www.thefirmshop.com Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thefirmshop.com/
Effective URL:
https://www.thefirmshop.com/
Submission: On May 12 via api (May 12th 2024, 6:06:32 pm UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 10 domains to perform 94 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thefirmshop.com.
TLS certificate: Issued by E1 on April 14th 2024. Valid for: 3 months.

This is the only time www.thefirmshop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
75	2a06:98c1:58::60 2a06:98c1:58::60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.192.82 18.66.192.82	16509 (AMAZON-02) (AMAZON-02)
1	151.99.162.65 151.99.162.65	3269 (ASN-IBSNAZ) (ASN-IBSNAZ)
2	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	108.138.36.17 108.138.36.17	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	18.66.192.102 18.66.192.102	16509 (AMAZON-02) (AMAZON-02)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	185.48.120.192 185.48.120.192	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.36 108.138.36.36	16509 (AMAZON-02) (AMAZON-02)
94	16

75 2a06:98c1:58::60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thefirmshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prd.cms.thefirmshop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-82.muc50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.99.162.65 (Porto Recanati, Italy)

ASN3269 (ASN-IBSNAZ, IT)
PTR: host-151-99-162-65.business.telecomitalia.it

ecommerce.nexi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-17.muc50.r.cloudfront.net

eu-library.klarnaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.doofinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-102.muc50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.48.120.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-185-48-120-192.eu-west-1.compute.amazonaws.com

eu1-search.doofinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-36.muc50.r.cloudfront.net

na-library.klarnaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	thefirmshop.com www.thefirmshop.com prd.cms.thefirmshop.com	8 MB
4	paypal.com www.paypal.com — Cisco Umbrella Rank: 2954 t.paypal.com — Cisco Umbrella Rank: 3518	89 KB
3	klarnaservices.com eu-library.klarnaservices.com — Cisco Umbrella Rank: 33805 na-library.klarnaservices.com — Cisco Umbrella Rank: 8735	386 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	452 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2599	16 KB
2	doofinder.com cdn.doofinder.com — Cisco Umbrella Rank: 34109 eu1-search.doofinder.com — Cisco Umbrella Rank: 88621	100 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5554	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	59 KB
1	nexi.it ecommerce.nexi.it — Cisco Umbrella Rank: 671983	62 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
94	10

	Domain	Requested by
48	prd.cms.thefirmshop.com	www.thefirmshop.com
27	www.thefirmshop.com	www.thefirmshop.com
3	cdn.jsdelivr.net	www.thefirmshop.com cdn.jsdelivr.net
2	na-library.klarnaservices.com	eu-library.klarnaservices.com
2	t.paypal.com	www.thefirmshop.com
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.paypal.com	www.thefirmshop.com www.paypal.com
2	widget.trustpilot.com	www.thefirmshop.com widget.trustpilot.com
1	eu1-search.doofinder.com	cdn.doofinder.com
1	connect.facebook.net	www.thefirmshop.com
1	cdn.doofinder.com	www.thefirmshop.com
1	eu-library.klarnaservices.com	www.thefirmshop.com
1	ecommerce.nexi.it	www.thefirmshop.com
1	fonts.googleapis.com	www.thefirmshop.com
94	14

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
it-it.facebook.com
www.instagram.com
goo.gl
www.happybrain.it
www.doofinder.com

Subject Issuer	Validity	Valid
www.thefirmshop.com E1	`2024-04-14` - `2024-07-13`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
ecommerce.nexi.it DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-28`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
*.klarnaservices.com Amazon RSA 2048 M03	`2024-02-24` - `2025-03-23`	a year	crt.sh
prd.cms.thefirmshop.com E1	`2024-04-02` - `2024-07-01`	3 months	crt.sh
1648062886.rsc.cdn77.org R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-20` - `2024-05-20`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
doofinder.com Amazon RSA 2048 M02	`2024-04-22` - `2025-05-21`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.thefirmshop.com/
Frame ID: 72B4F53B8CE29D5A73C1735D824E2A3E
Requests: 93 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5e4bcb7d9f19c600019900c7
Frame ID: BFFD8075AE7808BABA97E76B607B0E34
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 60E7F2972A6DC9BB34EC1B83452CE6EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terrace and Casual Clothing, Sneakers and Accessories | The Firm Shop

Page URL History Show full URLs

http://www.thefirmshop.com/ HTTP 307
https://www.thefirmshop.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

16
IPs

4
Countries

9345 kB
Transfer

13609 kB
Size

4
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=393517382150

Search URL Search Domain Scan URL

URL: https://it-it.facebook.com/TheFirmShopOfficial/
Title: fb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thefirmshop_/
Title: Instagram Icon

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/DcFvbuvDmdMh3h2r8
Title: Find the shop

Search URL Search Domain Scan URL

URL: https://www.happybrain.it/
Title: Created by Happy Brain

Search URL Search Domain Scan URL

URL: https://www.doofinder.com/?mktcod=REF1&utm_source=referrals&utm_medium=REF1
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thefirmshop.com/ HTTP 307
https://www.thefirmshop.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thefirmshop.com/
Redirect Chain

http://www.thefirmshop.com/
https://www.thefirmshop.com/

1 MB
141 KB

695ms
579ms

Document
text/html

2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be21e12d16c65cdb284c3bea4c67030c9bc26b88e2bdb67764003744e0f2a61

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: MISS
cf-ray: 882c57b14d029042-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 12 May 2024 18:06:26 GMT
server: cloudflare
vary: Accept-Encoding
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200

Redirect headers

Location: https://www.thefirmshop.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 doofinder.css
cdn.jsdelivr.net/npm/doofinder@latest/dist/ 9 KB
3 KB 172ms
84ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/doofinder@latest/dist/doofinder.css

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdfa74c79499907c0e94b6a37224e89056ce278504f443e298c22d4e89888b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 12 May 2024 18:06:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 29686
x-jsd-version: 5.13.4
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2668
x-served-by: cache-fra-eddf8230105-FRA, cache-cph2320027-CPH
x-jsd-version-type: version
etag: W/"22dd-uX1+NvFaZfaZw4Rw/uyQfYedAwg"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 May 2024 17:11:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 May 2024 18:06:26 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 339 KB
55 KB 127ms
39ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 12 May 2024 18:06:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 22597
x-jsd-version: 7.4.47
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55843
x-served-by: cache-fra-etou8220025-FRA, cache-cph2320027-CPH
x-jsd-version-type: version
etag: W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 149ms
46ms Script
application/x-javascript 18.66.192.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-82.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 01:19:22 GMT
content-encoding: gzip
via: 1.1 89efe3a7854e47cf7f1fe47e28e39348.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P1
age: 60740
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: VL8oAl_BGSgCbUuiX19Zut_vYe-jfWou80JA5Ynza8Eg5wFj_OVlvg==

GET
H/1.1 200
OK js Show response
ecommerce.nexi.it/ecomm/XPayBuild/ 61 KB
62 KB 276ms
149ms Script
text/javascript 151.99.162.65
ASN-IBSNAZ

General

Check archive.org

Show headers Download Go to

Full URL: https://ecommerce.nexi.it/ecomm/XPayBuild/js?alias=payment_2119758
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 151.99.162.65 Porto Recanati, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS: host-151-99-162-65.business.telecomitalia.it
Software: /
Resource Hash: bf1c86680832373102cfbcff4a8c6e1bae076ac8f5478980ef7699c52b796a57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 12 May 2024 18:06:26 GMT
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: text/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, content-type, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Disposition

GET
H2 200 js Show response
www.paypal.com/sdk/ 303 KB
83 KB 516ms
428ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AYDRcrsHZJ8CBPmVjbKczQtLMk1J3NZBgm_oUxv8cX75_dPV-sszkF7T0qcKkzQlIgY1yXp6EilDxIJ9&currency=EUR&disable-funding=sofort,mybank

