urlscan.io logo urlscan.io
SecurityTrails logo

www.legalshield.com Open in urlscan Pro
2606:4700:4400::6812:27b0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://groups.uat-shield-service.com/
Effective URL: https://www.legalshield.com/
Submission: On November 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 9 countries across 76 domains to perform 275 HTTP transactions. The main IP is 2606:4700:4400::6812:27b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.legalshield.com. The Cisco Umbrella rank of the primary domain is 473847.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2022. Valid for: a year.
This is the only time www.legalshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
37 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.205.251.151 16625 (AKAMAI-AS)
29 2606:4700:440... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
16 149.3.133.19 20860 (IOMART-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 143.204.215.85 16509 (AMAZON-02)
1 33 209.54.182.161 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 108.157.4.81 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 6 142.250.186.102 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 99.86.4.11 16509 (AMAZON-02)
4 44.199.71.207 14618 (AMAZON-AES)
1 151.101.65.131 54113 (FASTLY)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
2 54.161.222.185 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 151.101.1.140 54113 (FASTLY)
3 99.86.4.108 16509 (AMAZON-02)
1 18.66.248.71 16509 (AMAZON-02)
4 65.9.66.6 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.72.138.89 14618 (AMAZON-AES)
1 3.126.202.50 16509 (AMAZON-02)
3 5 37.252.171.52 29990 (ASN-APPNEX)
1 185.86.139.114 201081 (SMARTADSE...)
1 3 54.76.86.77 16509 (AMAZON-02)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
2 4 3.66.124.166 16509 (AMAZON-02)
1 3 104.76.200.221 16625 (AKAMAI-AS)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 3.122.138.253 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
1 212.82.100.182 34010 (YAHOO-IRD)
2 2 2.16.186.10 20940 (AKAMAI-ASN1)
1 1 13.226.147.102 16509 (AMAZON-02)
3 54.72.167.131 16509 (AMAZON-02)
2 2 54.217.24.103 16509 (AMAZON-02)
1 107.21.155.183 14618 (AMAZON-AES)
1 188.65.124.66 41690 (DAILYMOTI...)
1 1 34.230.221.167 14618 (AMAZON-AES)
1 3 69.173.144.165 26667 (RUBICONPR...)
2 4 54.229.43.180 16509 (AMAZON-02)
1 1 34.98.67.61 396982 (GOOGLE-CL...)
2 2 37.157.3.29 198622 (ADFORM)
2 4 185.94.180.125 35220 (SPOTX-AMS)
1 3 18.197.178.27 16509 (AMAZON-02)
1 1 52.28.196.126 16509 (AMAZON-02)
4 4 142.250.184.226 15169 (GOOGLE)
1 44.207.237.180 14618 (AMAZON-AES)
2 2 108.157.4.15 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
1 1 172.64.154.237 13335 (CLOUDFLAR...)
1 13.248.245.213 16509 (AMAZON-02)
2 2 77.243.60.138 42697 (NETIC-AS)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 54.78.254.47 16509 (AMAZON-02)
1 1 45.79.140.212 63949 (LINODE-AP...)
1 1 151.101.194.132 54113 (FASTLY)
1 1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 141.226.228.48 200478 (TABOOLA-AS)
2 2a03:2880:f12... 32934 (FACEBOOK)
3 20.75.32.255 8075 (MICROSOFT...)
2 4 108.138.17.118 16509 (AMAZON-02)
2 18.66.9.91 16509 (AMAZON-02)
1 34.207.12.71 14618 (AMAZON-AES)
2 2600:9000:214... 16509 (AMAZON-02)
2 13.32.27.30 16509 (AMAZON-02)
4 9 193.0.160.128 54312 (ROCKETFUEL)
2 3.229.160.205 14618 (AMAZON-AES)
2 18.184.216.10 16509 (AMAZON-02)
2 88.221.168.23 16625 (AKAMAI-AS)
4 35.244.174.68 15169 (GOOGLE)
2 52.55.72.99 14618 (AMAZON-AES)
3 4 151.101.194.49 54113 (FASTLY)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 34.117.39.58 396982 (GOOGLE-CL...)
1 185.59.220.194 60068 (CDN77 ^_^)
275 73
10    2606:4700:4400::ac40:925f (United States)

ASN13335 (CLOUDFLARENET, US)
groups.uat-shield-service.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
37    2606:4700:4400::6812:27b0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.legalshield.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    23.205.251.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-251-151.deploy.static.akamaitechnologies.com
se.monetate.net
29    2606:4700:4400::ac40:9394 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-eildb.nitrocdn.com
7    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    149.3.133.19 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: 19-133-3-149.rackcentre.redstation.net.uk
livechat.sentimentmetrics.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    143.204.215.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-85.fra53.r.cloudfront.net
solutions.invocacdn.com
33    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.157.4.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-81.dus51.r.cloudfront.net
container.pepperjam.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
11988031.fls.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.86.4.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-11.fra6.r.cloudfront.net
tag.getdrip.com
4    44.199.71.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-71-207.compute-1.amazonaws.com
tags.srv.stackadapt.com
1    151.101.65.131 (United States)

ASN54113 (FASTLY, US)
8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com
2    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    54.161.222.185 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-222-185.compute-1.amazonaws.com
d.monetate.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
3    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
assets.ubembed.com
builder-assets.unbounce.com
1    18.66.248.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-71.dus51.r.cloudfront.net
invitejs.trustpilot.com
4    65.9.66.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-6.fra56.r.cloudfront.net
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.72.138.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-138-89.compute-1.amazonaws.com
pnapi.invoca.net
1    3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
5    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
aa.agkn.com
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    3.66.124.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-166.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    3.122.138.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-138-253.eu-central-1.compute.amazonaws.com
t.myvisualiq.net
3    2600:1f18:612b:4216:f6:411e:ff52:dd4b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
amazon.partners.tremorhub.com
partners.tremorhub.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    13.226.147.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-147-102.dus51.r.cloudfront.net
www.imdb.com
3    54.72.167.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    54.217.24.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-24-103.eu-west-1.compute.amazonaws.com
match.360yield.com
1    107.21.155.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-155-183.compute-1.amazonaws.com
usersync.samplicio.us
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
1    34.230.221.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-221-167.compute-1.amazonaws.com
ads.samba.tv
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    54.229.43.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-43-180.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    18.197.178.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-178-27.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    52.28.196.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    44.207.237.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-237-180.compute-1.amazonaws.com
usermatch.krxd.net
2    108.157.4.15 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    77.243.60.138 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadus.exelator.com
1    45.79.140.212 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-09.ninthdecimal.com
lciapi.ninthdecimal.com
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
pi.ispot.tv
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
4    108.138.17.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-118.fra56.r.cloudfront.net
live.rezync.com
2    18.66.9.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-9-91.txl50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    34.207.12.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-12-71.compute-1.amazonaws.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com
2    2600:9000:214f:ca00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
2    13.32.27.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-30.fra56.r.cloudfront.net
cdn.boomtrain.com
9    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
20840888p.rfihub.com
20842111p.rfihub.com
a.rfihub.com
p.rfihub.com
2    3.229.160.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-160-205.compute-1.amazonaws.com
people.api.boomtrain.com
2    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
4    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    52.55.72.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-72-99.compute-1.amazonaws.com
bpi.rtactivate.com
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com
www.upsellit.com
1    185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net
to.getnitropack.com
Apex Domain
Subdomains		 Transfer
37 legalshield.com
www.legalshield.com — Cisco Umbrella Rank: 473847
3 MB
33 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
24 KB
29 nitrocdn.com
cdn-eildb.nitrocdn.com — Cisco Umbrella Rank: 546476
243 KB
16 sentimentmetrics.com
livechat.sentimentmetrics.com — Cisco Umbrella Rank: 310749
134 KB
13 doubleclick.net
11988031.fls.doubleclick.net — Cisco Umbrella Rank: 954010
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
3 KB
10 uat-shield-service.com
groups.uat-shield-service.com
465 KB
9 rfihub.com
20840888p.rfihub.com
20842111p.rfihub.com — Cisco Umbrella Rank: 892806
a.rfihub.com — Cisco Umbrella Rank: 2999
p.rfihub.com — Cisco Umbrella Rank: 695
14 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
69 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1311
b.clarity.ms — Cisco Umbrella Rank: 9400
c.clarity.ms — Cisco Umbrella Rank: 1864
57 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
338 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
4 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
5 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5922
adservice.google.de — Cisco Umbrella Rank: 8709
2 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4753
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
ajax.googleapis.com — Cisco Umbrella Rank: 304
34 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
158 B
4 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5221
people.api.boomtrain.com — Cisco Umbrella Rank: 5523
51 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1800
6 KB
4 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1181
lm.serving-sys.com — Cisco Umbrella Rank: 1931
985 B
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
4 KB
4 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
token.rubiconproject.com — Cisco Umbrella Rank: 544
1 KB
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 530
usermatch.krxd.net — Cisco Umbrella Rank: 1283
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
1 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
www.linkedin.com — Cisco Umbrella Rank: 576
px4.ads.linkedin.com — Cisco Umbrella Rank: 6256
3 KB
4 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1409
748 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
c.bing.com — Cisco Umbrella Rank: 241
12 KB
4 ubembed.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com — Cisco Umbrella Rank: 719611
assets.ubembed.com — Cisco Umbrella Rank: 9418
8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com
54 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 2846
7 KB
4 monetate.net
se.monetate.net — Cisco Umbrella Rank: 5255
d.monetate.net — Cisco Umbrella Rank: 17130
66 KB
3 tremorhub.com
amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5219
partners.tremorhub.com — Cisco Umbrella Rank: 1057
547 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
cms.analytics.yahoo.com — Cisco Umbrella Rank: 835
681 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1192
382 B
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1668
217 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 535
1 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 926
688 B
2 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5148
13 KB
2 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
38 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 16461
36 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
203 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 882
image6.pubmatic.com — Cisco Umbrella Rank: 662
775 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1134
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
546 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
998 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3075
871 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 679
2 KB
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1547
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
112 KB
2 invocacdn.com
solutions.invocacdn.com — Cisco Umbrella Rank: 6784
41 KB
2 gstatic.com
fonts.gstatic.com
61 KB
1 getnitropack.com
to.getnitropack.com — Cisco Umbrella Rank: 15654
468 B
1 upsellit.com
www.upsellit.com — Cisco Umbrella Rank: 11123
182 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 938
168 B
1 ispot.tv
pi.ispot.tv — Cisco Umbrella Rank: 1928
344 B
1 ninthdecimal.com
lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2854
750 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1225
324 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 339
140 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 407
304 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
633 B
1 samba.tv
ads.samba.tv — Cisco Umbrella Rank: 5346
420 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1983
122 B
1 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 2799
263 B
1 imdb.com
www.imdb.com — Cisco Umbrella Rank: 2488
879 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
471 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
163 B
1 invoca.net
pnapi.invoca.net — Cisco Umbrella Rank: 8008
275 B
1 trustpilot.com
invitejs.trustpilot.com — Cisco Umbrella Rank: 12871
4 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1504
157 B
1 getdrip.com
tag.getdrip.com — Cisco Umbrella Rank: 19821
354 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 716
5 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1398
8 KB
1 pepperjam.com
container.pepperjam.com — Cisco Umbrella Rank: 8404
10 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1039
6 KB
0 survata.com Failed
px.surveywall-api.survata.com Failed
275 76
Domain Requested by
37 www.legalshield.com groups.uat-shield-service.com
www.legalshield.com
cdn-eildb.nitrocdn.com
33 s.amazon-adsystem.com 1 redirects www.legalshield.com
s.amazon-adsystem.com
29 cdn-eildb.nitrocdn.com www.legalshield.com
16 livechat.sentimentmetrics.com www.legalshield.com
livechat.sentimentmetrics.com
10 groups.uat-shield-service.com groups.uat-shield-service.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.legalshield.com
7 www.googletagmanager.com www.legalshield.com
www.googletagmanager.com
6 11988031.fls.doubleclick.net 2 redirects www.googletagmanager.com
adservice.google.com
5 p.rfihub.com 4 redirects www.legalshield.com
5 ib.adnxs.com 3 redirects 11988031.fls.doubleclick.net
4 sync-tm.everesttech.net 3 redirects www.legalshield.com
4 idsync.rlcdn.com www.legalshield.com
11988031.fls.doubleclick.net
4 live.rezync.com 2 redirects 11988031.fls.doubleclick.net
4 cm.g.doubleclick.net 4 redirects
4 sync.search.spotxchange.com 2 redirects 11988031.fls.doubleclick.net
4 dpm.demdex.net 2 redirects 11988031.fls.doubleclick.net
4 x.bidswitch.net 2 redirects 11988031.fls.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects 11988031.fls.doubleclick.net
4 cdn.linkedin.oribi.io snap.licdn.com
4 tags.srv.stackadapt.com groups.uat-shield-service.com
tags.srv.stackadapt.com
4 fonts.googleapis.com groups.uat-shield-service.com
builder-assets.unbounce.com
3 b.clarity.ms www.clarity.ms
3 bs.serving-sys.com 1 redirects 11988031.fls.doubleclick.net
3 pixel.rubiconproject.com 1 redirects 11988031.fls.doubleclick.net
3 beacon.krxd.net s.amazon-adsystem.com
11988031.fls.doubleclick.net
3 aa.agkn.com 1 redirects 11988031.fls.doubleclick.net
3 bat.bing.com groups.uat-shield-service.com
bat.bing.com
www.legalshield.com
3 www.google.de www.legalshield.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 c.clarity.ms 1 redirects
2 partners.tremorhub.com 11988031.fls.doubleclick.net
2 x.dlx.addthis.com 11988031.fls.doubleclick.net
2 bpi.rtactivate.com 11988031.fls.doubleclick.net
2 contextual.media.net 11988031.fls.doubleclick.net
2 ps.eyeota.net www.legalshield.com
2 a.rfihub.com www.legalshield.com
2 people.api.boomtrain.com cdn.boomtrain.com
2 cdn.boomtrain.com groups.uat-shield-service.com
2 c1.rfihub.net groups.uat-shield-service.com
2 d9hhrg4mnvzow.cloudfront.net 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
2 builder-assets.unbounce.com 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
2 www.facebook.com www.legalshield.com
2 uipglob.semasio.net 2 redirects
2 sb.scorecardresearch.com 2 redirects
2 c1.adform.net 2 redirects
2 match.360yield.com 2 redirects
2 ads.stickyadstv.com 2 redirects
2 t.myvisualiq.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 www.google.com www.legalshield.com
2 adservice.google.de 2 redirects
2 px.ads.linkedin.com 2 redirects
2 adservice.google.com 11988031.fls.doubleclick.net
2 d.monetate.net se.monetate.net
www.legalshield.com
2 www.clarity.ms groups.uat-shield-service.com
www.clarity.ms
2 connect.facebook.net groups.uat-shield-service.com
connect.facebook.net
2 solutions.invocacdn.com cdn-eildb.nitrocdn.com
solutions.invocacdn.com
2 se.monetate.net www.legalshield.com
se.monetate.net
2 fonts.gstatic.com fonts.googleapis.com
1 to.getnitropack.com www.legalshield.com
1 www.upsellit.com container.pepperjam.com
1 c.bing.com 1 redirects
1 20842111p.rfihub.com c1.rfihub.net
1 20840888p.rfihub.com c1.rfihub.net
1 8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com assets.ubembed.com
1 sync.taboola.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 loadus.exelator.com s.amazon-adsystem.com
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 eb2.3lift.com s.amazon-adsystem.com
1 ssum-sec.casalemedia.com 1 redirects
1 us-u.openx.net s.amazon-adsystem.com
1 usermatch.krxd.net s.amazon-adsystem.com
1 lm.serving-sys.com 1 redirects
1 odr.mookie1.com 1 redirects
1 ads.samba.tv 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.amazon-adsystem.com
1 usersync.samplicio.us s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 cms.analytics.yahoo.com s.amazon-adsystem.com
1 amazon.partners.tremorhub.com s.amazon-adsystem.com
1 tags.bluekai.com 1 redirects
1 rtb-csync.smartadserver.com s.amazon-adsystem.com
1 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com assets.ubembed.com
1 pnapi.invoca.net solutions.invocacdn.com
1 px4.ads.linkedin.com www.legalshield.com
1 www.linkedin.com 1 redirects
1 invitejs.trustpilot.com www.legalshield.com
1 assets.ubembed.com 8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com
1 alb.reddit.com www.legalshield.com
1 region1.analytics.google.com www.googletagmanager.com
1 8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com www.googletagmanager.com
1 tag.getdrip.com groups.uat-shield-service.com
1 snap.licdn.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 container.pepperjam.com www.googletagmanager.com
1 static.cloudflareinsights.com www.legalshield.com
1 ajax.googleapis.com www.legalshield.com
0 px.surveywall-api.survata.com Failed s.amazon-adsystem.com
275 102
Subject Issuer Validity Valid
groups.uat-shield-service.com
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
legalshield.com
Cloudflare Inc ECC CA-3		 2022-07-11 -
2023-07-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.monetate.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-02 -
2023-07-06		 a year crt.sh
nitrocdn.com
Cloudflare Inc ECC CA-3		 2022-11-01 -
2023-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.sentimentmetrics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-23 -
2023-07-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
invocacdn.com
Amazon		 2022-10-24 -
2023-11-22		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.pepperjam.com
Go Daddy Secure Certificate Authority - G2		 2022-01-29 -
2023-03-02		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2022-11-22		 3 months crt.sh
*.getdrip.com
Amazon		 2022-01-28 -
2023-02-26		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2022-10-09 -
2023-11-07		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-10-09 -
2023-11-10		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
*.monetate.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-01 -
2023-10-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
assets.ubembed.com
Amazon		 2022-02-04 -
2023-03-05		 a year crt.sh
*.trustpilot.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
invoca.net
Amazon		 2022-10-24 -
2023-11-22		 a year crt.sh
*.pages.ubembed.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-28 -
2023-03-31		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.samplicio.us
Amazon		 2022-03-18 -
2023-04-16		 a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2022-10-18 -
2023-01-16		 3 months crt.sh
usermatch.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-06 -
2023-06-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
*.rezync.com
Amazon		 2021-12-26 -
2023-01-23		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.events.ubembed.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.rfihub.net
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.boomtrain.com
Amazon		 2022-03-11 -
2023-04-09		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.api.boomtrain.com
Amazon		 2022-10-16 -
2023-11-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2022-05-02 -
2023-05-09		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.upsellit.com
RapidSSL TLS RSA CA G1		 2022-10-04 -
2023-10-04		 a year crt.sh
*.getnitropack.com
Thawte RSA CA 2018		 2022-01-06 -
2023-01-06		 a year crt.sh

