu2A7%2BZ1UbqjMT2hD9gqyC2YGVKJhXXT95oalJRxsLcQ2kqcEh81MqOU5opB0fh99M3QwUQawuj6vzUWFzeNq%2B1muCj0p3eSnv8o3igi17aCee4WGkt1oTG7"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://lawsuitwinning-usa.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2adeb037bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
lead.php
lawsuitwinning-usa.com/_short/ 		82 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/lead.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
08dc2d723d7d07c8a5d437aa90f0e8c6ab1c097606606d1bd04e1a7116f06c9c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwIJbr1fnPNgS8ed3hnCXY2El9B2QZItRtpkxkyt1VLQWMIs7iTJLmtUF6tnx%2FCR5KetMS1uj2yf24qb6AUWtJ63LvwyEZyN8JAhfJ2%2BZkOQ5%2FC3niF6BNkNhw05QE5ZU2gveLqT1v8%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://lawsuitwinning-usa.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2b25c147bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
lead.php
lawsuitwinning-usa.com/_short/ 		209 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/lead.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 02:45:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSp7HS0Zmp7PEvs0IGBGMBEzjPcHBB60lK4O3dM5kTIbw0oKFkvkgkPz%2BE139fnD1pDmgAuA0SAMWbB%2F1E4LRHN3qdaIIgGdPdQXs2M2XDYRyoxD5a3Y5B7uuVvwYvJLtZWvR%2BC292Oz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://lawsuitwinning-usa.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2b25c167bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
lead.php
lawsuitwinning-usa.com/_short/ 		82 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/lead.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
08dc2d723d7d07c8a5d437aa90f0e8c6ab1c097606606d1bd04e1a7116f06c9c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyWL6iompBeY10e7kdEjEohxw5RjeE%2FTBkAkIOQfo8PGrhjTfs%2BEorJD5qC8XCghbje%2BKFvYynwLD25wHnkVjJJ%2BfsBO4yPptGTN6ZLv6Sc8feouzBM9ldGkdNdmaBfLDOOQ3Gq6vj7t"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://lawsuitwinning-usa.com
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2b25c197bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
lead.php
lawsuitwinning-usa.com/_short/ 		220 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lawsuitwinning-usa.com/_short/lead.php?request=%7B%22request%22%3A%22lead_ip_to_geo%22%2C%22ip%22%3A%22162.158.90.174%22%7D
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
d6b86ac4ba2f803afdc7596b9165f2921bf97c44abe29a02562a6d77173282eb

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:44:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
p3p
policyref="/w3c/p3p.xml", CP="NOR NOI DSP COR ADM OUR PHY"
alt-svc
h3=":443"; ma=86400
pragma
no-cache
last-modified
Tue, 23 Jan 2024 02:44:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXwoZt%2BOKtYfOHI4cDbRlVKqOms1DldR9tUEDSHRP2lJzwMuZNbS4FSq%2F7AR5a7uu77eaW2bmSblWOluRszm5Dot5xZPRb6LLNKoeQ%2BVdn7FoiAcqTp%2F9ydJC%2BBViCFljb%2FaHiBAe1Kf"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
849cb2b25c1f7bf5-LAX
expires
Tue, 01 Jan 2000 00:00:00 GMT
init
n2.mouseflow.com/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n2.mouseflow.com/init?v=17.97&p=7f4ae8c9-3a44-4155-8b3f-ccfdd81e1d24&s=749284296de457748f70f1ca36fa091b&page=0122590787e13a0ce0141d7d68f24abcb3ce5997&ret=0&u=6b8a40d1c834e978fa1c53764e091f04&href=https%3A%2F%2Flawsuitwinning-usa.com%2Flegal-help%3Fcampaign_id%3D570%26afid%3D1045%26sid1%3D%26sid2%3D%26sid3%3D%26email%3D&url=%2Flegal-help&ref=http%3A%2F%2Ffindloansforme.com%2F&title=LawsuitWinning-USA&res=1600x1200&tz=600&to=0&dnt=0&ori=&dw=1600&dh=1200&time=1172&pxr=1&gdpr=0
Requested by
Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/7f4ae8c9-3a44-4155-8b3f-ccfdd81e1d24.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.96.202.199 -, , ASN (),
Reverse DNS
Software
Mouseflow /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lawsuitwinning-usa.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 02:45:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
Mouseflow
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://lawsuitwinning-usa.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
0
75dnp208gk
event.secureanalytic.com/register/event_log/ 		0
0
75dnp208gk
event.secureanalytic.com/register/event_log/ 		0
0
75dnp208gk
event.secureanalytic.com/register/event_log/ 		0
0
75dnp208gk
event.secureanalytic.com/register/event_log/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
event.secureanalytic.com
URL
https://event.secureanalytic.com/register/event_log/75dnp208gk
Domain
event.secureanalytic.com
URL
https://event.secureanalytic.com/register/event_log/75dnp208gk
Domain
event.secureanalytic.com
URL
https://event.secureanalytic.com/register/event_log/75dnp208gk
Domain
event.secureanalytic.com
URL
https://event.secureanalytic.com/register/event_log/75dnp208gk