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

140b5b6075f048fd906b80acc1df07450163c07647d8a40b974248ac1ef17359

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-NJ9P0pIH2AwFmB05czCBiYaMSNFNlnZea7zEHcS1vjMxlh/c' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NJ9P0pIH2AwFmB05czCBiYaMSNFNlnZea7zEHcS1vjMxlh/c' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-NJ9P0pIH2AwFmB05czCBiYaMSNFNlnZea7zEHcS1vjMxlh/c' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-NJ9P0pIH2AwFmB05czCBiYaMSNFNlnZea7zEHcS1vjMxlh/c' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Sun, 12 May 2024 18:06:26 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f778500bfc6ea
server-timing: "traceparent;desc="00-0000000000000000000f778500bfc6ea-52672c797b7752ff-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83158
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220093-FRA, cache-fra-etou8220093-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f778500bfc6ea-19141cd29ad227cb-01
x-timer: S1715537186.162117,VS0,VE389
etag: W/"144d6-bqamupuTGFFDXovqyXhESx+DNJQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 180dcb2.js Show response
www.thefirmshop.com/_nuxt/ 4 KB
2 KB 74ms
72ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c60f9c199f307e54ea559d3a4484bf5f028826c395f3a2804e1003b9be3f66

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"e22-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9e79042-FRA

GET
H2 200 6bb2ec2.js Show response
www.thefirmshop.com/_nuxt/ 357 KB
120 KB 150ms
148ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/6bb2ec2.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149dc4e50b2e2357829bfd405aa02576801a853c527de2198f337d5456ef5f3b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"5923d-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9e99042-FRA

GET
H2 200 5092893.js Show response
www.thefirmshop.com/_nuxt/ 2 MB
320 KB 126ms
124ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/5092893.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e0cd4a439c95f3dd0b1befcfd3d8a2b28f8224ef824cfe3f207dc44526296e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"194f2e-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9ea9042-FRA

GET
H2 200 e48c9a3.js Show response
www.thefirmshop.com/_nuxt/ 521 KB
113 KB 78ms
76ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/e48c9a3.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab53e5a0c0bb4d1dc2db81aedd9fb3a5f75e3da27763b0bf2b58e0c99b03c46

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"823b9-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9ef9042-FRA

GET
H2 200 c528429.js Show response
www.thefirmshop.com/_nuxt/ 44 KB
11 KB 75ms
73ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/c528429.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6608fdfe5904cb9fbe86cc96ea4bc938982da9d1e1c7df797082257a20fdbc4f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782189
x-do-orig-status: 200
etag: W/"aef8-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9f29042-FRA

GET
H2 200 48711d5.js Show response
www.thefirmshop.com/_nuxt/ 73 KB
26 KB 76ms
74ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/48711d5.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1edd9898223de9f76b395b60c99ca5c60d46207d024b2e01bf59a4242d90ce6d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"1251c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9f49042-FRA

GET
H2 200 cafeef7.js Show response
www.thefirmshop.com/_nuxt/ 29 KB
8 KB 76ms
75ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/cafeef7.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98355216ca10b22f97b02c14a9fd614143fe83902ea693e07637d6e190dad75

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"748d-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9f59042-FRA

GET
H2 200 4070f11.js Show response
www.thefirmshop.com/_nuxt/ 38 KB
27 KB 76ms
75ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/4070f11.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12d06c818a2c96e538da72d56e3ded37b0fe6af394f61328ddfa2e0ec88ab95

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"99eb-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9f79042-FRA

GET
H2 200 37663ec.js Show response
www.thefirmshop.com/_nuxt/ 14 KB
4 KB 76ms
75ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/37663ec.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b20a74d80deee07da9b3976b2483872fca22294ffad108b299f60cc86e2fd1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777116
x-do-orig-status: 200
etag: W/"3861-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57b4f9f89042-FRA

GET
H2 200 lib.js Show response
eu-library.klarnaservices.com/ 57 KB
58 KB 283ms
186ms Script
application/javascript 108.138.36.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-library.klarnaservices.com/lib.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-17.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9382eba83b6c53b2cd8ce2e437822859370edefb3963792b8459c73356fbac7f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
x-amz-version-id: vWLaUP8P6HZuJ1buSuFuROqPk2aykVhN
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
x-amz-request-id: N9H6X2T812G4D27M
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 58618
x-amz-id-2: bgV4If/8bI8acks0KkrK93436Uu0GsnYLWLjFDsptdb7SjZSGABwjf+dKLkMmB06u9+/ykRnxrk=
last-modified: Fri, 10 May 2024 08:56:41 GMT
server: AmazonS3
x-amz-meta-sdk-version: 0.0.244
etag: "bf86976e875e73d7ad5e6b9eb083c5c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=60
accept-ranges: bytes
x-amz-cf-id: T7rk8Gv4khLFrXSukCid6r7Daw5VRR06ofxm-f0M6dOA3qs312QS6g==

GET
H2 200 f77963ce-2fe0-4def-9264-761407d46f48
prd.cms.thefirmshop.com/assets/ 154 KB
155 KB 172ms
63ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/f77963ce-2fe0-4def-9264-761407d46f48

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

9ed16ce63bb57923f96b5a3db6df1c5bed86ca62aa99e91ee8e7083ad2ef987b

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243399
x-do-orig-status: 200
x-powered-by: Directus
content-length: 158090
cf-bgj: h2pri
last-modified: Mon, 29 Apr 2024 13:20:04 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b5fe721e30-FRA

GET
H2 200 8492caf8-d77f-4fe1-956a-dd54b7eaccf8
prd.cms.thefirmshop.com/assets/ 153 KB
153 KB 210ms
102ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/8492caf8-d77f-4fe1-956a-dd54b7eaccf8

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

c17fce3bfd2b3cb72ad4bb6c361caa3992a1b9223cad25bc7846c0c72f67f932

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 34113
x-do-orig-status: 200
x-powered-by: Directus
content-length: 156274
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:15:42 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b5fe761e30-FRA

GET
H2 200 a7856cea-4b86-4df1-a540-c0cf9b7ce1fc
prd.cms.thefirmshop.com/assets/ 122 KB
123 KB 56ms
55ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/a7856cea-4b86-4df1-a540-c0cf9b7ce1fc

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

c862e550c844406fac4b694efbd670efab0b2da3f631e7a624ba12608161bc8a

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 439696
x-do-orig-status: 200
x-powered-by: Directus
content-length: 125318
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:16:17 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b6d86b1e30-FRA

GET
H2 200 03bf8242-c5be-4e29-9925-1472381e4bab
prd.cms.thefirmshop.com/assets/ 452 KB
453 KB 63ms
63ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/03bf8242-c5be-4e29-9925-1472381e4bab

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

3962013cdc868acdd525de19c2dc5619d1e61a4c19786722e753d67da13cd4fb

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243399
x-do-orig-status: 200
x-powered-by: Directus
content-length: 463301
cf-bgj: h2pri
last-modified: Wed, 17 Apr 2024 07:21:44 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b6d86e1e30-FRA

GET
H2 200 22868af8-56ca-4327-aa81-ef1af3bace92
prd.cms.thefirmshop.com/assets/ 292 KB
293 KB 57ms
56ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/22868af8-56ca-4327-aa81-ef1af3bace92

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

ff97f9f86f5b3b5438d6c8b8bf0d89e5ca97e1c52b4835815522b7373f93b176

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246800
x-do-orig-status: 200
x-powered-by: Directus
content-length: 299479
cf-bgj: h2pri
last-modified: Wed, 03 Apr 2024 10:34:02 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b7390e1e30-FRA

GET
H2 200 d6ccd97f-8f60-447f-bbef-15c7d48084e3
prd.cms.thefirmshop.com/assets/ 411 KB
412 KB 91ms
91ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/d6ccd97f-8f60-447f-bbef-15c7d48084e3

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

4a89c81d77a20da474e1cbbe54fa52fbdd4b2c90ae2d2ec1047d7c85dc827b80

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509527
x-do-orig-status: 200
x-powered-by: Directus
content-length: 420840
cf-bgj: h2pri
last-modified: Wed, 03 Apr 2024 10:33:37 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b8cbc41e30-FRA

GET
H2 200 b9925ea4-9693-4fa2-b10c-9ed2e9a75fe2
prd.cms.thefirmshop.com/assets/ 421 KB
421 KB 99ms
98ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/b9925ea4-9693-4fa2-b10c-9ed2e9a75fe2

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

05b7f8478db18522a17e80e5117fc20e86a39897f82cbf10cfc64444ed07e29f

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243398
x-do-orig-status: 200
x-powered-by: Directus
content-length: 430818
cf-bgj: h2pri
last-modified: Wed, 17 Apr 2024 07:22:07 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c6e1e30-FRA