This page contains 15 frames:

Primary Page: https://www.legalshield.com/
Frame ID: 03DB5B8EABD6D5D2ED895FC206D6E851
Requests: 190 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Frame ID: 907561DACDC6E335ED21D3CB31EB70AC
Requests: 1 HTTP requests in this frame

Frame: https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: 20929932741A4EBB2B397EB7BFD9BE73
Requests: 1 HTTP requests in this frame

Frame: https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: E1446CEFD8C704773CE47EF01EE09EA8
Requests: 1 HTTP requests in this frame

Frame: https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Frame ID: 1D896B9DA8830436BA730930AE23DB4B
Requests: 3 HTTP requests in this frame

Frame: https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Frame ID: 02DBDA0FCAD46109DF8C7C344E7911BA
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: 8A8B06EF71DC12DF1C79E4DE0A9A0E79
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: FAAACB30D3068BABCC7772342C7C0478
Requests: 1 HTTP requests in this frame

Frame: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: EA65EEA3CC86557F82C709EBFA527CC4
Requests: 5 HTTP requests in this frame

Frame: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Frame ID: EC0FFC8B0DE2238FE28C869DF07893C1
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Frame ID: 453F6FAFECFDE4D92EA93BFD565D10FE
Requests: 42 HTTP requests in this frame

Frame: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Frame ID: 695A21B65F9A9648C3C17455DBB3F6F4
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 43992049F3341CF829F064E6AA19AFAE
Requests: 1 HTTP requests in this frame

Frame: https://20840888p.rfihub.com/ca.html?ver=9&rb=46556&ca=20840888&_o=46556&_t=20840888&pe=https%3A%2F%2F11988031.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIvRm7blrvsCFfRGHQkdUmYFtA%3Bsrc%3D11988031%3Btype%3Dlsflu0%3Bcat%3Dhomep0%3Bord%3D6236553666244%3Bgtm%3D2odb90%3Bauiddc%3D825305249.1668467401%3B%7Eoref%3Dhttps%253A%252F%252Fwww.legalshield.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=10532857125813067
Frame ID: 6C9A7E4979CD153B8AC5B22F0DEA55AE
Requests: 19 HTTP requests in this frame

Frame: https://20842111p.rfihub.com/ca.html?ver=9&rb=46556&ca=20842111&_o=46556&_t=20842111&pe=https%3A%2F%2F11988031.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIrNm7blrvsCFRlEHQkdy_APsg%3Bsrc%3D11988031%3Btype%3Dlsflu0%3Bcat%3Dls-us00%3Bord%3D3083792627875%3Bgtm%3D2wgb90%3Bauiddc%3D825305249.1668467401%3B%7Eoref%3Dhttps%253A%252F%252Fwww.legalshield.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=5268133376098023
Frame ID: BCF8B26AA4CA03543CA1ED473B99F3EC
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Prepaid Legal Services & Plans - LegalShield

Page URL History Show full URLs

  1. https://groups.uat-shield-service.com/ Page URL
  2. https://www.legalshield.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

275
Requests

81 %
HTTPS

26 %
IPv6

76
Domains

102
Subdomains

73
IPs

9
Countries

4828 kB
Transfer

12133 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://groups.uat-shield-service.com/ Page URL
  2. https://www.legalshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Request Chain 105
  • https://11988031.fls.doubleclick.net/activityi;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F HTTP 302
  • https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Request Chain 111
  • https://11988031.fls.doubleclick.net/activityi;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F HTTP 302
  • https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Request Chain 154
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2498572%252C4235730%26time%3D1668467401751%26url%3Dhttps%253A%252F%252Fwww.legalshield.com%252F%26tm%3Dgtmv2%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQL3HNJDD0SBHwAAAYR4aCYx9IRZfvwvPSVN5OwInm6YEZ20KtQ97q0Cs6IozqY4Jj1YYgU
Request Chain 165
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F HTTP 302
  • https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Request Chain 166
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F HTTP 302
  • https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Request Chain 185
  • https://ib.adnxs.com/setuid/a9?entity=188&code=_w7GO27CT5S43lWGDI82rQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D_w7GO27CT5S43lWGDI82rQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=_w7GO27CT5S43lWGDI82rQ
Request Chain 187
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=219783204335004535460&ex=neustar.biz
Request Chain 188
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=5ZelbYLSSa-qCPIB9QtNkw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=5ZelbYLSSa-qCPIB9QtNkw&C=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y3LKyp-l07z0-MIc5lD7pgAA
Request Chain 189
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=55fcede8bff450d4dadd126ba60fe82d
Request Chain 190
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Request Chain 191
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=C6fH1rDoRcOO0ER_L-cVxQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=C6fH1rDoRcOO0ER_L-cVxQ&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=C6fH1rDoRcOO0ER_L-cVxQ
Request Chain 192
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=ccc4fd4c-b0ac-4cc2-ad27-d166c161b167
Request Chain 195
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Request Chain 196
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 198
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=02b82a10-636a-4e2a-aa20-0ffd75632ec8&ex=improvedigital.com
Request Chain 201
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=104b53a9887b5ec44
Request Chain 202
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TCQYi8Y8RA-DCh4ooNqL6g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TCQYi8Y8RA-DCh4ooNqL6g
Request Chain 203
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=Wd1DHQOPStao7gm1ctjiAA&redirectId=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Wd1DHQOPStao7gm1ctjiAA
Request Chain 204
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=VX53S7LVT1yV2mfu-NU4EQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=VX53S7LVT1yV2mfu-NU4EQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91797799919823914791551740581169516974
Request Chain 205
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=TRrbs9_MS0SWjSfbEwHSvw HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811735332922892045&gdpr=&gdpr_consent=
Request Chain 207
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4805909204924635496
Request Chain 208
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=785eb6f5-6471-11ed-91e7-174deb1e0206 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=785eb677-6471-11ed-91e7-174deb1e0206
Request Chain 209
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2256048332-923b-4025-b8f1-c92cea0e3b06%22,%22Time%22:%2220221114T231003.208550%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=56048332-923b-4025-b8f1-c92cea0e3b06
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEE1DDTay4IAouDLYlmwsQNI&google_cver=1
Request Chain 212
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=57883b031b4cc7da16725dc25f29c474
Request Chain 214
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KiD9-s_RmcSEroEonzWVkzc4dOw4ZgAC
Request Chain 216
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=2769D18BCC216542
Request Chain 217
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2274428672264789033&ex=appnexus.com
Request Chain 218
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=bAu5BLuST3eV3U8eZX1phg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=bAu5BLuST3eV3U8eZX1phg
Request Chain 219
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=wyni8UCPGAR9pNdUzQoNAA&ex=rubiconproject.com&status=ok
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=eBD_oi_4SuCafiPF24lWeQ& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 222
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DCBCA72630B1C7C2D02963533
Request Chain 223
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8dfb619be94db2186895677e604e272e1750685836c8d226873be7c6e5961587
Request Chain 224
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=87D42FC8-AE12-4FFD-83F1-50AE98E68CD3
Request Chain 225
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=78108c2a-3c8c-49e1-9134-64e498acd843-tucta6c504b
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNTExNDQxNTgyOA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
Request Chain 263
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5108559725114415828&bid=omt9pi0
Request Chain 266
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559725114415828&referrer=https%3A%2F%2Fadservice.google.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db9d6db25-4b4a-4878-bd15-df7e159bd9ec%253A1668467402.787175 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Request Chain 276
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAIEYBs8wAr HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3LKywAIEYBs8wAr&_test=Y3LKywAIEYBs8wAr
Request Chain 277
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5140084922536731388&bid=omt9pi0
Request Chain 278
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAAALFCQwAW
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjUzNjczMTM4OA==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
Request Chain 285
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922536731388&referrer=https%3A%2F%2Fadservice.google.com%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db9d6db25-4b4a-4878-bd15-df7e159bd9ec%253A1668467402.787175 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Request Chain 295
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&RedC=c.clarity.ms&MXFR=33406654375E6CFE2EF47408335E6283 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&MUID=3543AC7AB91D61CF0648BE26B86C600C