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| DP_jQuery_1705977899056 string| global_common_domain function| SetCommonDomain string| service_interface object| controls_to_validate object| associated_controls object| validate_error_messages function| AssociateControls function| GetAssociatedControls function| ValidateControls function| ValidateByValidationType function| ValidateName function| ValidateAgainstSet function| ValidateState function| ValidateAddress function| ValidateAba function| ValidatePaydates function| ValidateDate function| ValidateSsn function| ValidateInteger function| ValidateString function| ValidatePhone function| ValidateZip function| ValidateEmail function| AddClass function| RemoveClass function| AddClassIndividual function| RemoveClassIndividual function| AssociateAddressControls function| AssociateBankControls function| AssociatePaydateControls object| qs_id_map string| post_data function| SetPrepopMap function| PostTranslateData function| PrepopulateFieldsFromDatabase function| PrepopulateFields function| SelectByIndex function| SelectByName function| SetPostData function| GetPostData function| SelectPostByName function| SelectGetByName function| SelectWithDataByName function| CapturePostData function| InfoForZip function| IPToGeo function| PrepopulateStaticData string| lead_interface function| LeadTrace function| LeadForward function| LeadSubmit function| LeadSaveData function| LeadInstanceUpdate function| LeadInstanceSelect function| LeadInstanceDataQueueSubmit function| RedirectBlankSubmit string| geo_interface function| GetWeatherLatLong function| KtoF function| TrackSetLinkPlacementIDs function| TrackSetLinkPlacementValue function| TrackReplaceByName object| cash_qs_id_map function| TranslateDate function| TranslateSsn function| TranslatePhone function| PostTranslatePhone function| TranslateUpperCase function| TranslateLowerCase function| TranslateNumber function| TranslateLoanAmount function| TranslateSalary function| TranslateCredit function| Pad function| GetPageBreakUrl function| GetPageOffers function| ShowPageBreak function| getChromeVersion function| isMobile function| GetMessage function| DivMessage function| capitalizeFirstLetter function| HideMessage function| UnloadClickEvents function| UnloadClickEvent function| LoadClickEvents function| LoadClickEvent function| LoadSubmitEvents function| LoadSubmitEvent function| LoadWindowOptions function| NextStep function| HideShowDiv function| ImpressionInsertPerStep function| ImpressionInsert function| getCookie function| setCookie undefined| popunderParent function| jsPopunder string| local_ip function| SetLocalIP object| _mfq number| poplayer_show_in_seconds function| nextStepClick string| common_domain_base object| re boolean| match boolean| ret string| placement_redirect number| ctr number| add_step_impression object| request string| json object| jQuery18208621609180238381

4 Cookies

Domain/Path Name / Value
rtrcr52.com/l1 Name: is_visited
Value: 1
.admtrx.com/ Name: sq
Value: CM4W5ASRuuFwMw5dv1j4Wh43qeMAi6tUciymHDbYGTwg6UdPKa5MCw==
.admtrx.com/ Name: tib
Value: f8syhrpNlnSo0wWYD6KmyB43qeMAi6tUciymHDbYGTwg6UdPKa5MCw==
rtrcr52.com/ Name: pkey_utc:19879396
Value: 1705977895526