GET
H2 200 0fd16cfb-52da-4e05-a147-609c4bf1b847
prd.cms.thefirmshop.com/assets/ 1 MB
1 MB 107ms
106ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/0fd16cfb-52da-4e05-a147-609c4bf1b847

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

b59413a333b81394512782feb25f173a1205d372f66924b5706459728885601a

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509527
x-do-orig-status: 200
x-powered-by: Directus
content-length: 1112204
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:22:00 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c731e30-FRA

GET
H2 200 18064325-5063-4190-9385-2b76aa0a33ea
prd.cms.thefirmshop.com/assets/ 675 KB
676 KB 107ms
106ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/18064325-5063-4190-9385-2b76aa0a33ea

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

bb71e783c9ce21b88aa042b6b920814a59b3f0a8a517b0d5ad0651731040baec

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243398
x-do-orig-status: 200
x-powered-by: Directus
content-length: 691295
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:23:13 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c7a1e30-FRA

GET
H2 200 f2ebbf7f-0381-4f9c-8edc-8546ee52be4c
prd.cms.thefirmshop.com/assets/ 841 KB
842 KB 89ms
88ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/f2ebbf7f-0381-4f9c-8edc-8546ee52be4c

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

20ab9ae13894611d202c2e201347e6bb256ac75320ed6fe0bc40078353f10751

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 861590
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:23:47 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c7c1e30-FRA

GET
H2 200 926ec202-0182-4398-ab15-48c2d8626a17
prd.cms.thefirmshop.com/assets/ 508 KB
509 KB 108ms
107ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/926ec202-0182-4398-ab15-48c2d8626a17

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

04aa437d3b24b5e5e614cb9e03830ee644fb1dc561c8b46f36533246fe141662

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 520051
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:26:10 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c7e1e30-FRA

GET
H2 200 603057cc-ca45-47f5-9753-5945f76638bb
prd.cms.thefirmshop.com/assets/ 538 KB
539 KB 107ms
106ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/603057cc-ca45-47f5-9753-5945f76638bb

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

a077589351071fb5993643efec8a89021587681c89b5d9f80bf2c922063985ae

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243398
x-do-orig-status: 200
x-powered-by: Directus
content-length: 550897
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:26:36 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c811e30-FRA

GET
H2 200 738dbb96-56a3-4965-883e-9c2202fe7a45
prd.cms.thefirmshop.com/assets/ 525 KB
526 KB 107ms
106ms Image
image/jpeg 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/738dbb96-56a3-4965-883e-9c2202fe7a45

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

774bcd47ed2549101f023dd56fbce0b1851f9cc8b8cc4ff2c4078f9b4b437a37

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243398
x-do-orig-status: 200
x-powered-by: Directus
content-length: 537787
cf-bgj: h2pri
last-modified: Tue, 30 Apr 2024 15:27:27 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/jpeg
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57b91c841e30-FRA

GET
H2 200 email-decode.min.js Show response
www.thefirmshop.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
852 B 42ms
42ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thefirmshop.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 882c57b77d279042-FRA
expires: Tue, 14 May 2024 18:06:26 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 50ms
49ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.thefirmshop.com&t=xo&v=5.0.437&source=payments_sdk&client_id=AYDRcrsHZJ8CBPmVjbKczQtLMk1J3NZBgm_oUxv8cX75_dPV-sszkF7T0qcKkzQlIgY1yXp6EilDxIJ9&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AYDRcrsHZJ8CBPmVjbKczQtLMk1J3NZBgm_oUxv8cX75_dPV-sszkF7T0qcKkzQlIgY1yXp6EilDxIJ9&currency=EUR&disable-funding=sofort,mybank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5df0e1fd5c10f03fb57a09f7e38a4e416961daaf482426482e7286a9ea6e7b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-lXUXtysrtpgfZrayWMqd5oXHyhviVhS5rZooCQdtjRMXiSXL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-lXUXtysrtpgfZrayWMqd5oXHyhviVhS5rZooCQdtjRMXiSXL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 May 2024 18:06:26 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 64480
x-cache: HIT, MISS
paypal-debug-id: f845439f1748b
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4781
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220093-FRA, cache-fra-etou8220093-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f845439f1748b-7d16a4d7555ddb0f-01
x-timer: S1715537187.732651,VS0,VE9
etag: W/"3672-QsMzwXRax9xmUE3uRWZsU4i50fg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 doofinder-fullscreen.7.latest.min.js Show response
cdn.doofinder.com/media/js/ 379 KB
100 KB 129ms
39ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doofinder.com/media/js/doofinder-fullscreen.7.latest.min.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6bd5d9a1966dd14934d3e3bdc66077bae4e61bff7acd56fa8a78184c5d76f58e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Sun, 12 May 2024 18:06:26 GMT
content-encoding: gzip
x-amz-request-id: tx0000021940659f40a481b-006530cc10-2bbae03-prg
x-cache: HIT
x-77-cache: HIT
x-age: 299274
x-accel-date: 1715237912
x-77-nzt: AsO1qhE3Nzf/CpEEAG09Wg0Mu30A
x-accel-expires: @1716274693
x-77-age: 299274
last-modified: Wed, 18 Oct 2023 12:30:22 GMT
server: CDN77-Turbo
etag: W/"eb4ef5d9b74c37c91ce65e5d7975ac6b"
x-77-nzt-ray: 4c1562243f305af1220541663befef30
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: s-maxage=1036800, max-age=14400

GET
H2 200 sf-ui-text-regular-webfont.10142e1.woff2
www.thefirmshop.com/_nuxt/fonts/ 22 KB
22 KB 52ms
52ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/sf-ui-text-regular-webfont.10142e1.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b83f42614a23b74961d89e9b56773c4a198de882e2d89003403c47fecd5ad0fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777114
x-do-orig-status: 200
etag: W/"592c-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57b92fbe9042-FRA
content-length: 22828

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 117ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/e48c9a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 May 2024 18:06:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 2mFWE/X88sqfZRn/oycbwG9IK22fCeMk1Rcb71yaqFFlQQxBf0yoZZpp2dqq0mqIcs5lTPlwWTwLZOuwUOJlUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sf-ui-text-semibold-webfont.88a4be6.woff2
www.thefirmshop.com/_nuxt/fonts/ 25 KB
25 KB 91ms
91ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/sf-ui-text-semibold-webfont.88a4be6.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9604a821c2b1ce5f0e2e62bdda123f1b1edd2ef2cdfca4b85ff07098ab3d039d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777115
x-do-orig-status: 200
etag: W/"62dc-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57baa9a89042-FRA
content-length: 25308

GET
H2 200 oswald-medium-webfont.fcddcb9.woff2
www.thefirmshop.com/_nuxt/fonts/ 19 KB
19 KB 68ms
67ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/oswald-medium-webfont.fcddcb9.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48bb162eb5d7285681b6f48755b0b0fd63c489e669d53f52d16b887ff97660b4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777115
x-do-orig-status: 200
etag: W/"4c90-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57baa9ac9042-FRA
content-length: 19600

GET
H2 200 sf-ui-text-medium-webfont.34fe496.woff2
www.thefirmshop.com/_nuxt/fonts/ 25 KB
25 KB 78ms
78ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/sf-ui-text-medium-webfont.34fe496.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e196dc6cf5fb830248c6cef1271c0354241321f9868a11b277ae097bab973db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777115
x-do-orig-status: 200
etag: W/"6234-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57baa9ad9042-FRA
content-length: 25140

GET
H2 200 oswald-semibold-webfont.5db3714.woff2
www.thefirmshop.com/_nuxt/fonts/ 19 KB
19 KB 71ms
71ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/oswald-semibold-webfont.5db3714.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859828dd3ec802c8116565380797065bde62b72d1ff79dee5e47a3e86e7c8fac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777115
x-do-orig-status: 200
etag: W/"4bf4-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57baa9ae9042-FRA
content-length: 19444