275 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
groups.uat-shield-service.com/ 		1 KB
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9ed2187530a282a373481eb892f27c13b104fadb4040656333e10d31338465f0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
76a36af35c81910a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 23:09:58 GMT
last-modified
Wed, 27 Jul 2022 00:22:01 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Express
vendor-dbceee485b.css
groups.uat-shield-service.com/ 		330 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/vendor-dbceee485b.css
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6ec7638c9c608218477a4531f8ecb4405ba24e858f55b978c003607aace815a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 00:22:04 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"52846-1823d083791"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
76a36af7aaf6910a-FRA
expires
Tue, 15 Nov 2022 03:09:59 GMT
main-b5c44a9cee.css
groups.uat-shield-service.com/ 		139 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/main-b5c44a9cee.css
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c4e77ad85a1801d4b4549456c8fd70dd5c22ca6bb58c8b15ef2f061617eb499a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 00:22:03 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"22a91-1823d083171"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
76a36af7aaf7910a-FRA
expires
Tue, 15 Nov 2022 03:09:59 GMT
vendor-1bf113115c.js
groups.uat-shield-service.com/ 		1 MB
390 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/vendor-1bf113115c.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
28e1087f012ad58f271b49886cba865a844a30e3d84360764f042824d0540e51
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Fri, 18 Dec 2020 06:21:42 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"17a3d5-1767482dcf0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
76a36af7aaf8910a-FRA
expires
Tue, 15 Nov 2022 03:09:58 GMT
app-8d0718a448.js
groups.uat-shield-service.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/app-8d0718a448.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
613db24b0a85b6c3b214cb2ff4f70a89752522dd89f01f6266140fb49999c2bd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 16 Mar 2021 21:47:56 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"3983-1783d027ae0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
76a36af7aaf9910a-FRA
expires
Tue, 15 Nov 2022 03:09:58 GMT
constants-9638f51da8.js
groups.uat-shield-service.com/ 		901 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/constants-9638f51da8.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1cfd64452a2dcdf8b64c0fe8e1db7f17bbde068765d19ffa703eb3285cc7b59c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 00:22:01 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"385-1823d082ab0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
76a36af7aafa910a-FRA
expires
Tue, 15 Nov 2022 03:09:58 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/main-b5c44a9cee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:39:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 23:09:59 GMT
css
fonts.googleapis.com/ 		6 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/main-b5c44a9cee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
457e03b53ba0f6d4b2cde2d03fadc58caa2795b9d36ef251102141b607081ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:02:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 23:09:59 GMT
css
fonts.googleapis.com/ 		3 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,400italic,700
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/main-b5c44a9cee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be46c5a78261c8e659900d428a66d1bc6e728111856727a930b248ec411d033e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:09:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 23:09:59 GMT
main.html
groups.uat-shield-service.com/views/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/views/main.html
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/vendor-1bf113115c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
text/html
Referer
https://groups.uat-shield-service.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:09:59 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Mar 2021 15:41:21 GMT
server
cloudflare
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
cf-ray
76a36b00ccd4910a-FRA
Primary Request /
www.legalshield.com/ 		961 KB
124 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/app-8d0718a448.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
e13c565f738f331ab93269e5e0b285b7407258fb483d801774e4295bf0691e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://groups.uat-shield-service.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Mobile
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76a36b02794490bb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 23:10:00 GMT
link
<https://cdn-eildb.nitrocdn.com>; rel=preconnect, <https://www.legalshield.com/wp-json/>; rel="https://api.w.org/", <https://www.legalshield.com/wp-json/wp/v2/pages/34>; rel="alternate"; type="application/json", <https://www.legalshield.com/>; rel=shortlink
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache
MISS
x-cache-ctime
1668457699
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nitro-cache
HIT
x-nitro-cache-from
drop-in
x-nitro-rev
7294ff7
x-orig-cache-control
no-cache
x-powered-by
WP Engine
header.html
groups.uat-shield-service.com/views/layout/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://groups.uat-shield-service.com/views/layout/header.html
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/vendor-1bf113115c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://groups.uat-shield-service.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Mar 2021 15:41:21 GMT
server
cloudflare
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
cf-ray
76a36b023e3c910a-FRA
footer.html
groups.uat-shield-service.com/views/layout/ 		0
0
heroImage.jpg
groups.uat-shield-service.com/images/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://groups.uat-shield-service.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
15576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 18:50:24 GMT
glyphicons-halflings-regular.woff2
groups.uat-shield-service.com/fonts/ 		0
0
loading.gif
groups.uat-shield-service.com/images/ 		0
0
icon-lang.svg
groups.uat-shield-service.com/images/ 		786 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groups.uat-shield-service.com/images/icon-lang.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 16 Mar 2021 15:41:21 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-powered-by
Express
etag
W/"312-1783bb2dce8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
76a36b024e4b910a-FRA
expires
Tue, 15 Nov 2022 03:10:00 GMT
/
groups.uat-shield-service.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:925f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://groups.uat-shield-service.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Jul 2022 00:22:01 GMT
server
cloudflare
content-encoding
gzip
x-powered-by
Express
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
cf-ray
76a36b039f8f910a-FRA
legalShield_logo.svg
groups.uat-shield-service.com/images/ 		0
0
legalShield_ca_logo.png
groups.uat-shield-service.com/images/ 		0
0
iDShield_logo.svg
groups.uat-shield-service.com/images/ 		0
0
primerica.jpg
groups.uat-shield-service.com/images/ 		0
0
home.svg
groups.uat-shield-service.com/images/ 		0
0
glyphicons-halflings-regular.woff
groups.uat-shield-service.com/fonts/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 22:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 22:26:41 GMT
entry.js
se.monetate.net/js/2/a-bdbd224f/p/legalshield.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://se.monetate.net/js/2/a-bdbd224f/p/legalshield.com/entry.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.251.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-251-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a99d58d5c03d9076784d6388a9c6a48f3a7d7d2aa29f707c82b4c6b96f0e41b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 08:21:51 GMT
server
AkamaiNetStorage
etag
"8cb738b79337f74c15d7043743e3ec2d:1668414111.041513"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
3200
main.min.css
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/assets/inc/css/ 		72 B
236 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/assets/inc/css/main.min.css?ver=0.94.14
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf69bf645ade3c35f7808eca63081fad8e7251eae54ba2dacea5f5712de074c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-48"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b053b1890bb-FRA
et-divi-dynamic-tb-3504-tb-2527-34.css
www.legalshield.com/wp-content/et-cache/34/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/et-cache/34/et-divi-dynamic-tb-3504-tb-2527-34.css?ver=1668457173
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60fa44ded4b1c385f5d4323d3c9222e654d261ccc642e670143d4d37dc7f3de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Nov 2022 20:19:33 GMT
server
cloudflare
etag
W/"6372a2d5-2cf8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b057b5590bb-FRA
style.min.css
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/ 		76 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/style.min.css?ver=0.94.14
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85aedda7101b6685a52b1fb3ee5466a4dc9081b849d173d6f7dd1c3f2d65cf7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-13043"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b057b5690bb-FRA
nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
9126
etag
W/"6372a4a6-15e3d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baaa924f-FRA
link
<https://www.legalshield.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
6245
etag
W/"6372a4a6-2c6c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baac924f-FRA
link
<https://www.legalshield.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ls-iterable-public.js
www.legalshield.com/wp-content/plugins/ls-iterable/public/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/ls-iterable/public/js/ls-iterable-public.js?ver=1.0.0
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4430ded7e10c16ae61837dc01a8aa7387fb81551c599a3543156562fbb7fe46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:39:08 GMT
server
cloudflare
etag
W/"634d4cec-1fe9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b057b5790bb-FRA
headerScript.min.js
www.legalshield.com/wp-content/plugins/trustpilot-reviews/review/assets/js/ 		2 KB
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/trustpilot-reviews/review/assets/js/headerScript.min.js?ver=1.0
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f00ba3e27c018779130e2601a80ea98375b85b395fc2d13861b94bdf101cf35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:51 GMT
server
cloudflare
etag
W/"634d4cdb-60d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b082db690bb-FRA
nitro-min-68b3cde97caa4bdbde203af1041adcfb.script.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/ 		925 B
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/nitro-min-68b3cde97caa4bdbde203af1041adcfb.script.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
8819
etag
W/"6372a4a6-470"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baad924f-FRA
link
<https://www.legalshield.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown-click/script.min.js?ver=1>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-d9cd205067b2fbd2de8db84e6a654405.slick.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi_Child/vendor/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi_Child/vendor/slick/nitro-min-d9cd205067b2fbd2de8db84e6a654405.slick.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
9125
etag
W/"6372a4a6-a80e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baae924f-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi_Child/vendor/slick/slick.min.js?ver=5.9.5>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-d9cd205067b2fbd2de8db84e6a654405.index.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi_Child/vendor/invoca/ 		371 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi_Child/vendor/invoca/nitro-min-d9cd205067b2fbd2de8db84e6a654405.index.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bbb8d77bec7b86253e7b6939c10b45b93be58620d225760aa76e7ec6d66a05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
8543
etag
W/"6372a4a6-20f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baaf924f-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi_Child/vendor/invoca/index.js?ver=5.9.5>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.js
www.legalshield.com/wp-content/themes/Divi_Child/vendor/monetate/ 		1007 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/themes/Divi_Child/vendor/monetate/index.js?ver=5.9.5
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e5f9f4f2baf5bc46482336497f85e398212b3cfc015ebe903bcbe5dd2fb0c94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:33 GMT
server
cloudflare
etag
W/"634d4cc9-3ef"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b057b5890bb-FRA
js
www.googletagmanager.com/gtag/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11988031
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cf161729abfdf3cabd97f16b0140febb7312a9d934c8ca3d9ba868f267445be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44204
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 23:10:01 GMT
scs.embed.js
livechat.sentimentmetrics.com/javascripts/ 		50 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/javascripts/scs.embed.js?api-key=8f31e558-db9c-482e-8976-b1f87b253539
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
00e48c418a83b98e6c6fa971c109f31f588d94aab875a16d6409c89d3bafb218
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:00 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 22 Aug 2022 10:02:09 GMT
Server
nginx/1.18.0
ETag
W/"c71f-182c500a23b"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
nitro-min-tp.widget.bootstrap.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/bootstrap/v5/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/bootstrap/v5/nitro-min-tp.widget.bootstrap.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adda7a088f44fc5f756defdae259fefa0573e2af55e1fc397f9d69d450be1ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
4161
etag
W/"6372a4a6-4bf1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b082f5e90e2-FRA
link
<https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7450226-17
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf5835b008e55bb6d40ffa698c1541cc5fe1fe7e6a2fe66842742829330599f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43614
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 23:10:01 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11372546
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fa1bfc3f5dc8e37f72649b5aaf13a18ac21fbb95562068f4849ec2214c075ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44201
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 23:10:01 GMT
nitro-min-noimport-25ff7e74e0dc1a18ad14939a8e1dcdc0-stylesheet.css
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/combinedCss/ 		55 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/combinedCss/nitro-min-noimport-25ff7e74e0dc1a18ad14939a8e1dcdc0-stylesheet.css
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0756c85cce1371414529393018de28d1ced5139b9ea4b6c699d636e85f7e6d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
8819
etag
W/"6372a4a6-dd4c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b05baa9924f-FRA
link
<https://www.legalshield.com/combinedCss/25ff7e74e0dc1a18ad14939a8e1dcdc0-stylesheet.css>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.js
se.monetate.net/js/3/a-bdbd224f/p/legalshield.com/t1640009934/3368a7d7831290e8/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://se.monetate.net/js/3/a-bdbd224f/p/legalshield.com/t1640009934/3368a7d7831290e8/custom.js
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-bdbd224f/p/legalshield.com/entry.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.251.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-251-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
85946750fae78bc1978c117951493258dd8b1710e5f33217f35a36473db026c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
last-modified
Mon, 14 Nov 2022 08:21:50 GMT
server
AkamaiNetStorage
etag
"30dc43a8956d95c22e2279f0af3e5b60:1668414110.490264"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
nitro-min-email-decode.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/cdn-cgi/scripts/5c5dd728/cloudflare-static/nitro-min-email-decode.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:18 GMT
server
cloudflare
age
6245
etag
W/"6372a4a6-574"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b060b1a924f-FRA
link
<https://www.legalshield.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-0028783c6c3493afecf62f0ca754461e.underscore.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/nitro-min-0028783c6c3493afecf62f0ca754461e.underscore.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-4b07"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b066d2b90e2-FRA
link
<https://www.legalshield.com/wp-includes/js/underscore.min.js?ver=1.13.1>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-d9cd205067b2fbd2de8db84e6a654405.wp-util.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/ 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/nitro-min-d9cd205067b2fbd2de8db84e6a654405.wp-util.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-5c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b066d4190e2-FRA
link
<https://www.legalshield.com/wp-includes/js/wp-util.min.js?ver=5.9.5>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.min.js
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/assets/inc/js/ 		2 KB
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/assets/inc/js/main.min.js?ver=0.94.14
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4461243333a0fd4885187488ef61ad420873ac623f3e6d18c4941ee4148ed469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-71d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b067c4790bb-FRA
nitro-min-9f0abeb399340d938988016caf492135.swiper.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/dg-divi-carousel/scripts/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/dg-divi-carousel/scripts/nitro-min-9f0abeb399340d938988016caf492135.swiper.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e800aed30a8828c4a05222cd836d21fdadf5c7ee908ae8931370224549d8f3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-21d80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4290e2-FRA
link
<https://www.legalshield.com/wp-content/plugins/dg-divi-carousel/scripts/swiper.min.js?ver=2.0.22>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.scripts.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/js/ 		267 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/js/nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.scripts.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e373889e048fa90cffa96d1332c52db160d24ce7a45fbce87327a1b62789bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-42b05"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4490e2-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.14.8>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.jquery.fitvids.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.jquery.fitvids.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1480dde465c92981da40ccf7258d0c58c707be591589060515d5cbf36c5d86d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
6156
etag
W/"6372a4a7-7da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4790e2-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.14.8>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
6156
etag
W/"6372a4a7-19fd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4990e2-FRA
link
<https://www.legalshield.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
6156
etag
W/"6372a4a7-4bd4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4b90e2-FRA
link
<https://www.legalshield.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-8cbbcdd3c2ba558e499704957a2e44f9.hooks.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/nitro-min-8cbbcdd3c2ba558e499704957a2e44f9.hooks.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-16de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4c90e2-FRA
link
<https://www.legalshield.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-a28b3750cf2441df54d089abbb4b1191.i18n.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-includes/js/dist/nitro-min-a28b3750cf2441df54d089abbb4b1191.i18n.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
6156
etag
W/"6372a4a7-294a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4d90e2-FRA
link
<https://www.legalshield.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
frontend-bundle.min.js
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/ 		590 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/frontend-bundle.min.js?ver=0.94.14
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d680ccaa414e79a982d41aabe15ffddebbff4e2c1f5449d432a9316413d0795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-936a8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b067c4890bb-FRA
nitro-min-9f0abeb399340d938988016caf492135.frontend-bundle.min.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/dg-divi-carousel/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/plugins/dg-divi-carousel/scripts/nitro-min-9f0abeb399340d938988016caf492135.frontend-bundle.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0166b0380029a21d3ac3ef3b4d22c44b5eeb9d56fbdbebb4d48f7477f2e17532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9124
etag
W/"6372a4a7-2346"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d4e90e2-FRA
link
<https://www.legalshield.com/wp-content/plugins/dg-divi-carousel/scripts/frontend-bundle.min.js?ver=2.0.22>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.common.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/core/admin/js/ 		582 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/core/admin/js/nitro-min-3c93bdfc074ddc6eb40f02b5239f3d39.common.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424e490df6248cb953f42022c3fec5a28fa25f1f35373ec20859151123e789b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
6155
etag
W/"6372a4a7-2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d5090e2-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.14.8>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-6f3eb76059380c6c53e3083e672a37ec.magnific-popup.js
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/nitro-min-6f3eb76059380c6c53e3083e672a37ec.magnific-popup.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb743ff17032fb81744351062643aef0915eaf80f24a2c22a7c2a769e026ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9124
etag
W/"6372a4a7-5383"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b067d5190e2-FRA
link
<https://www.legalshield.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=1.3.0>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nitro-min-vaafb692b2aea4879b33c060e79fe94621666317369993
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/desktop/optimized/rev-7294ff7/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/desktop/optimized/rev-7294ff7/beacon.min.js/nitro-min-vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:19 GMT
server
cloudflare
age
9125
etag
W/"6372a4a7-4333"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b084c529000-FRA
link
<https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
76a36b086af79b4c-FRA
invoca-latest.min.js
solutions.invocacdn.com/js/ 		124 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by
Host: cdn-eildb.nitrocdn.com
URL: https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/themes/Divi_Child/vendor/invoca/nitro-min-d9cd205067b2fbd2de8db84e6a654405.index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-85.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
content-encoding
gzip
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 23:09:33 GMT
last-modified
Wed, 05 Oct 2022 20:29:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
29
etag
W/"4636ba1892918feeed6b191a409be199"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
x-amz-replication-status
COMPLETED
x-amz-cf-id
YhiL25QggsjS6THiWF45nYbq1T0XFl3mLUT5PO_RYZPJSzu557TDiw==
jquery.min.js
livechat.sentimentmetrics.com/javascripts/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/javascripts/jquery.min.js
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/javascripts/scs.embed.js?api-key=8f31e558-db9c-482e-8976-b1f87b253539
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:00 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
nginx/1.18.0
ETag
W/"15d84-7438674ba0"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		319 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2e202fdc118f0d6d607dd7d96fb629cd383aec058c166cbfbd31836652703b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92359
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 23:10:01 GMT
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcb38f06a9eab076c6f0204095f8e5e794476d13498da10f8f288c12663a654b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb02748e7abe5133b6edef9d9eac851cfa7193c587d6cce2298b25e8a2961afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f1d7e5f71dd8db88b7b3e9a0b82ca34f928361f71e75fa9c61d2ebf228d6e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
Vector-Stroke.png
www.legalshield.com/wp-content/uploads/2021/12/ 		167 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/12/Vector-Stroke.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f4574f64023dc9dd0c9700c61c32be4d293b7912ccdf544be67ca66f7aab42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
167
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:18 GMT
server
cloudflare
etag
"634d4cba-a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b083dbd90bb-FRA
modules.ttf
www.legalshield.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
92400
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:39 GMT
server
cloudflare
etag
"634d4ccf-168f0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b083dbf90bb-FRA
BestDefense-Regular.ttf
www.legalshield.com/wp-content/uploads/et-fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/uploads/et-fonts/BestDefense-Regular.ttf
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ddde5cf80db4f46844129c2826dbbd444b689a99bb49aa96130f3d61d50534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
72844
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:06 GMT
server
cloudflare
etag
"634d4c72-11c8c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b083dc090bb-FRA
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1d6f2f8e44b7fe2005024ff97ac72f89b6475bb87464fce8fbb96f0aea68899