1 Console Messages

Source Level URL
Text
other error URL: https://lawsuitwinning-usa.com/legal-help?campaign_id=570&afid=1045&sid1=&sid2=&sid3=&email=
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admtrx.com
ajax.googleapis.com
cdn.mouseflow.com
common.admediary.com
event.secureanalytic.com
findloansforme.com
fonts.googleapis.com
fonts.gstatic.com
ladbh6fg.com
lawsuitwinning-usa.com
lp.cns0nna.com
n2.mouseflow.com
rtrcr52.com
secureanalytic.com
use.fontawesome.com
event.secureanalytic.com
104.130.58.50
104.18.27.50
104.21.64.44
142.250.64.106
142.251.40.163
142.251.40.234
172.64.141.13
172.64.175.24
172.67.148.175
192.96.202.199
34.120.82.94
54.191.253.155
54.196.173.211
54.92.196.123
05857ee6e96fa1de8419fef3b5a92a6a85956a4583587313fb504f0f82404e75
08dc2d723d7d07c8a5d437aa90f0e8c6ab1c097606606d1bd04e1a7116f06c9c
0a782c418b3004958652477e6226d62be428fc570724abc150bbed5b6db12901
12102851881cc9ad92a8e8befd0864e8cc6ab6aed499cfed04aafa81db99730b
1e066e009577487b084a9180b557f5b564c6476da09eba73d84fae2c161a2db9
2f06618662105b1982892b7a2593d9992877b0c7c462625442cc8f5806391e92
393a354b98ae7edd4701c29cc3bba028a622b38d0b5c3803493ddac10b7a50e1
3bd50d3c9d46b60f9307a6347ba7128e1ecab950d56d92c1d5d48e6637c7c886
3cd891e72b801298fafc66bf91cc5852f1e913fe149bf85bf39bf547ac22f8c4
3ff7baa3cd6ab6b110d6bb66ae99bf9df3f32a00e30e0a5124614cb704553eac
41f7bf55b4f187bb7f416cdb1ddc25aac36610b31dbcbfcc6567b43f5e482e71
47b2d45db1fc1d9e1a7ac20835212cb3becc9c4ae3fa7838a194ff6c8bfa4ec4
47c32c207215060e96f745e22dc85bd08d13f3632b22817138b54456e8226fe9
52ba72bbd51bd246abdd66137b6daa6994202a50a1dafdfb906071f54b7498b0
737fde1090ad078c7ad8bae53681acb9ce2e1c9f63cbdf1e87abdd67cada6f13
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
851b18cb10b13864a0521aeacc0be4fa36fd6ec254a83d899ac73d9055acc760
89b6f502a0cfad96d7cf2cea1fd44bd9e15affaf62930ebc35c0fc943b30cdd0
8e211d427be73f45fc7b20c8be474b677d8512b6eb496b90b712c4a41af58c5a
97d00f1edd5dd60d0ddc10af85f8e353048d4fb59631282b760f168a9b060520
999ed8d446cf6c6f9bb36060668a73216211c2fbc1a9982ab081654809d8ec93
9b1570ddd0d84ddabe7251e111a8b52bbe22f56104ed8ea183ac68dea7103f5f
9d56740b8662c107cbd528fdcf2c05c748a1e413ae8712b3720ece7ce4048b65
abcc6499ff6010cc4c52439760cd56d745be780ac55c6a252b7acb64c6da3f33
aca28693be924ebda401a62b06e3c3910838e482410c149055abd20ffb9a23bf
b0f1935e3b083d9d6cc18d41d84d843c1091f9f72b0fc5de799d0c33c82ac434
bb1ec7e6c4c16c331947b9c7da60f04247ea3ef6d9961b1d3d376fb8f50340a2
c5cc9b28c8440b205755d31b3581b873fffeb842f04d9e9ff5490a94da1610e7
c8962d0d8b3ef6a90c87c0af63ec1ec2ea9cf9637af06fa46e74b66eacf78dcd
d5a99a6a656ad58cd11f555c6b404280f10942d853edfadd9faa6fdb46c12690
d6b86ac4ba2f803afdc7596b9165f2921bf97c44abe29a02562a6d77173282eb
d98121a51ed3f911f519cf42be28225dc26b4c9d61cfab0a580118e5c3447463
dd4ad5d4f0df33409d3a3a26d6d19fffec3dcefbc53d9f08aeb9f491415ecd66
e3055298e7cc36340257a3df910f796342a9e5f93218ed70edd0797530720c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74b9dc192111471b967e2db7c168f04b643c0faabf12c8129acc5b340084ec9
ee6f6d22dcfb4311ae291ba0c098bf6ef474f72d0500b856d5a5664207699d5f
f13106bffb48ca1d8b703698c776605df8bd10b9cb0085ac3a474eee4759ea7e
f20f7f998737718cadc6d32d3a32980a34bd0001275bbd53a3e4f479146cb1d7
f53c760a3f8b575a09cfcee3d6d97dc3183663e0d1e9c32057b9622a89e6f47d
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f96d06c989aeaef7acb0196ea9ddc5d9ce2c662125e5fe935901b8ae98e2a004
fa130a42a1a1051cbd9cb04f3344788d1242eca02dd69a3d05667517ad3d560e
fcb2a3e0b45ff89577b43af40108a392a2526473deaed7ae690bfc2a19a413ba