GET
H2 200 sf-ui-text-bold-webfont.1fd5ea3.woff2
www.thefirmshop.com/_nuxt/fonts/ 24 KB
24 KB 80ms
80ms Font
font/woff2 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fonts/sf-ui-text-bold-webfont.1fd5ea3.woff2
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b02fface8569f1d824bd9c08b6571a29633918499661d41d7501b0fa0de64a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 777115
x-do-orig-status: 200
etag: W/"6028-49773873e8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 882c57baa9af9042-FRA
content-length: 24616

GET
H2 200 mega-menu Show response
prd.cms.thefirmshop.com/website/products/ 2 KB
2 KB 155ms
73ms XHR
application/json 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prd.cms.thefirmshop.com/website/products/mega-menu

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/6bb2ec2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

171e768ad8797aff4cb9674f5a54d57d6d6fc9c6a692040df6907dd9c8802c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding: br
cf-cache-status: MISS
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Directus
server: cloudflare
etag: W/"973-5JuTz3e2Q8dpUNRLeQLMwEbQk/8"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thefirmshop.com
access-control-expose-headers: Content-Range
cache-control: private
access-control-allow-credentials: true
cf-ray: 882c57ba7d6590d4-FRA

GET
H2 200 mega-menu Show response
prd.cms.thefirmshop.com/website/products/ 2 KB
256 B 205ms
64ms XHR
application/json 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prd.cms.thefirmshop.com/website/products/mega-menu

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/6bb2ec2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

171e768ad8797aff4cb9674f5a54d57d6d6fc9c6a692040df6907dd9c8802c60

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding: br
cf-cache-status: MISS
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 304
x-powered-by: Directus
server: cloudflare
etag: W/"973-5JuTz3e2Q8dpUNRLeQLMwEbQk/8"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thefirmshop.com
access-control-expose-headers: Content-Range
cache-control: private
access-control-allow-credentials: true
cf-ray: 882c57bafdd890d4-FRA

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 394 KB
394 KB 82ms
39ms Font
font/woff2 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 12 May 2024 18:06:27 GMT
x-content-type-options: nosniff
age: 13675
x-jsd-version: 7.4.47
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 403216
x-served-by: cache-fra-etou8220111-FRA
x-jsd-version-type: version
etag: W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 95b6e893-10f6-4bca-ab8b-d23acc326b1b
prd.cms.thefirmshop.com/assets/ 10 KB
10 KB 58ms
50ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/95b6e893-10f6-4bca-ab8b-d23acc326b1b

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

8821ad3233e1819bf93ce2083904968ce462a613559442e802619d400bdadad7

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 337262
x-do-orig-status: 200
x-powered-by: Directus
content-length: 10224
last-modified: Wed, 29 Sep 2021 13:55:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ebd1e30-FRA

GET
H2 200 7e40b408-013a-44f0-8a1a-895cfbb86611
prd.cms.thefirmshop.com/assets/ 5 KB
5 KB 118ms
110ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/7e40b408-013a-44f0-8a1a-895cfbb86611

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

350e49e9085906338d6a3563cf92a2ffe8071e4f273da9f6ac886059e2d14e9f

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246800
x-do-orig-status: 200
x-powered-by: Directus
content-length: 5051
last-modified: Wed, 29 Sep 2021 14:14:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ebf1e30-FRA

GET
H2 200 bc22114a-ab19-480e-8733-63b8d2eba114
prd.cms.thefirmshop.com/assets/ 4 KB
4 KB 109ms
101ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/bc22114a-ab19-480e-8733-63b8d2eba114

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

940d9709f694e9949ac4317d35654cc2daae79f6d67d5f5c3c28eb91557581ed

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 4386
last-modified: Wed, 29 Sep 2021 14:08:16 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ec01e30-FRA

GET
H2 200 05e13ceb-d0c9-4cb6-a05c-b988b18c4239
prd.cms.thefirmshop.com/assets/ 4 KB
4 KB 69ms
61ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/05e13ceb-d0c9-4cb6-a05c-b988b18c4239

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

63982ae47b82aa898a2498fd0fc0b514dd5f3d352486f5e84edb50ff9d38498a

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 4141
last-modified: Wed, 29 Sep 2021 14:06:27 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ec41e30-FRA

GET
H2 200 7d71ccd2-0641-42e6-a651-d70aa339ce9f
prd.cms.thefirmshop.com/assets/ 7 KB
7 KB 59ms
51ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/7d71ccd2-0641-42e6-a651-d70aa339ce9f

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

a9a4c4949e761dff3977cb9b3615c7e0a4b99e38b9207d277d93b38e275d359c

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 6679
last-modified: Wed, 29 Sep 2021 14:13:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ec61e30-FRA

GET
H2 200 6d2c5b58-f647-455b-8441-e55bd648024a
prd.cms.thefirmshop.com/assets/ 15 KB
15 KB 65ms
57ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/6d2c5b58-f647-455b-8441-e55bd648024a

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

92656277fd338e1514347a5e3e7b4ba00f63d3abbe2e591c1c6ad0edc30b241a

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246800
x-do-orig-status: 200
x-powered-by: Directus
content-length: 15065
last-modified: Thu, 22 Feb 2024 08:45:59 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8ec81e30-FRA

GET
H2 200 6a841ef9-01c8-484c-b495-cd5628178ad9
prd.cms.thefirmshop.com/assets/ 5 KB
5 KB 116ms
108ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/6a841ef9-01c8-484c-b495-cd5628178ad9

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

969f1a5491f9d574386e1515d9e66147717fd0a228bd6e3ff28dcf08e81b6687

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 304999
x-do-orig-status: 200
x-powered-by: Directus
content-length: 5320
last-modified: Wed, 29 Sep 2021 14:09:07 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba8eca1e30-FRA

GET
H2 200 123be626-2bef-4550-8b42-d79f1a61f1cf
prd.cms.thefirmshop.com/assets/ 39 KB
40 KB 65ms
57ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/123be626-2bef-4550-8b42-d79f1a61f1cf

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

a34bb93bd57fca72a493c24ba8da1059f52159a3fb0bbdf1beaf18d3cd031f45

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 40405
last-modified: Thu, 24 Nov 2022 13:35:35 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed11e30-FRA

GET
H2 200 4a485078-30bd-43dc-931c-d91b09dad16d
prd.cms.thefirmshop.com/assets/ 3 KB
3 KB 114ms
106ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/4a485078-30bd-43dc-931c-d91b09dad16d

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

22d4833643b3734c76da9003e13144e8251093a12d4cc15dcae8cdccbce35b68

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 543489
x-do-orig-status: 200
x-powered-by: Directus
content-length: 2969
last-modified: Wed, 29 Sep 2021 13:54:03 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed21e30-FRA

GET
H2 200 63a4c579-9ae7-46af-ba73-ea2d31af79bd
prd.cms.thefirmshop.com/assets/ 148 KB
148 KB 109ms
101ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/63a4c579-9ae7-46af-ba73-ea2d31af79bd

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

6277d9f9ca9e00b4e7feb3128673660e387b065b4389d602e0c5fcc1eea07f7e

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 151646
last-modified: Mon, 13 Feb 2023 14:37:05 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed41e30-FRA

GET
H2 200 e4ffbfaa-bbd5-4431-babc-92b25c7c9213
prd.cms.thefirmshop.com/assets/ 10 KB
10 KB 60ms
53ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/e4ffbfaa-bbd5-4431-babc-92b25c7c9213

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

a5036596b2cc18d6bd075b30966ce6de9c1a259adad1c6208174e0df23f5d484

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 10244
last-modified: Wed, 29 Sep 2021 14:12:37 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed61e30-FRA

GET
H2 200 a2321e5a-54a6-4767-8514-18d8b4d8703c
prd.cms.thefirmshop.com/assets/ 3 KB
3 KB 113ms
106ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/a2321e5a-54a6-4767-8514-18d8b4d8703c

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

ceeeda08f0ec41b775afb7878fa8b6213a0ff0858557597d3c3c0d8dff19930e

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 3236
last-modified: Wed, 27 Oct 2021 10:11:37 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed71e30-FRA

GET
H2 200 748d7113-88f5-46bb-af56-2c2b7a3a1513
prd.cms.thefirmshop.com/assets/ 5 KB
5 KB 61ms
54ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/748d7113-88f5-46bb-af56-2c2b7a3a1513