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
374cc3975d3d759836b2dcc3eab83497d62e75b2d912c455cb7bd222231abade

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56a232dc4017e093de1c4e02952764aa603767347f37be19e8f5a94350c4da8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3364c2c3e9ae9b1bde7ff13907b994390e086ad64c76818bdb7f33b32b12fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
311a7bc969bdf54b2e8f19e194dd704bfda5df37507eeb1a294bec10ec0cbdd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26b9269abc72b50364621b29e49381551b29a9204fce63f94453a0f84b3b7d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7691b50d02cdb147a8827f9aa4860d55cae4a57d75188ae2ccc81adc27dde144

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c10c5f8ce1d4c6facf629980faf723b4017819a2a7df70530b7500f747e47a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd53d9b910bd6eeba1c4c249fbbf0c4ea0969b07052490ab7a743c4b9578533e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6115102609baeefb5aacaa6d82668547132218d8a63dc55d5523c300d51217f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fa45bc9a52df91400d527ec26d05ba289e5fe619b74d7143ab6d7f1477d5b3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5f0b9786aef3876a1dcd9a286c99188de31ec3ace82c035deac665594a19c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ff3b90a1723f3cece7cd248dd300b7dc4f373905dc5f78f9cd0d2f82466add7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad73b987060a7162b646285b209f6bf166f602dfd207b895ddb66e4023154d28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c800f1956f419361bfb71f6ba384fc071667e4fb2af2e2a8c06d142ec23a71c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
iu3
s.amazon-adsystem.com/ Frame 9075
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D74541...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D74541...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
26d7afe74c1b711803bb949b572cf10b8b4d22e68e1339455e9ad2a8ad1607dc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.legalshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1233
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 14 Nov 2022 23:10:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6DTXMWKHN5AC8YVPGD7T

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 14 Nov 2022 23:10:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XD191DSN0K1NTXHRS1AB
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad4c40257b574b504bad53aa279cb595192e380cd44447b94da848a4f85f8bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		97 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca3fc7c32407c21ee66e4f4ea2d87c897912801caae7164f09ab6c147ae4311

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25d912ee315f21988890b70d22a83b86b4d37e4a79008d764ffaddf4b5c5b116

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
SwiftJustice.ttf
www.legalshield.com/wp-content/uploads/et-fonts/ 		215 KB
215 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/uploads/et-fonts/SwiftJustice.ttf
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b6eeede8881171009f665ee67e2959c4a3b1f8c3fcd9924dcbd5c241e0fdbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
220172
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:07 GMT
server
cloudflare
etag
"634d4c73-35c0c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b08de7690bb-FRA
US.svg
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/12/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/12/US.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ba71478d48fb76703f2a93e2443729814a7b0e976f56263f086a6d3f35df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:16 GMT
server
cloudflare
age
8795
etag
W/"6372a4a4-127e"
vary
Accept, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, public
cf-ray
76a36b08fffd90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/12/US.svg>; rel="canonical"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1563eba39e8407c35faf24494cdc3c01cbc5a5608a0b5813217499ab99a92a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a062a28a88bd550aa3efcd53cd1225ebc864383aa7d5e1efeaccf2982582e3ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40a743d41ace24d87002a752bfa1f0dece05c6692678526c9ff40aebb4a57727

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84533e094c637033edb4f1527cd90a96ee94b5e5604ae44458632bf0fb09c12c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbe33f379b1a2545853ea76690f9047ef0beea55b774a171263d29a751280940

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		91 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58df394e11d66d2d6b11472acd9eb476e06436d4449a305d7cd5d6d1366a2236

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
socket.io.js
livechat.sentimentmetrics.com/socket.io/ 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/javascripts/scs.embed.js?api-key=8f31e558-db9c-482e-8976-b1f87b253539
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
d0553058327ae6d42c9e7c6d2bfa3969333cf34fa443392dc3699f4c1177e99b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
ETag
"2.3.0"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
X-XSS-Protection
1; mode=block
down.png
www.legalshield.com/wp-content/uploads/2022/06/ 		226 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2022/06/down.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5ba216d7049ff64e2bd1635cbc981fe75eef2ede13c1747bc936aabd722448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
226
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:16 GMT
server
cloudflare
etag
"634d4c7c-e2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b097eed90bb-FRA
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11372546&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11988031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f9fc54cb053cb85232761c64f3353c4d7773e040007c612e40f1469158f64f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44215
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 22:32:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 23:10:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7450226-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Nov 2022 21:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6847
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 14 Nov 2022 23:15:54 GMT
1266561626.js
container.pepperjam.com/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://container.pepperjam.com/1266561626.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-81.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a3f6e9db47db9c2c18d3a808ad74a51f6ea12deb3ede38533875a7f30c5ad73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
I6bJsGwJiMZbx8crcKt7UBGxh0eTnsH2
date
Mon, 14 Nov 2022 23:10:02 GMT
via
1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 2020 16:26:26 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
"5c56ccea44950d87b8bc936c3965bfb1"
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
cache-control
max-age=900
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
10185
x-amz-cf-id
A43wzRMX3Bas1rE-0DOWe2zH6txiPNdcQHdyWUhfrno2VRljfu4JWg==
optimize.js
www.google-analytics.com/gtm/ 		165 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-TG8J8VD
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd0176dd10d47c45b2f4b1fee17673fa78e3d53bb982463dcac48cf56fa21864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49527
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Nov 2022 23:10:01 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 07 Nov 2022 16:45:46 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"3528fd00b652f61a266eb584d96f4fcc"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7722
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
last-modified
Wed, 09 Nov 2022 19:27:04 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=32373
accept-ranges
bytes
content-length
4530
activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
11988031.fls.doubleclick.net/ Frame 2092
Redirect Chain
  • https://11988031.fls.doubleclick.net/activityi;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
  • https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fww...
485 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ff9385ad93c24f5bcaeb0a2f6ef264a938fe653ca959116b272f1cc41f50727a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.legalshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 23:10:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qtwx8yLzuTGV/ha8G5nb362msu8M3sTwGNgggv8/EWed7iCMMBxd/T9ozcH3//ZLyOwy5xsJsVFDeGrc0PB7DA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
9069185.js
tag.getdrip.com/ 		8 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.getdrip.com/9069185.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-11.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
last-modified
Sat, 12 Nov 2022 19:21:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"de2e1607e500ee465eca3ec4505c0859"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8
x-amz-cf-id
VKG4wy1R93iWq0etjMEShknRh_sva7tAhMimP9Q9WpuAHMYFlONwBw==
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.71.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-71-207.compute-1.amazonaws.com
Software
/
Resource Hash
9218247d5039578f690bf4b8eb7d6b644a62096763e6522b395bcb9a6809472b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Nov 2022 23:10:01 GMT
Cache-Control
max-age=5
Content-Encoding
gzip
Connection
keep-alive
Content-Length
5378
Content-Type
text/javascript
/
8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NMPWF9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d057d1d46983b7c9ad8ae2cfd447fb4c69164fbe8a7fd262b73165701c563f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
x-backend-region
eu_west_1
x-amz-cf-pop
FRA56-P3
age
1126
etag
W/9012e9b3b44cb47032ebc8ccce4c0e61-v0.179.2
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
accept-ranges
none
x-amz-apigw-id
bnPvfGrUDoEFTSQ=
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P7ENYQJBJE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11988031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3edb0046a07071dd8ecc3fbb6b426ee738237b17d132546661519707ce55067d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76776
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Nov 2022 23:10:01 GMT
activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
11988031.fls.doubleclick.net/ Frame E144
Redirect Chain
  • https://11988031.fls.doubleclick.net/activityi;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
  • https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww...
484 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11988031
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
5eeb3f0e2aa375c94d293bfa29dbf8f709f73b497be8229ff2f44b983a8a634b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.legalshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bved7kkedo
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/bved7kkedo
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c2544fa3f08cf9f2cee593f3bd8a9b62d5acbc8255396f18780d063aaafdd4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
application/x-javascript
date
Mon, 14 Nov 2022 23:10:01 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0ycpyYwAAAADmokqBWeXuTLneiLTk7pkrRFVTMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
607.min.css
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/607.min.css
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/frontend-bundle.min.js?ver=0.94.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd0125c90d9d49e6db86d0607da5e684104c013999e40487879ccd36ef436ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-a95f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0a2f9890bb-FRA
607.chunk.js
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/ 		2 MB
507 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/607.chunk.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/frontend-bundle.min.js?ver=0.94.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aea47d53b28ae82a46fcf66757e79359df3bc2da17849348e3bda502cf94016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-24b7c8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0a2f9990bb-FRA
CalendarComponent.chunk.js
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/CalendarComponent.chunk.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/frontend-bundle.min.js?ver=0.94.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9af5c297eed4f38c97eacd4f57061be65e84d809ac92338363dab999e29d107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
W/"6352be7e-d9ea"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0a2f9b90bb-FRA
/
www.legalshield.com/wp-json/lsc/v1/geolocation/ 		91 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-json/lsc/v1/geolocation/
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/frontend-bundle.min.js?ver=0.94.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
2702946205614315a78c13551043dee9954f6321419dd0f9fc226cadc7332a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-powered-by
WP Engine
referrer-policy
no-referrer-when-downgrade
accept-ch
Sec-CH-UA-Mobile
server
cloudflare
allow
GET
vary
X-NR-SAMPLE-PERCENT,Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0a2f9f90bb-FRA
link
<https://www.legalshield.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag
noindex
x-pass-why
custom-path
close.png
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/images/ 		300 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/images/close.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d23fa23ba1929c27cb369ea1577d1bbf5632857d9fac20c8b250a039ad9bb3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
300
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
"6352be7e-12c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0a2fa090bb-FRA
userid
livechat.sentimentmetrics.com/ 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/userid?apiKey=8f31e558-db9c-482e-8976-b1f87b253539
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/javascripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
87d3d78dc88958b7e09562c145f97ba4c957a68f638988b861f81842ab02044b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
140
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Server
nginx/1.18.0
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
tag-live.js
solutions.invocacdn.com/js/networks/1809/1060114098/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://solutions.invocacdn.com/js/networks/1809/1060114098/tag-live.js
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-85.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8cac168a7f7a0b4903557cbb6e3421409796419a1fa5842c14fb1ceb22605f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
MJU.kjqmPxywQG.Mj8fdbibq4A3BqH8S
content-encoding
br
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 23:10:02 GMT
last-modified
Mon, 02 May 2022 16:23:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"4cd1d679571c9d629b3dfab02d912ca7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-replication-status
COMPLETED
x-amz-cf-id
-pQv6PyAEpzxV6oO1GEtwiBkbamdJgiWNxtHazr-5dejjiCOfk0vsw==
BestDefense-Bold.ttf
www.legalshield.com/wp-content/uploads/et-fonts/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/wp-content/uploads/et-fonts/BestDefense-Bold.ttf
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f75022ca86ac3ab28a4dbe253358e0b0d975a6887d4d586e7555c5d05bf5e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.legalshield.com/
Origin
https://www.legalshield.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
72440
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:06 GMT
server
cloudflare
etag
"634d4c72-11af8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0ab80b90bb-FRA
Vector-1.png
www.legalshield.com/wp-content/uploads/2021/11/ 		690 KB
691 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/11/Vector-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b69f49ef7e32034683c0ba92d5a97581fab17c698aae377207dab5b9760029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
706107
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:30 GMT
server
cloudflare
etag
"634d4cc6-ac63b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0ac81390bb-FRA
white-right.png
www.legalshield.com/wp-content/uploads/2021/11/ 		247 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/11/white-right.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab0d5a596bae7f678643801cda776d03db4485be5c8231f4bd212a382f73b429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
247
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:43 GMT
server
cloudflare
etag
"634d4cd3-f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0ac81590bb-FRA
black-right.png
www.legalshield.com/wp-content/uploads/2021/11/ 		241 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/11/black-right.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53fb8ae2f0a7ebfd05d0a0cbc0a73d618581f54b0f886e07ae1ee0740c323fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
241
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:28 GMT
server
cloudflare
etag
"634d4cc4-f1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0ac81790bb-FRA
HuffPost-1.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		950 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/HuffPost-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e310ec58d39a0aacd45a509a07134592778efc631fe0d0c05fa4c69453830fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:20 GMT
server
cloudflare
age
6150
etag
"6372a4a8-432"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1a9a90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/HuffPost-1.png>; rel="canonical"
content-length
950
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
800px-Yahoo_2019-1.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		810 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/800px-Yahoo_2019-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffed13d2ee281154c98f95e3beda1778ef5db4bb1694d38275b251f2d2d3f4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:20 GMT
server
cloudflare
age
6150
etag
"6372a4a8-3ae"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1a9c90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/800px-Yahoo_2019-1.png>; rel="canonical"
content-length
810
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
law360-logo-2021-2.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/law360-logo-2021-2.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d860645f9e5eaa2d73813aa70a96560076154e1ba8a3d9700145317aa8460284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:20 GMT
server
cloudflare
age
6150
etag
"6372a4a8-6b4"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1a9d90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/law360-logo-2021-2.png>; rel="canonical"
content-length
1584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
The_Hill_2020-01-15-1.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		562 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/The_Hill_2020-01-15-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28fe0bd84e12b1b28af73cb9ce0b57bc62187cae4e9eb5a33b56c933983b4bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:20 GMT
server
cloudflare
age
6150
etag
"6372a4a8-2b9"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1a9e90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/The_Hill_2020-01-15-1.png>; rel="canonical"
content-length
562
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Forbes-Black-1.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/Forbes-Black-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6db729491296867fbc5ed116e0e8f2dcfee670b72bcd55569d83d4b185b733db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:20 GMT
server
cloudflare
age
6150
etag
"6372a4a8-624"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1a9f90e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/Forbes-Black-1.png>; rel="canonical"
content-length
1444
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Photo-1.jpg
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/Photo-1.jpg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53927b98cf6a45a93e7a036e21a1f3d2acd7d875753da82a6e78700a8b7aa5e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:41 GMT
server
cloudflare
age
6148
etag
"6372a4bd-33ab"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b0b1aa090e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/Photo-1.jpg>; rel="canonical"
content-length
13106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
849877854-0
d.monetate.net/trk/4/s/a-bdbd224f/p/legalshield.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.monetate.net/trk/4/s/a-bdbd224f/p/legalshield.com/849877854-0?mr=t1640009934&mi=%272.327350158.1668467400594%27&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27https://groups.uat-shield-service.com/%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://www.legalshield.com/%27&fl=!f&hvc=!t&eoq=!t
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/3/a-bdbd224f/p/legalshield.com/t1640009934/3368a7d7831290e8/custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.222.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-222-185.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
58045cb5800a566d81af1c051570c0a54eaebf024d92da170421a5360c462c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Content-Encoding
gzip
Server
Monetate
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache
Server-Timing
total;dur=22.7
Timing-Allow-Origin
*
Content-Length
1334
Expires
Sun, 14 Nov 2021 23:10:01 GMT
invisible.js
www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 1D89 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704ad309245714b95805e8bb758aa37e0e721d201a6a763c5f72ebe58a3c51f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76a36b0b587290bb-FRA
invisible.js
www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 02DB 		32 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0adb8aa63a791e49b72db8ee2ea0eb8d2c207d8278f171804f44e1ed4356acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76a36b0b587390bb-FRA
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=213772285&t=pageview&_s=1&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAACAAI~&jid=1466282482&gjid=124712393&cid=177753735.1668467401&tid=UA-7450226-17&_gid=2022134419.1668467401&_r=1&gtm=2oub90&z=115754882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P7ENYQJBJE&gtm=2oeb90&_p=213772285&_gaz=1&cid=177753735.1668467401&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668467401&sct=1&seg=0&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&en=page_view&_fv=1&_ss=1&ep.env=production
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7ENYQJBJE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P7ENYQJBJE&cid=177753735.1668467401&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7ENYQJBJE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P7ENYQJBJE&cid=177753735.1668467401&gtm=2oeb90&aip=1&z=1483101451
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed
livechat.sentimentmetrics.com/ 		17 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/embed?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&_=1668467401161
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/javascripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
b675a0d538367a94990e41004ff897cecaed04de1d3dbec25e98be0cd0e6ab6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Server
nginx/1.18.0
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
adservice.google.com/ddm/fls/i/ Frame 8A8B 		483 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/activityi;dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a149facb8a27886d3f036504392c986e443355a7a6457d0f57324895b7824c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11988031.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
266
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
adservice.google.com/ddm/fls/i/ Frame FAAA 		484 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/activityi;dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9fb11c216cdba39899a4e097500b8fe2323560deb60a77fb84be8cb69bb669d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11988031.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 14 Nov 2022 23:10:01 GMT
last-modified
Wed, 09 Nov 2022 21:23:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCAF7471574F44C08F4B4AB60691515F Ref B: FRAEDGE1116 Ref C: 2022-11-14T23:10:01Z
etag
"077538f81f4d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11421
grey-arrow-down.png
www.legalshield.com/wp-content/uploads/2021/11/ 		384 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/11/grey-arrow-down.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18640c4924359c4eadc3a03686364213d71dd69dc229b82816f8dc63bc046ce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
384
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:34 GMT
server
cloudflare
etag
"634d4cca-180"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0bd8ce90bb-FRA
Mask.png
www.legalshield.com/wp-content/uploads/2021/11/ 		434 KB
435 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/11/Mask.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb909510d180e1b9cc45f6bc88bba37755dd38bd8feb259fd68418830bbe4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
444647
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:26 GMT
server
cloudflare
etag
"634d4cc2-6c8e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0c592e90bb-FRA
Vector-1-1.png
www.legalshield.com/wp-content/uploads/2021/12/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2021/12/Vector-1-1.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c151a0ff58885a22384e61f067e1325eeff907fa6adb41543ea266ed3f0833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
518153
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:38:23 GMT
server
cloudflare
etag
"634d4cbf-7e809"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b0c593290bb-FRA
chat.svg
www.legalshield.com/wp-content/uploads/2022/01/ 		2 KB
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2022/01/chat.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3926660da7d3e1fd76c2b8d1bb22a1def26c6c5809463f6ff0e43b9304dc2507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:54 GMT
server
cloudflare
etag
W/"634d4ca2-6af"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0c593490bb-FRA
call-phone.svg
www.legalshield.com/wp-content/uploads/2022/01/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2022/01/call-phone.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffee4a08099184e0647423eb30fc31c4910b96683c41d36410fbb00e7e8fd310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:59 GMT
server
cloudflare
etag
W/"634d4ca7-b24"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0c593790bb-FRA
email.svg
www.legalshield.com/wp-content/uploads/2022/01/ 		1 KB
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/uploads/2022/01/email.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5773294963da7cd59bd6f9de42588c9ba44b772b1cd97624749b182d5024af8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Oct 2022 12:37:55 GMT
server
cloudflare
etag
W/"634d4ca3-47d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
cf-ray
76a36b0c593990bb-FRA
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1668467401739&id=t2_gh7bto8e&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=f2c5e1a0-7b0d-472c-9384-643fc2dbba67&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
1100388203486897
connect.facebook.net/signals/config/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1100388203486897?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f617ff53a6bc2ab29f6c5aaf2c845df5ec0962106d9bbca97f0c8ea94a1fdf5a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 23:10:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
v4uGsjGs72xHuoQcfcv/tLe/C6Q4jPb/oVmvEB29a+vujvMvVvKOqZqSyEoGmDFKsufK8ZJ/gmE99WnYuYIyog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by
Host: 8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com
URL: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 23:09:05 GMT
content-encoding
gzip
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified
Tue, 05 Apr 2022 16:31:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
6220856
etag
W/"359008fe01078c59c66e034866170bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
NrOsEDQv8oOmxMSZSRnkSXhBZdo8EuXEpMUA6dGUQDi2O1uYLHBdug==
tp.min.js
invitejs.trustpilot.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invitejs.trustpilot.com/tp.min.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/trustpilot-reviews/review/assets/js/headerScript.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-71.dus51.r.cloudfront.net
Software
/
Resource Hash
dd2e780f60090a6a67871f75fe770713856be718a07b0cc1d55e2efd0c046fa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 03:06:28 GMT
content-encoding
gzip
via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 14:17:43 GMT
x-amz-cf-pop
DUS51-P1
age
72213
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
x-amz-cf-id
U43BzO1XwuuoZVoX85wYMJu5t3hpWrN0z1Z3h4f2kOzq36msnfWMwg==
token
cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-6.fra56.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Nov 2022 22:59:22 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
639
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
3O0GLSNTltPwlrFbe5Zg4lO0bEeTzCU9t9KCkhxeTAO8Qzg0fb_iIg==
token
cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-6.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.legalshield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
75762
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 14 Nov 2022 02:07:19 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
DWdv7C94y6bWYB9p4jTsJDxbnJcebU8IvmKxYXHpjCKoBgclI1S77g==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
token
cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-6.fra56.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Nov 2022 22:59:22 GMT
content-encoding
gzip
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
639
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
al5QNS3xQ4Tl1SpS9XumIHaU2Sw_KRu16JJGd2ESE2OYk7YHC2SmKA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2498572%252C4235730%26time%3D1668467401751%26url%3Dhttps%253A%252F%252Fwww.legals...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQL3HNJDD0SBHwAAAYR4aCYx9IRZfvwvPSVN5Ow...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQL3HNJDD0SBHwAAAYR4aCYx9IRZfvwvPSVN5OwInm6YEZ20KtQ97q0Cs6IozqY4Jj1YYgU
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9F0F2C3E291943609435E34BF97D416E Ref B: FRAEDGE1915 Ref C: 2022-11-14T23:10:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtdlbcqy6qe6dj2h7xhQ==