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

3e5d2b8c0a7ad5556f6ef1b008dfc416d2310a187ec560f97030e1da97e5ff5e

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 524504
x-do-orig-status: 200
x-powered-by: Directus
content-length: 5284
last-modified: Wed, 29 Sep 2021 14:12:16 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed81e30-FRA

GET
H2 200 6af4cdd1-110d-47e6-992f-fd108d7a5e73
prd.cms.thefirmshop.com/assets/ 18 KB
19 KB 68ms
61ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/6af4cdd1-110d-47e6-992f-fd108d7a5e73

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

efed87be6cb25530121cf2e64d5570a809cd9840ee99af6782e4f33ad6dd8103

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 18917
last-modified: Thu, 14 Jul 2022 12:49:36 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ed91e30-FRA

GET
H2 200 b3756f71-fe89-41b6-af3f-17fbafc95b0a
prd.cms.thefirmshop.com/assets/ 120 KB
121 KB 115ms
108ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/b3756f71-fe89-41b6-af3f-17fbafc95b0a

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

1a31b5a7c727a9c98c54a117842054e3abe8d62057fc763156488e8028db2e9d

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509527
x-do-orig-status: 200
x-powered-by: Directus
content-length: 123240
last-modified: Mon, 13 Feb 2023 17:18:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9edb1e30-FRA

GET
H2 200 32b519be-3a40-4ba3-a0cc-8e80cd39cb69
prd.cms.thefirmshop.com/assets/ 123 KB
123 KB 66ms
59ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/32b519be-3a40-4ba3-a0cc-8e80cd39cb69

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

e6aab1ba0c404c49982e7d0d751f77832b5135e59f737cc921e8a080df9fc518

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246800
x-do-orig-status: 200
x-powered-by: Directus
content-length: 126023
last-modified: Tue, 14 Feb 2023 16:47:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9edc1e30-FRA

GET
H2 200 9f4c4d07-2085-4069-b7a9-e63c8b99adf2
prd.cms.thefirmshop.com/assets/ 44 KB
44 KB 111ms
105ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/9f4c4d07-2085-4069-b7a9-e63c8b99adf2

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

ed7980bf2404e38ea33a94af64312fd794379031f3da8f6f7e4c293da8170b7e

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 44936
last-modified: Wed, 29 Sep 2021 14:12:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ede1e30-FRA

GET
H2 200 fcf8bf66-0006-415c-8ebc-803e77102ac1
prd.cms.thefirmshop.com/assets/ 3 KB
3 KB 110ms
104ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/fcf8bf66-0006-415c-8ebc-803e77102ac1

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

7079939137e91d274222391f18768c0c0c81ab6fe1b971bf3625f0c4928dfc29

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 3301
last-modified: Wed, 29 Sep 2021 14:14:41 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9edf1e30-FRA

GET
H2 200 c3fbf8eb-085a-4378-8a9c-582015748027
prd.cms.thefirmshop.com/assets/ 6 KB
6 KB 105ms
99ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/c3fbf8eb-085a-4378-8a9c-582015748027

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

b2978a05a76eab992c1b848d18a7947b2e691aab49247868dee8b73232e09280

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 526675
x-do-orig-status: 200
x-powered-by: Directus
content-length: 6422
last-modified: Wed, 29 Sep 2021 13:52:29 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee01e30-FRA

GET
H2 200 e5ce0a7c-ac61-4871-a61e-08a4200172a7
prd.cms.thefirmshop.com/assets/ 1 KB
2 KB 104ms
98ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/e5ce0a7c-ac61-4871-a61e-08a4200172a7

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

122ca97cfbf177c1cf0489bd6d5e770f0c5bc89ada66075fa56fee5424b7122d

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 1526
last-modified: Wed, 07 Sep 2022 15:37:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee21e30-FRA

GET
H2 200 fb015016-448c-4e52-b8ba-eddcf78e5474
prd.cms.thefirmshop.com/assets/ 55 KB
55 KB 69ms
63ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/fb015016-448c-4e52-b8ba-eddcf78e5474

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

0adbded798f874d4022659ebf86d60be3fd8ddf0ad69b0027297e60be37eb225

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 56648
last-modified: Thu, 15 Sep 2022 09:27:42 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee61e30-FRA

GET
H2 200 e39535bf-086c-4bf3-9038-fa88c99abb0d
prd.cms.thefirmshop.com/assets/ 17 KB
18 KB 68ms
62ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/e39535bf-086c-4bf3-9038-fa88c99abb0d

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

1180b98afaf8574a2a59b99d8a1929b9cb5e7f2f0412698c853e14c3a2a2e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243397
x-do-orig-status: 200
x-powered-by: Directus
content-length: 17840
last-modified: Wed, 29 Sep 2021 14:10:12 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee71e30-FRA

GET
H2 200 78d4e62c-0206-4275-b33c-b94eaf71bbc8
prd.cms.thefirmshop.com/assets/ 3 KB
3 KB 67ms
62ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/78d4e62c-0206-4275-b33c-b94eaf71bbc8

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

5ca86661167d26dcb4cc5eec7488c9aa0af50bd658f6d99e0899e6a6fd55ec7a

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 337261
x-do-orig-status: 200
x-powered-by: Directus
content-length: 2728
last-modified: Wed, 29 Sep 2021 14:11:18 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee81e30-FRA

GET
H2 200 ac2490a5-2922-4e87-baf9-2ca5b0ed69c2
prd.cms.thefirmshop.com/assets/ 22 KB
22 KB 104ms
99ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/ac2490a5-2922-4e87-baf9-2ca5b0ed69c2

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

bc12f21ca2ebf7f0a18af636edad94cd5a26138600aab5887915f1bdc9a541eb

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509526
x-do-orig-status: 200
x-powered-by: Directus
content-length: 22577
last-modified: Wed, 29 Sep 2021 13:53:32 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9ee91e30-FRA

GET
H2 200 3b0dc6af-3f55-4eaf-b7bf-dca491e0dd4a
prd.cms.thefirmshop.com/assets/ 54 KB
54 KB 105ms
100ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/3b0dc6af-3f55-4eaf-b7bf-dca491e0dd4a

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

433b4cf8f99d89c8374f336b64055fc4061d50d2f841d6c7907074385a84666c

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 538413
x-do-orig-status: 200
x-powered-by: Directus
content-length: 55169
last-modified: Fri, 05 Apr 2024 16:48:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9eea1e30-FRA

GET
H2 200 54013b24-532d-467d-b559-1417bf251182
prd.cms.thefirmshop.com/assets/ 102 KB
103 KB 108ms
103ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/54013b24-532d-467d-b559-1417bf251182

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

4538667071893f3cf69bc43ca74fe9f09d07c3b564a37f574dde98db00993c60

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:26 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246800
x-do-orig-status: 200
x-powered-by: Directus
content-length: 104865
last-modified: Wed, 29 Sep 2021 14:06:47 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57ba9eeb1e30-FRA

GET
H2 200 dde3207d-42dd-432d-8343-efd08b58bc97
prd.cms.thefirmshop.com/assets/ 21 KB
21 KB 177ms
172ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/dde3207d-42dd-432d-8343-efd08b58bc97

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

6bd3720faa359fa9ad9dfedc70466f48a784bcaffb339bfd80434fe816cb6e6b

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 246801
x-do-orig-status: 200
x-powered-by: Directus
content-length: 21112
last-modified: Wed, 18 Oct 2023 15:34:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf2a1e30-FRA

GET
H2 200 a7c131b3-ac04-4be2-9512-60590ae797ce
prd.cms.thefirmshop.com/assets/ 10 KB
10 KB 178ms
173ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/a7c131b3-ac04-4be2-9512-60590ae797ce

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

75d62246b1a6542b2efc3fbb4ab48ebce153bf29c8b0d784e28b247e604421fc

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 510618
x-do-orig-status: 200
x-powered-by: Directus
content-length: 10259
last-modified: Wed, 29 Sep 2021 13:52:51 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf2b1e30-FRA

GET
H2 200 89d1c04a-8f43-421c-a41d-e8a997c10949
prd.cms.thefirmshop.com/assets/ 6 KB
6 KB 115ms
110ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/89d1c04a-8f43-421c-a41d-e8a997c10949