Redirect headers

date
Mon, 14 Nov 2022 23:10:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5F62FA741A044593BC17BFC925703FD8 Ref B: FRAEDGE1415 Ref C: 2022-11-14T23:10:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2498572%2C4235730&time=1668467401751&url=https%3A%2F%2Fwww.legalshield.com%2F&tm=gtmv2&liSync=true&e_ipv6=AQL3HNJDD0SBHwAAAYR4aCYx9IRZfvwvPSVN5OwInm6YEZ20KtQ97q0Cs6IozqY4Jj1YYgU
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtdlbWf8q6CtfQaQY3og==
token
cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/2498572,4235730/domain/legalshield.com/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-6.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.legalshield.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
75762
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 14 Nov 2022 02:07:19 GMT
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-id
A0ON4aafOHTR3gGEIhkQVjd-tWlqwHiF_rbi2pibU5K9ccTmWOJU7Q==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=213772285&t=pageview&_s=1&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUABRAAAACAAI~&jid=1313138130&gjid=1076015647&cid=177753735.1668467401&tid=UA-7450226-61&_gid=2022134419.1668467401&_r=1&gtm=2wgb905NMPWF9&cd4=&z=158310199
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=1466282482&gjid=124712393&_gid=2022134419.1668467401&_u=YEBAAUAAQAAAACAAI~&z=434562708
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 14 Nov 2022 23:10:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
live-icon.svg
livechat.sentimentmetrics.com/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/live-icon.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
a49069da7f130726ad101ed3bab1c3aa8712a9f545744073732314777995a1a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 14 Sep 2020 10:23:28 GMT
Server
nginx/1.18.0
ETag
W/"6e0-1748c241255"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
/
livechat.sentimentmetrics.com/socket.io/ 		103 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&EIO=3&transport=polling&t=OHuQ2Im
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
e1a4ce878ec242039692e46cac0bdc63a3380de0f2bf18d61502d2a8c2f7dd1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
103
X-XSS-Protection
1; mode=block
close-icon.svg
livechat.sentimentmetrics.com/images/icons/ 		549 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/close-icon.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
4245af97531cb254ff53e6230a82c7f9b3e95931a7e44af71d08c76177a6cee5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
549
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 14 Sep 2020 10:23:28 GMT
Server
nginx/1.18.0
ETag
W/"225-1748c241255"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
attach.svg
livechat.sentimentmetrics.com/images/icons/ 		948 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/attach.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
486f1870d85b6e5f3efe63789d9bb1215dc8cd038ad07e3a37aa0dbddffff3a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
948
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Thu, 05 Nov 2020 06:16:13 GMT
Server
nginx/1.18.0
ETag
W/"3b4-175970c64d0"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
emote-icon.svg
livechat.sentimentmetrics.com/images/icons/ 		792 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/emote-icon.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
ba89e8d37e0d3b7b75e14edf64c12e510d13a5b9853690402bcaeb03991fcc9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
792
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 14 Sep 2020 10:23:28 GMT
Server
nginx/1.18.0
ETag
W/"318-1748c241255"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
trancript-icon.svg
livechat.sentimentmetrics.com/images/icons/ 		802 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/trancript-icon.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
5bc461f07b6134c757efec3a06a897820e9477707cd958d2787c1cd00c4e965e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
802
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 14 Sep 2020 10:23:28 GMT
Server
nginx/1.18.0
ETag
W/"322-1748c241259"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
close-icon-g.svg
livechat.sentimentmetrics.com/images/icons/ 		661 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://livechat.sentimentmetrics.com/images/icons/close-icon-g.svg
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
7478d3a947e0acee62e3216dab83d53fe622cd2fc8d642a61ae2b734fb2729c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:01 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Connection
keep-alive
Content-Length
661
X-XSS-Protection
1; mode=block, 1; mode=block
Pragma
no-cache
Last-Modified
Mon, 14 Sep 2020 10:23:28 GMT
Server
nginx/1.18.0
ETag
W/"295-1748c241255"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
public, max-age=0, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
11988031.fls.doubleclick.net/ddm/fls/r/ Frame EA65
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshi...
  • https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww...
809 B
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
8259743d1bb01220fedd20c7b75dd6e17010365be3d0ab5ed4fe910c062ddc2c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
365
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:02 GMT
expires
Mon, 14 Nov 2022 23:10:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
11988031.fls.doubleclick.net/ddm/fls/r/ Frame EC0F
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalsh...
  • https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fww...
882 B
415 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
9361c6c2be91a4d833017b09b920ce5dfe9d53796edfb772a8b54aed377bc4d8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
390
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:02 GMT
expires
Mon, 14 Nov 2022 23:10:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clarity.js
www.clarity.ms/eus2/s/0.6.43/ 		54 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bved7kkedo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
etag
"1d8eec314a76b4c"
x-azure-ref
0ycpyYwAAAADb3n7NliCpT7zoxUDXV8ZrRFVTMzBFREdFMDYyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
55116
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.71.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-71-207.compute-1.amazonaws.com
Software
/
Resource Hash
3f6e3c3c58ad4de493650ac14d574a6f83530b935bdf3fd9932308853dc8b38c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Nov 2022 23:10:01 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.71.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-71-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Nov 2022 23:10:02 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
pr
s.amazon-adsystem.com/v3/ Frame 453F 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6ddef894194582976649e2a7ce97a405604844b4295fe11546d9fb7b93aff4fa
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D52d01256-36c4-53da-0bd4-592093b3d333%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://legalshield.com/&ex-hargs=v%3D1.0%3Bc%3D7454120280501%3Bp%3D52D01256-36C4-53DA-0BD4-592093B3D333&cb=339267202080936640&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
6319
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 14 Nov 2022 23:10:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JMAD0VKJN7AAFCB7MPZ9
5935210.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5935210.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 14 Nov 2022 23:10:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1A76646C05F4FA7944493DAA2CF92F0 Ref B: FRAEDGE1116 Ref C: 2022-11-14T23:10:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5935210&Ver=2&mid=ab5c666e-78a2-402a-8f78-d5ec2ee07627&sid=77a54270647111ed82300f6e06f2caf8&vid=77a53c70647111ed9fb3d9975468b3a0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&p=https%3A%2F%2Fwww.legalshield.com%2F&r=https%3A%2F%2Fgroups.uat-shield-service.com%2F&lt=1476&evt=pageLoad&sv=1&rn=386459
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 14 Nov 2022 23:10:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1CBA237DF42A4ECDA029E146D5AD9A42 Ref B: FRAEDGE1116 Ref C: 2022-11-14T23:10:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=1466282482&_u=YEBAAUAAQAAAACAAI~&z=99751479
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=1466282482&_u=YEBAAUAAQAAAACAAI~&z=99751479
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1D89 		19 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133fcffcdcadc97f0b1d23da0c4c90aa0ccf625382e1616b464719ebc86f01f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76a36b0e7b4490bb-FRA
na.jsonp
pnapi.invoca.net/1809/ 		98 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pnapi.invoca.net/1809/na.jsonp?network_id=1809&js_version=4.27.3&tag_id=1809%2F1060114098&request_data_shared_params=%7B%22calling_page%22%3A%22https%3A%2F%2Fwww.legalshield.com%2F%22%2C%22domain%22%3A%22www.legalshield.com%22%2C%22google_analytics_id%22%3A%22UA-7450226-17%22%2C%22landing_page%22%3A%22https%3A%2F%2Fwww.legalshield.com%2F%22%2C%22g_cid%22%3A%22177753735.1668467401%22%2C%22utm_medium%22%3A%22referral%22%2C%22utm_source%22%3A%22uat-shield-service.com%22%2C%22invoca_id%22%3A%22i-aebfc533-8ebe-4574-9c66-cb249ff5dcd1%22%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.legalshield.com%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fgroups.uat-shield-service.com%2F%22%2C%22cores%22%3A4%2C%22platform%22%3A%22Win32%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.138.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-138-89.compute-1.amazonaws.com
Software
Goliath /
Resource Hash
b4973634a961de721cdf1e19dffa4f1711226f7fae939021f3b98185eb101230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 14 Nov 2022 23:10:02 GMT
Server
Goliath
Connection
keep-alive
processing_time
9.86903ms
Content-Length
98
pica.js
www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 02DB 		21 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ee97b36f05d1081d62e8353c5a00a464ecc71af207faf5458d7af2d7454b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
76a36b0eeb9390bb-FRA
/
livechat.sentimentmetrics.com/socket.io/ 		2 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&EIO=3&transport=polling&t=OHuQ2L6&sid=egSKdBewBmUt3yhlA8SA
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
/
livechat.sentimentmetrics.com/socket.io/ 		10 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&EIO=3&transport=polling&t=OHuQ2L8&sid=egSKdBewBmUt3yhlA8SA
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
dcbe9c028dee69e0661f443d043aa451f2aa8e1af117dc89dee3d653600c551b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
10
X-XSS-Protection
1; mode=block
a.html
8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/ Frame 695A 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3b454a94d32bf4e6e8056e8d3289b90777e496cab8161f3e7cc0f2a07ebcbd16

Request headers

Referer
https://www.legalshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
3838
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 23:10:02 GMT
etag
"b588289e070f4d7092247db66ffaa7ea"
x-proxy-backend
page-server
x-unbounce-pageid
1e0de9b9-4348-4d8a-90dc-f2e178dff1ab
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=213772285&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Monetate&ea=Data-Collect-WP-CheckoutV3_1582792&el=Experiment&_u=aHDACUABRAAAACAAI~&jid=&gjid=&cid=177753735.1668467401&tid=UA-7450226-17&_gid=2022134419.1668467401&gtm=2oub90&z=1430774664
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 14:42:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30439
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=213772285&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Monetate&ea=Data-Collect_Standard&el=Experiment&_u=aHDACUABRAAAACAAI~&jid=&gjid=&cid=177753735.1668467401&tid=UA-7450226-17&_gid=2022134419.1668467401&gtm=2oub90&z=2089968079
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 14:42:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30439
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=213772285&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Monetate&ea=Data-Collect_LS_3-1&el=Experiment&_u=aHDACUABRAAAACAAI~&jid=&gjid=&cid=177753735.1668467401&tid=UA-7450226-17&_gid=2022134419.1668467401&gtm=2oub90&z=1518994009
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 14:42:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30439
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
849877854-1
d.monetate.net/trk/4/i/a-bdbd224f/p/legalshield.com/ 		36 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.monetate.net/trk/4/i/a-bdbd224f/p/legalshield.com/849877854-1?mr=t1640009934&mi=%272.327350158.1668467400594%27&u=%27https://www.legalshield.com/%27&e=!(xi)&ii=!(%275,2,97748,,,,,,1668467401,0,1668467402%27)&eoq=!t
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.222.185 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-222-185.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:02 GMT
Server
Monetate
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache
Timing-Allow-Origin
*
Content-Length
36
Expires
Mon, 07 Nov 2022 23:10:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ib.adnxs.com/setuid/a9?entity=188&code=_w7GO27CT5S43lWGDI82rQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3D_w7GO27CT5S43lWGDI82rQ%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=_w7GO27CT5S43lWGDI82rQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=_w7GO27CT5S43lWGDI82rQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N2JN68FG0HY24APQ1JPY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
AN-X-Request-Uuid
cbf84774-678f-4adb-9d66-e50c0a594607
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=_w7GO27CT5S43lWGDI82rQ
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 453F 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=f-6MqCbRRqq5hsvHJfGTJQ&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:01 GMT
transfer-encoding
chunked
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=219783204335004535460&ex=neustar.biz
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=219783204335004535460&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NTY67T01S1DKATQCZTVR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:02 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://s.amazon-adsystem.com/ecm3?id=219783204335004535460&ex=neustar.biz
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=5ZelbYLSSa-qCPIB9QtNkw&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=5ZelbYLSSa-qCPIB9QtNkw&C=1
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y3LKyp-l07z0-MIc5lD7pgAA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y3LKyp-l07z0-MIc5lD7pgAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6JXW2ZTPS71C5Z07QGQ1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y3LKyp-l07z0-MIc5lD7pgAA
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=55fcede8bff450d4dadd126ba60fe82d
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=55fcede8bff450d4dadd126ba60fe82d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R7NGMNGQ98N4VGAAT15Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=55fcede8bff450d4dadd126ba60fe82d
date
Mon, 14 Nov 2022 23:10:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DW78DJVF2ZPSG736KE4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date
Mon, 14 Nov 2022 23:10:02 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=C6fH1rDoRcOO0ER_L-cVxQ
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=C6fH1rDoRcOO0ER_L-cVxQ&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=C6fH1rDoRcOO0ER_L-cVxQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=C6fH1rDoRcOO0ER_L-cVxQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
80GRNHV8NM3DCVAZWX9Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=C6fH1rDoRcOO0ER_L-cVxQ
date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=ccc4fd4c-b0ac-4cc2-ad27-d166c161b167
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=ccc4fd4c-b0ac-4cc2-ad27-d166c161b167
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7FZ56DGNF6275CFT4XZY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=ccc4fd4c-b0ac-4cc2-ad27-d166c161b167
Date
Mon, 14 Nov 2022 23:10:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
sync
amazon.partners.tremorhub.com/ Frame 453F 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 14 Nov 2022 23:10:02 GMT
server
Apache-Coyote/1.1
content-type
image/gif
cms
cms.analytics.yahoo.com/ Frame 453F 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9KKQHEFT8HYGRPD98W6J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1668467402507041-333
Expires
Mon, 14 Nov 2022 23:10:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2C5PS1EG6AK5Q10CEM5J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 14 Nov 2022 23:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 a608f2055229f2ea193f6b8f15267a70.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=84WFX74CRHC2STFEWB73:sn=www.imdb.com
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
server
Server
x-amz-rid
84WFX74CRHC2STFEWB73
x-frame-options
SAMEORIGIN
vary
Content-Type,Accept-Encoding,User-Agent
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag
noindex, nofollow
x-amz-cf-id
MVII29eZQwesEXO0ujEV2hcP7HnueyU0QnDwpzkC5zrR68o14VljHg==
usermatch.gif
beacon.krxd.net/ Frame 453F 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=GGfMqv6kTl6nhJb_JHLd7Q&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n003-dub-prod.krxd.net
date
Mon, 14 Nov 2022 23:10:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1668467402
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
  • https://s.amazon-adsystem.com/ecm3?id=02b82a10-636a-4e2a-aa20-0ffd75632ec8&ex=improvedigital.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=02b82a10-636a-4e2a-aa20-0ffd75632ec8&ex=improvedigital.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J59W2VK6KJXMWMQMVKHD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=02b82a10-636a-4e2a-aa20-0ffd75632ec8&ex=improvedigital.com
access-control-allow-origin
*
date
Mon, 14 Nov 2022 23:10:03 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel.gif
usersync.samplicio.us/amazon/ Frame 453F 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.155.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-155-183.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx/1.20.0
Location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 453F 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=B9DdF0UkSw22A7_5OSeZFQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-mn5l2
date
Mon, 14 Nov 2022 23:10:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=104b53a9887b5ec44
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=104b53a9887b5ec44
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5S35KKXNGZXVSXDGZ8CS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 14 Nov 2022 23:10:03 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=104b53a9887b5ec44
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization
content-length
94
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TCQYi8Y8RA-DCh4ooNqL6g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TCQYi8Y8RA-DCh4ooNqL6g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TCQYi8Y8RA-DCh4ooNqL6g
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AGVYSWYEGET8NCTTTVBD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TCQYi8Y8RA-DCh4ooNqL6g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=Wd1DHQOPStao7gm1ctjiAA&redirectId=2545
  • https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Wd1DHQOPStao7gm1ctjiAA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Wd1DHQOPStao7gm1ctjiAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B6A5Q6SJF0GGKJZCMMWF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=cecab136869d669367702b17c5b08c52&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=Wd1DHQOPStao7gm1ctjiAA
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1668467402990026-405
Expires
Mon, 14 Nov 2022 23:10:03 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=VX53S7LVT1yV2mfu-NU4EQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=VX53S7LVT1yV2mfu-NU4EQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91797799919823914791551740581169516974
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91797799919823914791551740581169516974
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PTHC1575WYDCAFQ6RKW6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
NNxpPL/FSf8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=91797799919823914791551740581169516974
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=TRrbs9_MS0SWjSfbEwHSvw
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811735332922892045&gdpr=&gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811735332922892045&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RBZRGH1CNHJ8TXTSTY48
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10811735332922892045&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
z
px.surveywall-api.survata.com/ Frame 453F 		0
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4805909204924635496
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4805909204924635496
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6TS87757DHYGQ6JM2EA9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=4805909204924635496
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=785eb6f5-6471-11ed-91e7-174deb1e0206
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=785eb677-6471-11ed-91e7-174deb1e0206
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=785eb677-6471-11ed-91e7-174deb1e0206
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3AHT4X6N3E9Z6H6MVV1E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=785eb677-6471-11ed-91e7-174deb1e0206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
19
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2256048332-923b-4025-b8f1-c92cea0e3b06%22,%22Time%22:%2220221114T231003.208550%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=56048332-923b-4025-b8f1-c92cea0e3b06
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=56048332-923b-4025-b8f1-c92cea0e3b06
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BCJSW4KQZ4ND9P0GEWR3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=56048332-923b-4025-b8f1-c92cea0e3b06
Server
LogModule 0.4
Content-Length
204
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEE1DDTay4IAouDLYlmwsQNI&google_cver=1
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEE1DDTay4IAouDLYlmwsQNI&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KYCBV3C6MNX8DZEKQXWX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEE1DDTay4IAouDLYlmwsQNI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
usermatch.krxd.net/um/ Frame 453F 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.krxd.net/um/v2?partner=amzn
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.237.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-237-180.compute-1.amazonaws.com
Software
/
Resource Hash
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
usermatch-a008-ash-prod.krxd.net
date
Mon, 14 Nov 2022 23:10:03 GMT
content-type
text/plain; charset=utf-8
x-age
0
content-length
20
x-cache
MISS
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=57883b031b4cc7da16725dc25f29c474
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=57883b031b4cc7da16725dc25f29c474
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A97KGJERSJ3ANAKV2NCB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=57883b031b4cc7da16725dc25f29c474
date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
-9Xkytyw3cXZ0MRA7LK7bfvLcY_9A-8Pr35YuTc9LRq3GqaSZjh4ZA==
x-cache
Miss from cloudfront
cm
us-u.openx.net/w/1.0/ Frame 453F 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=KiD9-s_RmcSEroEonzWVkzc4dOw4ZgAC
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=KiD9-s_RmcSEroEonzWVkzc4dOw4ZgAC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7NBMDDND4VDCZ84GSVH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY8l%2FEuCmYS2LioKx2ryLDTDxyZg82JY3LPoevQ%2FENQPq6yhNtUbNR2PGGbndJ0MyQRyBawyoEeKlk7gW6OYHqsFl0%2FfxM91g%2Blgv78GvezJs6hGMvHV572fi9q9Ee6RRkWA%2Blbiv69v3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=index&id=KiD9-s_RmcSEroEonzWVkzc4dOw4ZgAC
cache-control
no-cache
cf-ray
76a36b16ed24994e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame 453F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=8341&xuid=y4RR277eRFK5Sj3csZSn9g&dongle=az46
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=2769D18BCC216542
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=2769D18BCC216542
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRMDEMY1GDVN799796CJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:10 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=2769D18BCC216542
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2274428672264789033&ex=appnexus.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=2274428672264789033&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K20TD3F02ABAMB33H84Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
AN-X-Request-Uuid
4a382292-18dc-4e33-ab46-27433d47aaef
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://s.amazon-adsystem.com/ecm3?id=2274428672264789033&ex=appnexus.com
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=bAu5BLuST3eV3U8eZX1phg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
  • https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=bAu5BLuST3eV3U8eZX1phg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=bAu5BLuST3eV3U8eZX1phg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FEX38EVXF1CTWJ6XHAZW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=bAu5BLuST3eV3U8eZX1phg
date
Mon, 14 Nov 2022 23:10:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=wyni8UCPGAR9pNdUzQoNAA&ex=rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=wyni8UCPGAR9pNdUzQoNAA&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KW3CFAAY0W39DXRMJ34H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=wyni8UCPGAR9pNdUzQoNAA&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=eBD_oi_4SuCafiPF24lWeQ&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SQ1M8S1HG8JYY645NBR5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadus.exelator.com/load/ Frame 453F 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DCBCA72630B1C7C2D02963533
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DCBCA72630B1C7C2D02963533
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E5S1N3BV90K47KRZXP2Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
openresty/1.15.8.2
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=D48C4F2DCBCA72630B1C7C2D02963533
Access-Control-Allow-Origin
https://www.homedepot.com
Access-Control-Expose-Headers
User-NDAT
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection
keep-alive
Content-Length
151
Expires
Mon, 14 Nov 2022 23:10:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8dfb619be94db2186895677e604e272e1750685836c8d226873be7c6e5961587
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8dfb619be94db2186895677e604e272e1750685836c8d226873be7c6e5961587
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S86G651S459DSSJPJ0AS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=8dfb619be94db2186895677e604e272e1750685836c8d226873be7c6e5961587
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=87D42FC8-AE12-4FFD-83F1-50AE98E68CD3
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=87D42FC8-AE12-4FFD-83F1-50AE98E68CD3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RRSTN6659W90VKESXY84
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=87D42FC8-AE12-4FFD-83F1-50AE98E68CD3
date
Mon, 14 Nov 2022 23:10:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 453F
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=78108c2a-3c8c-49e1-9134-64e498acd843-tucta6c504b
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=78108c2a-3c8c-49e1-9134-64e498acd843-tucta6c504b
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=GGfMqv6kTl6nhJb_JHLd7Q&dmt=3&ex-pl-n-g-hmt=eBD_oi_4SuCafiPF24lWeQ&ep=ttam_T219Ay-cPciHbT10gj8z3rJUnHSh7RjBnPqAggwIt3bujVe-JhDlUX1vSh0Ru9TQoL_WsPvKaOOmFCO5NzaPwWUloCEq63qMm8qyg-d2xAV6bc7uAmcRf_TKEGQrPnFU582Jz9mVKhtF_ZWngfc4dvnY6LpLQRqTs8kvPQ4QBce6zl0LITKzttMiVqp4JxGgzeTUfEy3s7xwxitjSyFBPfvNUBb1SD40QEY6duscQTChtOZ9_nAJGiX-1fmEVH_z47a8Ex1jpxUmtU4KgxV93MT4b_ITqTdCLtOC0uYZd9Gq2XJrj0JR2FsB-D8WDip4Ft9FRQXt3Y7Z__wWaTork7PMUSictXDQw_WF8lOxDhl4qs3JN13-UetA2bu-lvdGHIDoD-jX35at_fWah7TIWdy7xbl3e74wNAUpoUDkyMkl3-OiW10AYxKlvUEYci6S_mGO81F93iVdG2i93pu8mIQXLhZzfnb0nahZGl2FY_jdK8V6kB79qLsC4LMM-qsJ6NRNG3T1c-3mab6NQNmUhbI4VKa6lcLI-5DD_9D53gak0b4HJtYB4GplBcoH9-XeCPnLv_Lk2MwHvxdbTybpsLkL5IVTF-lRP1bv1w
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DMBRH13618ZM1S990WWQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=78108c2a-3c8c-49e1-9134-64e498acd843-tucta6c504b
date
Mon, 14 Nov 2022 23:10:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21914
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1100388203486897&ev=PageView&dl=https%3A%2F%2Fwww.legalshield.com%2F&rl=https%3A%2F%2Fgroups.uat-shield-service.com%2F&if=false&ts=1668467402413&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22678410296098116%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222758892794211955%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1668467402412.279783481&it=1668467401746&coo=false&rqm=GET
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 23:10:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 695A 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
URL: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 02:28:13 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-version-id
L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
last-modified
Mon, 04 Jul 2022 16:47:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
6640910
etag
"4458a4d76a70cb207bcc34d6bc6f872f"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
WM3k2Yx6Dfy7VU0mv3bCj0HjusZVkl2oWKtgmS6dAtqWfXWvRfxT3w==
main.bundle-384ff03.z.js
builder-assets.unbounce.com/published-js/ Frame 695A 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by
Host: 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
URL: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 01:41:30 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-version-id
8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
last-modified
Mon, 04 Jul 2022 16:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
6643713
etag
"1825a0c47b2e38b6cf30a4072987bce1"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33495
x-amz-cf-id
zBbetdola0LnPi76ysj5CyWL9e8Xw2PBLKCSP2ZWFBd1fEQbr0gBag==
collect
b.clarity.ms/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.legalshield.com
date
Mon, 14 Nov 2022 23:10:02 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
76a27d85d8b47306
www.legalshield.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1D89 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/cv/result/76a27d85d8b47306
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
content-encoding
gzip
server
cloudflare
cf-ray
76a36b12ae9590bb-FRA
content-type
text/plain; charset=UTF-8
sync
live.rezync.com/ Frame EC0F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=80e03888235b04fbc411af682cafe082&k=legalshield-pixel-6254&zmpID=legalshield&cache_buster={cache_buster}
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-118.fra56.r.cloudfront.net
Software
lighttpd/1.4.59 /
Resource Hash
001e01f4b3443909a86be1ce2ce28407d067af6503a29f895264617c08fa6e58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-P7
vary
Cookie
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
2048
x-amz-cf-id
UZdGtPvcR0-ErXGy7Q0Z0yGKghbhnPnwrLnIL64LSY5KU_ylE-7BhQ==
sync
live.rezync.com/ Frame EA65 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=80e03888235b04fbc411af682cafe082&k=legalshield-pixel-5034&zmpID=legalshield
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-118.fra56.r.cloudfront.net
Software
lighttpd/1.4.59 /
Resource Hash
20fafa7fdce3b892b281d229291ea5e18266508462ca7383d66ccc822f1ab7e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:02 GMT
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
server
lighttpd/1.4.59
x-amz-cf-pop
FRA56-P7
vary
Cookie
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
1806
x-amz-cf-id
rDArB-2bn2Tf_bodu9Y68WdWVPfRGCXI303EnqzA9MOmthNw4oZfdw==
/
livechat.sentimentmetrics.com/socket.io/ 		2 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&EIO=3&transport=polling&t=OHuQ2Ue&sid=egSKdBewBmUt3yhlA8SA
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
/
livechat.sentimentmetrics.com/socket.io/ 		96 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livechat.sentimentmetrics.com/socket.io/?apiKey=8f31e558-db9c-482e-8976-b1f87b253539&EIO=3&transport=polling&t=OHuQ2Uf&sid=egSKdBewBmUt3yhlA8SA
Requested by
Host: livechat.sentimentmetrics.com
URL: https://livechat.sentimentmetrics.com/socket.io/socket.io.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.3.133.19 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
19-133-3-149.rackcentre.redstation.net.uk
Software
nginx/1.18.0 /
Resource Hash
34552ce7708f4ce1d068343882fb6aac9bdf2bca97b4fa07fc6dfbe2c47cd77d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self' *.mypurecloud.com *.usw2.pure.cloud *.cac1.pure.cloud *.mypurecloud.com.au *.mypurecloud.ie *.euw2.pure.cloud *.mypurecloud.jp *.apne2.pure.cloud *.mypurecloud.de
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.legalshield.com
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
96
X-XSS-Protection
1; mode=block
saq_pxl
tags.srv.stackadapt.com/ 		166 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=r66pUJXixdzG7FlAuxjOlA&is_js=true&landing_url=https%3A%2F%2Fwww.legalshield.com%2F&t=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&tip=aOwANzPLyn1Sn5lVWjNUa0rjV050-KgpHIKSrcSHIjI&host=https://www.legalshield.com&sa-user-id-v2=s%253Ab2G2VQ6ISD5v7IhDnpsk95JGdUU.n5nm1ftaMkPrIJfFsS1bbFFj0tebDb9YioJz3uT13sg&sa-user-id=s%253A0-6f61b655-0e88-483e-6fec-88439e9b24f7.n20suUx8RteCc9z%252FaLroPIrg9XXBNK1CTE2WN6r9cGA
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.199.71.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-199-71-207.compute-1.amazonaws.com
Software
/
Resource Hash
0e69afe76a69e51f9e2317d8290e2efd2dfb32b50ddc678ca25719f4248ea8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:02 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.legalshield.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
166
truncated
/ Frame 695A 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
8578e350-416b-4881-b0ca-542b917a0d2f
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/ Frame 695A 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/8578e350-416b-4881-b0ca-542b917a0d2f
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
857456e6-hotjar-bg_10000000m809h00000a028.png
d9hhrg4mnvzow.cloudfront.net/8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/ Frame 695A 		893 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/857456e6-hotjar-bg_10000000m809h00000a028.png
Requested by
Host: 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
URL: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-91.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
291a7bf6f039c3d1eeb62a8f4b9aab144960fd495f4ef6d2e4007ace67893c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 19 May 2022 03:53:22 GMT
x-amz-version-id
CBwsoQnfskDMRVlnJJ3eP1x6YZ_h46S5
via
1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Apr 2022 16:56:51 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
15535001
etag
"304ada13c1c9900c0cecf1d64af730f9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
893
x-amz-cf-id
qnnb0r-4EmfNW7CmYDo378OcjqFJ03GI-k-T4I1Kex_JWHLh2Mh7rw==
css
fonts.googleapis.com/ Frame 695A 		3 KB
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 21:53:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 23:10:02 GMT
0c65c81a-gettyimages-1188478549small_10cu08k05p08k03k000028.png
d9hhrg4mnvzow.cloudfront.net/8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/ Frame 695A 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/0c65c81a-gettyimages-1188478549small_10cu08k05p08k03k000028.png
Requested by
Host: 8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
URL: https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/1e0de9b9-4348-4d8a-90dc-f2e178dff1ab/a.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-91.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
056a20c22e7e759bfa60e77788d4eb1b74010c9d1506da94f62ef3259fd434fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:51:22 GMT
x-amz-version-id
0BKv5.743xIL7.CB8d50Krs8tsLL1aM6
via
1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Apr 2022 16:56:51 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P1
age
15563921
etag
"f4447620550dca0204ed0f4a1f44487c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
37640
x-amz-cf-id
nXuTOKGcNxa2phD2LGDIVGKeXN96po5a6KOmC5lqSJbanmP3_XZJ5Q==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 695A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 17:19:31 GMT
x-content-type-options
nosniff
age
280231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 17:19:31 GMT
76a36b02794490bb
www.legalshield.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 02DB 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/cv/result/76a36b02794490bb
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668456000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
content-encoding
gzip
server
cloudflare
cf-ray
76a36b14d83790bb-FRA
content-type
text/plain; charset=UTF-8
embeddableActivated
8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com/embeddableActivated?activationRuleId=09aff6bdf80b46c393fedc8b988aa151&browserTrackingId=720f20f31ce14d63a5ea66141a07c66c&clientId=7205a5e5-e672-4915-86ca-f2daf3f0f573&hostPageCorrelationId=2552a428ddd24f3c9d88017d1f36e70f&hostPageReferrerUrl=https%3A%2F%2Fgroups.uat-shield-service.com%2F&hostPageUrl=https%3A%2F%2Fwww.legalshield.com%2F&isFirstTime=true&requestId=59c7a9e4930a4b8ba63fa7a8e4290f7b&source=universalscript-v0.179.2
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.12.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-12-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.legalshield.com
date
Mon, 14 Nov 2022 23:10:03 GMT
access-control-allow-credentials
true
half-arrow.png
www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/images/ 		165 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/scripts/images/half-arrow.png
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/style.min.css?ver=0.94.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572edbfe6005995cb1f189271a6faeb10a2745bfd2fb195e3026aea9fde25f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/wp-content/plugins/channels-wpcore-plugin/Core/CustomBlocks/styles/style.min.css?ver=0.94.14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
165
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Oct 2022 15:45:02 GMT
server
cloudflare
etag
"6352be7e-a5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges
bytes
cf-ray
76a36b15085790bb-FRA
/
www.facebook.com/tr/ Frame 4399 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.legalshield.com
Referer
https://www.legalshield.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.legalshield.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 14 Nov 2022 23:10:03 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
tc.min.js
c1.rfihub.net/js/ Frame EA65 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 22:28:32 GMT
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 22:28:22 GMT
server
Jetty(9.3.29.v20201019)
x-amz-cf-pop
FRA53-C1
age
2491
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
7RK-4TzPplOZyfz7CuZdo0fvFNpkgijC8RhZI_CO6cqN5G9Ak1AR8A==
expires
Mon, 14 Nov 2022 23:28:32 GMT
p13n.min.js
cdn.boomtrain.com/p13n/legalshield/ Frame EA65 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/p13n/legalshield/p13n.min.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9ee8974b8d7ec8b87359f0cc3c9463eef5fc0536673c629364ae87cc5a7d1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
DOudgoCw3DdyqDGAlEUmvzKBO1mtnQut
Content-Encoding
gzip
Via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
Date
Mon, 14 Nov 2022 23:10:03 GMT
X-Amz-Cf-Pop
FRA56-C2
Age
640
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 10 Nov 2022 05:41:36 GMT
Server
AmazonS3
ETag
W/"3cb528dd2e85378c63a360a8a25a091d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
0uX7WXoG01Uwi2npsPlBMIMugYw26sfRm_OY-VFw8UKegZenCS-Rtg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=213772285&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.legalshield.com%2F&dr=https%3A%2F%2Fgroups.uat-shield-service.com%2F&ul=en-us&de=UTF-8&dt=Online%20Prepaid%20Legal%20Services%20%26%20Plans%20-%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Region%20Popup&ea=Region%20Selection%20Modal&el=Popup%20Modal&_u=aHDACUABRAAAACAAI~&jid=113563274&gjid=1049378949&cid=177753735.1668467401&tid=UA-7450226-17&_gid=2022134419.1668467401&_r=1&gtm=2wgb905NMPWF9&cd4=&z=784065508
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=113563274&gjid=1049378949&_gid=2022134419.1668467401&_u=aHDACUABRAAAACAAI~&z=1608992975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 14 Nov 2022 23:10:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=113563274&_u=aHDACUABRAAAACAAI~&z=1963523880
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-7450226-17&cid=177753735.1668467401&jid=113563274&_u=aHDACUABRAAAACAAI~&z=1963523880
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca.html
20840888p.rfihub.com/ Frame 6C9A 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20840888p.rfihub.com/ca.html?ver=9&rb=46556&ca=20840888&_o=46556&_t=20840888&pe=https%3A%2F%2F11988031.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIvRm7blrvsCFfRGHQkdUmYFtA%3Bsrc%3D11988031%3Btype%3Dlsflu0%3Bcat%3Dhomep0%3Bord%3D6236553666244%3Bgtm%3D2odb90%3Bauiddc%3D825305249.1668467401%3B%7Eoref%3Dhttps%253A%252F%252Fwww.legalshield.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=10532857125813067
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
0a7c64f33e3ca151989d28d811a5e270a0b74cebf1c96f49ff816403bb8b525c