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

da7401efba58567438a8cde757ce146b5489b16fd77905d4507ac204b5bbd2e0

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509527
x-do-orig-status: 200
x-powered-by: Directus
content-length: 6152
last-modified: Wed, 04 Oct 2023 13:37:09 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf2d1e30-FRA

GET
H2 200 6f722a18-b170-47a4-bbb6-3de460d91e13
prd.cms.thefirmshop.com/assets/ 123 KB
123 KB 115ms
111ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/6f722a18-b170-47a4-bbb6-3de460d91e13

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

f49a963ef5c006d6e74cce65ed12aad4c9a25ed3c8cd987b1105be8c1df30b14

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 32007
x-do-orig-status: 200
x-powered-by: Directus
content-length: 125747
last-modified: Fri, 05 Aug 2022 09:03:42 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf2e1e30-FRA

GET
H2 200 752ee6f1-600b-405e-b910-524bfeaade30
prd.cms.thefirmshop.com/assets/ 7 KB
7 KB 177ms
173ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/752ee6f1-600b-405e-b910-524bfeaade30

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

160d28b31b6481c3e11c47469da73a6aed24bc7b0d5cbed3fa83c323dd34ea66

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 243398
x-do-orig-status: 200
x-powered-by: Directus
content-length: 7001
last-modified: Wed, 29 Sep 2021 14:08:40 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf2f1e30-FRA

GET
H2 200 afee3d69-af46-4587-b32d-3685dd981002
prd.cms.thefirmshop.com/assets/ 3 KB
3 KB 178ms
174ms Image
image/png 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prd.cms.thefirmshop.com/assets/afee3d69-af46-4587-b32d-3685dd981002

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

b0bfad76fc68c61e2537428c8b644058d8ea53c84a5be387be7c0a1010fb68c3

Security Headers

Name	Value
Content-Security-Policy	default-src none

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: default-src none
cf-cache-status: HIT
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
age: 509527
x-do-orig-status: 200
x-powered-by: Directus
content-length: 3407
last-modified: Wed, 29 Sep 2021 14:10:59 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: image/png
access-control-expose-headers: Content-Range
cache-control: public, max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 882c57bacf301e30-FRA

GET
H2 200 products Show response
prd.cms.thefirmshop.com/items/ 11 KB
5 KB 81ms
77ms XHR
application/json 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prd.cms.thefirmshop.com/items/products?filter={%22catalog_visibility%22:{%22_in%22:[%22visible%22,%22online%22]},%22_or%22:[{%22stock_status%22:{%22_eq%22:%22instock%22}},{%22outofstock_visible%22:{%22_eq%22:true}}]}&fields=*,brands_id.id,%20brands_id.logo_image,%20brands_id.name,%20images.*,%20colors_id.name_it,%20categories_id.id,%20categories_id.name_it,%20categories_id.name_en,%20types_id.id,%20types_id.name_it,%20types_id.name_en&sort=sort,-id&limit=4

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/6bb2ec2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Directus

Resource Hash

d45cf26cb7d66c8be84cc2482cc047ceb7cdd8deb4a738c3c70d5c1850cfff83

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-security-policy: script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding: br
cf-cache-status: MISS
x-do-app-origin: 74d1db55-e6a8-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
x-powered-by: Directus
server: cloudflare
etag: W/"2bd3-VBKODiMniwWZEW6bXMlMUflOp00"
vary: Origin, Cache-Control, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thefirmshop.com
access-control-expose-headers: Content-Range
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 882c57ba9d8090d4-FRA

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame BFFD 0
0 144ms
54ms Document
text/html 18.66.192.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5e4bcb7d9f19c600019900c7

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-102.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thefirmshop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 57381
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Sun, 12 May 2024 02:10:07 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Mon, 08 May 2023 11:42:34 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-id: hBwPoGOK87le5o-sHI4l2jjvursAEne0qBx1prIeY2gtz7C0XEt1Wg==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 157ms
38ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.thefirmshop.com&t=xo&v=5.0.437&source=payments_sdk&client_id=AYDRcrsHZJ8CBPmVjbKczQtLMk1J3NZBgm_oUxv8cX75_dPV-sszkF7T0qcKkzQlIgY1yXp6EilDxIJ9&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1550f3b1b1785
dc: ccg11-origin-www-1.paypal.com
content-length: 16355
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000001550f3b1b1785-96964d672eeadaff-01
etag: "64f25363-daa8+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sun, 12 May 2024 19:06:27 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 274ms
188ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQ36WZMTGXVPX4-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQ36WZMTGXVPX4-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=168e73dc-6648-40b7-a8d6-87607ae8c58f&fltp=analytics&mrid=Q36WZMTGXVPX4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Terrace%20and%20Casual%20Clothing%2C%20Sneakers%20and%20Accessories%20%7C%20The%20Firm%20Shop&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715537187026&g=-120&completeurl=https%3A%2F%2Fwww.thefirmshop.com%2F&disableSetCookie=true

Requested by

Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 12 May 2024 18:06:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6e7e232f97d80
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220059-FRA
pragma: no-cache
correlation-id: 6e7e232f97d80
traceparent: 00-00000000000000000006e7e232f97d80-cdc75dd0c0bac7a2-01
x-timer: S1715537187.135190,VS0,VE147
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:06:27 GMT

GET
H2 200 c1b9609ee2ec128ad61513bac80cac73 Show response
eu1-search.doofinder.com/5/options/ 336 B
469 B 173ms
60ms Fetch
application/json 185.48.120.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu1-search.doofinder.com/5/options/c1b9609ee2ec128ad61513bac80cac73?www.thefirmshop.com
Requested by: Host: cdn.doofinder.com
URL: https://cdn.doofinder.com/media/js/doofinder-fullscreen.7.latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.48.120.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-185-48-120-192.eu-west-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 4b61327dca318ff8117cd3d319e9e4745b2ebcd6dabd80bc6f97b31b3e707f17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: gzip
server: Cowboy
vary: accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thefirmshop.com
cache-control: public, max-age=3600
content-length: 241
x-request-id: F87P-4DXhNMB-AkWYqXC

GET
H2 200 runtime-config.json Show response
na-library.klarnaservices.com/config/ 907 B
2 KB 303ms
196ms Fetch
application/json 108.138.36.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://na-library.klarnaservices.com/config/runtime-config.json
Requested by: Host: eu-library.klarnaservices.com
URL: https://eu-library.klarnaservices.com/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-36.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27f163617c1a9c92b85329c4aecfadbd88b73078047854f4ac4ef6eb2c8c4392

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:28 GMT
x-amz-version-id: DhTjOBBpDFcX.rihm50.6fik8pwnL_Zb
via: 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
x-amz-request-id: AT6FY2WQFFNRS6AZ
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 907
x-amz-id-2: fZcWN68lVb/sjY1g9+yo321z9NOohPwBbPs3KAIm4GdRxgpj3l/qkuSk4nR3rFK1BisM/BbiSTU=
last-modified: Fri, 10 May 2024 08:57:08 GMT
server: AmazonS3
etag: "a6b90354daed0c76f7d0ad0ddf10d1d2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: public,max-age=60
accept-ranges: bytes
x-amz-cf-id: T2yvXvF_EBIqyVWUv4QBnWXWlhYz4xHK2LN82kZbdhqFi4CMlhsAYg==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 6db87fb.js Show response
www.thefirmshop.com/_nuxt/ 24 KB
6 KB 61ms
60ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/6db87fb.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd9c21618f69d0dbfd957da4dbb9086f199e69837e461ba60f6e874fbe392ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 782190
x-do-orig-status: 200
etag: W/"60e8-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb809042-FRA

GET
H2 200 54eec34.js Show response
www.thefirmshop.com/_nuxt/ 75 KB
17 KB 66ms
65ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/54eec34.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df285a056572a742dac014d0b16f7f652596416959b45885b053043e9a55312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 780897
x-do-orig-status: 200
etag: W/"12c6e-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb829042-FRA

GET
H2 200 6e24f22.js Show response
www.thefirmshop.com/_nuxt/ 2 KB
1 KB 59ms
58ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/6e24f22.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5cf3be9f5cf363045cd9de871ddd7254a722ef1d1faeaa0ab4b6ff987a6aad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 66383
x-do-orig-status: 200
etag: W/"98c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb849042-FRA

GET
H2 200 fdcbdac.js Show response
www.thefirmshop.com/_nuxt/ 75 KB
17 KB 63ms
62ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/fdcbdac.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87476f91cd6f1adeefad94c9202b9c6ec875d80aa13e8eede55b29a0b70d190

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 780897
x-do-orig-status: 200
etag: W/"12bb4-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb859042-FRA

GET
H2 200 5a39c25.js Show response
www.thefirmshop.com/_nuxt/ 3 KB
1 KB 67ms
66ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/5a39c25.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20eed979744d6a8ceaf0d179021abb3176771be06f1a8f61dd731d7f895915b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 780897
x-do-orig-status: 200
etag: W/"bc1-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb879042-FRA

GET
H2 200 846d54e.js Show response
www.thefirmshop.com/_nuxt/ 5 KB
2 KB 65ms
64ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/846d54e.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73db7e4f4083111e2bfea0c2bff971be484c21bdc8d8ec0c204a18f6c59ba230

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 66383
x-do-orig-status: 200
etag: W/"158c-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb889042-FRA

GET
H2 200 c1678e9.js Show response
www.thefirmshop.com/_nuxt/ 77 KB
17 KB 59ms
59ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/c1678e9.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7409cab24229e68801735801723003bda60b4eec10f67a89a08962703da50d57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 775975
x-do-orig-status: 200
etag: W/"134ea-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb8b9042-FRA

GET
H2 200 1f4f08e.js Show response
www.thefirmshop.com/_nuxt/ 1 KB
578 B 69ms
69ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/1f4f08e.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d19aca65c5eb76cbeaa0570d5f7af5f79edf0d33ab9fb83de647f1c1495cd191

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 781300
x-do-orig-status: 200
etag: W/"521-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb8c9042-FRA

GET
H2 200 d3f0766.js Show response
www.thefirmshop.com/_nuxt/ 4 KB
1 KB 67ms
67ms Script
application/javascript 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/_nuxt/d3f0766.js
Requested by: Host: www.thefirmshop.com
URL: https://www.thefirmshop.com/_nuxt/180dcb2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7e391d8671044f2681890a8d5ffd02bdd5dccad3d49b39d453b1e32c41ad04a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
age: 775975
x-do-orig-status: 200
etag: W/"e1e-49773873e8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 882c57bbcb8d9042-FRA

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 60E7 0
0 148ms
38ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thefirmshop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16754
content-type: text/html
date: Sun, 12 May 2024 18:06:27 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc+gzip"
expires: Sun, 12 May 2024 19:06:27 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: 4b612c75f0ed5
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000004b612c75f0ed5-f5edd47f336983ed-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 sdk.js Show response
na-library.klarnaservices.com/v1/0.0.244/ 326 KB
327 KB 183ms
183ms Script
application/javascript 108.138.36.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://na-library.klarnaservices.com/v1/0.0.244/sdk.js
Requested by: Host: eu-library.klarnaservices.com
URL: https://eu-library.klarnaservices.com/lib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-36.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98f143aecd904eac7fc2cfc2eff51c2a2c640c6247ff2771d89babb8e6027aa4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.thefirmshop.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:28 GMT
x-amz-version-id: oH0v6_Ocu_R7AfORe1O2F44UUrf6PO6E
via: 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
x-amz-request-id: AT656NVWDWXRNP14
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 333323
x-amz-id-2: 2W/KU0o7FBsbNkIFpyGs7pLvcR32WZDSjjfJj2wbZmkuXiv07fUC7y630hBNrQDVHHX/RrkBG4frcK0XoyM9Tg==
last-modified: Fri, 10 May 2024 08:56:40 GMT
server: AmazonS3
x-amz-meta-sdk-version: 0.0.244
etag: "635b6bd3f59f5d633809c58726b3716e"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: public,max-age=315360000
accept-ranges: bytes
x-amz-cf-id: CjNoUHwxLei0Z24G2KabVNvbUTlL1_M5OJlOlkKWIItnOZ4ZpTOBBw==

GET
H2 200 ts
t.paypal.com/ 42 B
167 B 203ms
202ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQ36WZMTGXVPX4-1&page=muse%3Aoffer%3A%3A%3AQ36WZMTGXVPX4-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=168e73dc-6648-40b7-a8d6-87607ae8c58f&es=visitorInfoFlowStarted&mrid=Q36WZMTGXVPX4&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Terrace%20and%20Casual%20Clothing%2C%20Sneakers%20and%20Accessories%20%7C%20The%20Firm%20Shop&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715537187357&g=-120&completeurl=https%3A%2F%2Fwww.thefirmshop.com%2F&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 12 May 2024 18:06:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 3849488453f5f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220059-FRA
pragma: no-cache
correlation-id: 3849488453f5f
traceparent: 00-00000000000000000003849488453f5f-7f8c1e01860ea1e2-01
x-timer: S1715537187.379675,VS0,VE163
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:06:27 GMT

GET
H2 200 favicon.ico
www.thefirmshop.com/ 15 KB
3 KB 75ms
74ms Other
image/x-icon 2a06:98c1:58::60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thefirmshop.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de93b22564e63f4166fd5eda30ae2b667e19cb2e3baf4f99a516e8b59b6afc9e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.thefirmshop.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 12 May 2024 18:06:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
x-do-app-origin: eeb25a8f-e6a8-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
etag: W/"3aee-49773873e8"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=0
cf-ray: 882c57bd1d719042-FRA

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thefirmshop.com/	1969-12-31 23:59:59	Name: auth.strategy Value:
www.thefirmshop.com/	1970-01-21 05:17:53	Name: i18n_redirected Value: en
.www.thefirmshop.com/	1970-01-20 20:32:18	Name: __cf_bm Value: 2yFLKAm9LXgaGlkqCOcdAxnMqsra2UpwG4grHhcHwAM-1715537186-1.0.1.1-pE.wpyPQk0smB2YhZit5n.DgWujoHWuDYXgyHHJDD7UvXrfmAHB0vBNkk8HOQ2qeVIvTmwSUOgsjHLVmEsItbQ
.prd.cms.thefirmshop.com/	1970-01-20 20:32:18	Name: __cf_bm Value: IjgJcK5OgJP4aZALWQqf4aKdA72Wosu9kk1kO7XUa54-1715537186-1.0.1.1-Ni4yuBOfZ8M1wz_kZ2SvRpu8jonTWjmZ98FVzd8e2DD04He1tWeY8X5B_OoeovCbals5ugWtrOIFbkRclzIjsA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.doofinder.com
cdn.jsdelivr.net
connect.facebook.net
ecommerce.nexi.it
eu-library.klarnaservices.com
eu1-search.doofinder.com
fonts.googleapis.com
na-library.klarnaservices.com
prd.cms.thefirmshop.com
t.paypal.com
widget.trustpilot.com
www.paypal.com
www.paypalobjects.com
www.thefirmshop.com
108.138.36.17
108.138.36.36
151.101.1.35
151.101.129.229
151.101.193.21
151.99.162.65
18.66.192.102
18.66.192.82
185.48.120.192
192.229.221.25
2a00:1450:4001:82a::200a
2a02:6ea0:c700::19
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42::485
2a06:98c1:58::60
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
04aa437d3b24b5e5e614cb9e03830ee644fb1dc561c8b46f36533246fe141662
04e0cd4a439c95f3dd0b1befcfd3d8a2b28f8224ef824cfe3f207dc44526296e
05b7f8478db18522a17e80e5117fc20e86a39897f82cbf10cfc64444ed07e29f
0adbded798f874d4022659ebf86d60be3fd8ddf0ad69b0027297e60be37eb225
0bd9c21618f69d0dbfd957da4dbb9086f199e69837e461ba60f6e874fbe392ca
1180b98afaf8574a2a59b99d8a1929b9cb5e7f2f0412698c853e14c3a2a2e6bb
122ca97cfbf177c1cf0489bd6d5e770f0c5bc89ada66075fa56fee5424b7122d
140b5b6075f048fd906b80acc1df07450163c07647d8a40b974248ac1ef17359
149dc4e50b2e2357829bfd405aa02576801a853c527de2198f337d5456ef5f3b
160d28b31b6481c3e11c47469da73a6aed24bc7b0d5cbed3fa83c323dd34ea66
171e768ad8797aff4cb9674f5a54d57d6d6fc9c6a692040df6907dd9c8802c60
1a31b5a7c727a9c98c54a117842054e3abe8d62057fc763156488e8028db2e9d
1edd9898223de9f76b395b60c99ca5c60d46207d024b2e01bf59a4242d90ce6d
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
20ab9ae13894611d202c2e201347e6bb256ac75320ed6fe0bc40078353f10751
22d4833643b3734c76da9003e13144e8251093a12d4cc15dcae8cdccbce35b68
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27f163617c1a9c92b85329c4aecfadbd88b73078047854f4ac4ef6eb2c8c4392
350e49e9085906338d6a3563cf92a2ffe8071e4f273da9f6ac886059e2d14e9f
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
3962013cdc868acdd525de19c2dc5619d1e61a4c19786722e753d67da13cd4fb
3e196dc6cf5fb830248c6cef1271c0354241321f9868a11b277ae097bab973db
3e5d2b8c0a7ad5556f6ef1b008dfc416d2310a187ec560f97030e1da97e5ff5e
433b4cf8f99d89c8374f336b64055fc4061d50d2f841d6c7907074385a84666c
4538667071893f3cf69bc43ca74fe9f09d07c3b564a37f574dde98db00993c60
48bb162eb5d7285681b6f48755b0b0fd63c489e669d53f52d16b887ff97660b4
4a89c81d77a20da474e1cbbe54fa52fbdd4b2c90ae2d2ec1047d7c85dc827b80
4b61327dca318ff8117cd3d319e9e4745b2ebcd6dabd80bc6f97b31b3e707f17
4be21e12d16c65cdb284c3bea4c67030c9bc26b88e2bdb67764003744e0f2a61
5b5cf3be9f5cf363045cd9de871ddd7254a722ef1d1faeaa0ab4b6ff987a6aad
5ca86661167d26dcb4cc5eec7488c9aa0af50bd658f6d99e0899e6a6fd55ec7a
6277d9f9ca9e00b4e7feb3128673660e387b065b4389d602e0c5fcc1eea07f7e
63982ae47b82aa898a2498fd0fc0b514dd5f3d352486f5e84edb50ff9d38498a
6608fdfe5904cb9fbe86cc96ea4bc938982da9d1e1c7df797082257a20fdbc4f
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
6bd3720faa359fa9ad9dfedc70466f48a784bcaffb339bfd80434fe816cb6e6b
6bd5d9a1966dd14934d3e3bdc66077bae4e61bff7acd56fa8a78184c5d76f58e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7079939137e91d274222391f18768c0c0c81ab6fe1b971bf3625f0c4928dfc29
73db7e4f4083111e2bfea0c2bff971be484c21bdc8d8ec0c204a18f6c59ba230
7409cab24229e68801735801723003bda60b4eec10f67a89a08962703da50d57
75d62246b1a6542b2efc3fbb4ab48ebce153bf29c8b0d784e28b247e604421fc
774bcd47ed2549101f023dd56fbce0b1851f9cc8b8cc4ff2c4078f9b4b437a37
859828dd3ec802c8116565380797065bde62b72d1ff79dee5e47a3e86e7c8fac
87b20a74d80deee07da9b3976b2483872fca22294ffad108b299f60cc86e2fd1
8821ad3233e1819bf93ce2083904968ce462a613559442e802619d400bdadad7
8df285a056572a742dac014d0b16f7f652596416959b45885b053043e9a55312
91c60f9c199f307e54ea559d3a4484bf5f028826c395f3a2804e1003b9be3f66
92656277fd338e1514347a5e3e7b4ba00f63d3abbe2e591c1c6ad0edc30b241a
9382eba83b6c53b2cd8ce2e437822859370edefb3963792b8459c73356fbac7f
940d9709f694e9949ac4317d35654cc2daae79f6d67d5f5c3c28eb91557581ed
9604a821c2b1ce5f0e2e62bdda123f1b1edd2ef2cdfca4b85ff07098ab3d039d
969f1a5491f9d574386e1515d9e66147717fd0a228bd6e3ff28dcf08e81b6687
98f143aecd904eac7fc2cfc2eff51c2a2c640c6247ff2771d89babb8e6027aa4
9ed16ce63bb57923f96b5a3db6df1c5bed86ca62aa99e91ee8e7083ad2ef987b
a077589351071fb5993643efec8a89021587681c89b5d9f80bf2c922063985ae
a34bb93bd57fca72a493c24ba8da1059f52159a3fb0bbdf1beaf18d3cd031f45
a5036596b2cc18d6bd075b30966ce6de9c1a259adad1c6208174e0df23f5d484
a5b02fface8569f1d824bd9c08b6571a29633918499661d41d7501b0fa0de64a
a5df0e1fd5c10f03fb57a09f7e38a4e416961daaf482426482e7286a9ea6e7b5
a9a4c4949e761dff3977cb9b3615c7e0a4b99e38b9207d277d93b38e275d359c
b0bfad76fc68c61e2537428c8b644058d8ea53c84a5be387be7c0a1010fb68c3
b2978a05a76eab992c1b848d18a7947b2e691aab49247868dee8b73232e09280
b59413a333b81394512782feb25f173a1205d372f66924b5706459728885601a
b83f42614a23b74961d89e9b56773c4a198de882e2d89003403c47fecd5ad0fc
b87476f91cd6f1adeefad94c9202b9c6ec875d80aa13e8eede55b29a0b70d190
bb71e783c9ce21b88aa042b6b920814a59b3f0a8a517b0d5ad0651731040baec
bc12f21ca2ebf7f0a18af636edad94cd5a26138600aab5887915f1bdc9a541eb
bf1c86680832373102cfbcff4a8c6e1bae076ac8f5478980ef7699c52b796a57
c12d06c818a2c96e538da72d56e3ded37b0fe6af394f61328ddfa2e0ec88ab95
c17fce3bfd2b3cb72ad4bb6c361caa3992a1b9223cad25bc7846c0c72f67f932
c862e550c844406fac4b694efbd670efab0b2da3f631e7a624ba12608161bc8a
c98355216ca10b22f97b02c14a9fd614143fe83902ea693e07637d6e190dad75
cab53e5a0c0bb4d1dc2db81aedd9fb3a5f75e3da27763b0bf2b58e0c99b03c46
cdfa74c79499907c0e94b6a37224e89056ce278504f443e298c22d4e89888b86
ceeeda08f0ec41b775afb7878fa8b6213a0ff0858557597d3c3c0d8dff19930e
d19aca65c5eb76cbeaa0570d5f7af5f79edf0d33ab9fb83de647f1c1495cd191
d45cf26cb7d66c8be84cc2482cc047ceb7cdd8deb4a738c3c70d5c1850cfff83
da7401efba58567438a8cde757ce146b5489b16fd77905d4507ac204b5bbd2e0
de93b22564e63f4166fd5eda30ae2b667e19cb2e3baf4f99a516e8b59b6afc9e
e6aab1ba0c404c49982e7d0d751f77832b5135e59f737cc921e8a080df9fc518
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ed7980bf2404e38ea33a94af64312fd794379031f3da8f6f7e4c293da8170b7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed87be6cb25530121cf2e64d5570a809cd9840ee99af6782e4f33ad6dd8103
f20eed979744d6a8ceaf0d179021abb3176771be06f1a8f61dd731d7f895915b
f49a963ef5c006d6e74cce65ed12aad4c9a25ed3c8cd987b1105be8c1df30b14
f7e391d8671044f2681890a8d5ffd02bdd5dccad3d49b39d453b1e32c41ad04a
ff97f9f86f5b3b5438d6c8b8bf0d89e5ca97e1c52b4835815522b7373f93b176

www.thefirmshop.com Open in urlscan Pro 2a06:98c1:58::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

100 %HTTPS

33 %IPv6

10 Domains

14 Subdomains

16 IPs

4 Countries

9345 kBTransfer

13609 kBSize

4 Cookies

6 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thefirmshop.com Open in urlscan Pro
2a06:98c1:58::60 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

100 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

16
IPs

4
Countries

9345 kB
Transfer

13609 kB
Size

4
Cookies

94 HTTP transactions
1 data transactions