Request headers

Referer
https://11988031.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2616
Content-Type
text/html;charset=utf-8
Date
Mon, 14 Nov 2022 23:10:03 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
resolve
people.api.boomtrain.com/identify/ Frame EA65 		145 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZmNiYzU5NjgtYmVkZi00NDY1LWIwMjAtYTM4NmQ4ODI1NTM4OjE2Njg0Njc0MDIuNzg2NTQ3MiJ9fQ%3D%3D&site_id=legalshield
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/legalshield/p13n.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.160.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-160-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6b30151686daa09a615047f977072684adc71333e8cf0a9226efceb0498f0396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
145
tc.min.js
c1.rfihub.net/js/ Frame EC0F 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:ca00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 22:28:32 GMT
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
last-modified
Mon, 14 Nov 2022 22:28:22 GMT
server
Jetty(9.3.29.v20201019)
x-amz-cf-pop
FRA53-C1
age
2491
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
3_-cHzEr48aNXEtDALckGEJsGmHRl66XJ5ntwewz5SZOWem1xfLbDw==
expires
Mon, 14 Nov 2022 23:28:32 GMT
p13n.min.js
cdn.boomtrain.com/p13n/legalshield/ Frame EC0F 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/p13n/legalshield/p13n.min.js
Requested by
Host: groups.uat-shield-service.com
URL: https://groups.uat-shield-service.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9ee8974b8d7ec8b87359f0cc3c9463eef5fc0536673c629364ae87cc5a7d1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
DOudgoCw3DdyqDGAlEUmvzKBO1mtnQut
Content-Encoding
gzip
Via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
Date
Mon, 14 Nov 2022 23:10:03 GMT
X-Amz-Cf-Pop
FRA56-C2
Age
640
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 10 Nov 2022 05:41:36 GMT
Server
AmazonS3
ETag
W/"3cb528dd2e85378c63a360a8a25a091d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
Q2W-ErFj8LVvNVOUnuOd3eoE9hIXni2Cr5dLaCXiod65prXe-in5oA==
ca.html
20842111p.rfihub.com/ Frame BCF8 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20842111p.rfihub.com/ca.html?ver=9&rb=46556&ca=20842111&_o=46556&_t=20842111&pe=https%3A%2F%2F11988031.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIrNm7blrvsCFRlEHQkdy_APsg%3Bsrc%3D11988031%3Btype%3Dlsflu0%3Bcat%3Dls-us00%3Bord%3D3083792627875%3Bgtm%3D2wgb90%3Bauiddc%3D825305249.1668467401%3B%7Eoref%3Dhttps%253A%252F%252Fwww.legalshield.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=5268133376098023
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
e99d65bed9c935e91d2af142f446045428c171c6be0e8f6d1f268b55aeba82b1

Request headers

Referer
https://11988031.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2616
Content-Type
text/html;charset=utf-8
Date
Mon, 14 Nov 2022 23:10:03 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
resolve
people.api.boomtrain.com/identify/ Frame EC0F 		145 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYjlkNmRiMjUtNGI0YS00ODc4LWJkMTUtZGY3ZTE1OWJkOWVjOjE2Njg0Njc0MDIuNzg3MTc1In19&site_id=legalshield
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/legalshield/p13n.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.160.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-160-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
66a26e4c86c03dd75771ca2dee0970c9ca3ba3fd513ae39ae59937f5ce544fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11988031.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
145
collect
b.clarity.ms/ 		0
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.legalshield.com
date
Mon, 14 Nov 2022 23:10:04 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
cm
a.rfihub.com/ Frame 6C9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTcyNTExNDQxNTgyOA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
42 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 14 Nov 2022 23:10:03 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6C9A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
AN-X-Request-Uuid
81adde1c-630a-4a7e-9ad2-57585abf712c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6C9A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5108559725114415828&
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=1121&dpuuid=5108559725114415828&redir=
dpm.demdex.net/ Frame 6C9A 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559725114415828&redir=
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-43-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7nuLABtnR2Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame 6C9A
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5108559725114415828&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5108559725114415828&bid=omt9pi0
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5108559725114415828&bid=omt9pi0
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 6C9A 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:10:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 14 Nov 2022 23:10:03 GMT
serving
bs.serving-sys.com/ Frame 6C9A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.178.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-178-27.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
501709.gif
idsync.rlcdn.com/ Frame 6C9A
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559725114415828&referrer=https%3A%2F%2Fadservice.google.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db9d6db25-4b4a-4878-bd15-df7e159b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame 6C9A 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.72.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-72-99.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 6C9A 		43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559725114415828&forward=
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0
360947.gif
idsync.rlcdn.com/ Frame 6C9A 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 6C9A 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 14 Nov 2022 23:10:03 GMT
pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 6C9A 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5108559725114415828&img=1
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
96
Connection
keep-alive
Content-Length
43
sync
partners.tremorhub.com/ Frame 6C9A 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5108559725114415828&r=5jEG5o9NJUyG
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 14 Nov 2022 23:10:03 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 6C9A 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.86.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 6C9A 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559725114415828
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1668467403
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 6C9A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559725114415828&expires=30
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIvRm7blrvsCFfRGHQkdUmYFtA;src=11988031;type=lsflu0;cat=homep0;ord=6236553666244;gtm=2odb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.124.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-124-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame 6C9A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAIEYBs8wAr
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3LKywAIEYBs8wAr&_test=Y3LKywAIEYBs8wAr
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3LKywAIEYBs8wAr&_test=Y3LKywAIEYBs8wAr
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20840888p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 14 Nov 2022 23:10:04 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-hhn4029-HHN
pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668467404.992413,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y3LKywAIEYBs8wAr&_test=Y3LKywAIEYBs8wAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
match
ps.eyeota.net/ Frame BCF8
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5140084922536731388&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5140084922536731388&bid=omt9pi0
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5140084922536731388&bid=omt9pi0
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/ Frame BCF8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAAALFCQwAW
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAAALFCQwAW
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-hhn4029-HHN
pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1760
x-timer
S1668467404.992318,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
11722

Redirect headers

x-served-by
cache-hhn4029-HHN
pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1668467404.589419,VS0,VE88
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y3LKywAAALFCQwAW
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
cm
a.rfihub.com/ Frame BCF8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyMjUzNjczMTM4OA==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
42 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
HTTP/1.1
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 14 Nov 2022 23:10:03 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOzeDsmQyYt7qBAnxaTrm0I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BCF8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=18&code=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
AN-X-Request-Uuid
8355b3e8-ac43-4bf3-8ae2-900d203d214c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
146.70.117.69; 146.70.117.69; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BCF8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5140084922536731388&
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=1121&dpuuid=5140084922536731388&redir=
dpm.demdex.net/ Frame BCF8 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084922536731388&redir=
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-43-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-048420acf.edge-irl1.demdex.com 14 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pnOkuVuRRos=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cksync.php
contextual.media.net/ Frame BCF8 		45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 23:10:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Mon, 14 Nov 2022 23:10:03 GMT
serving
bs.serving-sys.com/ Frame BCF8 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.178.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-178-27.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
501709.gif
idsync.rlcdn.com/ Frame BCF8
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084922536731388&referrer=https%3A%2F%2Fadservice.google.com%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db9d6db25-4b4a-4878-bd15-df7e159b...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame BCF8 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.72.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-72-99.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame BCF8 		43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084922536731388&forward=
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0
360947.gif
idsync.rlcdn.com/ Frame BCF8 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame BCF8 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Mon, 14 Nov 2022 23:10:03 GMT
pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame BCF8 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5140084922536731388&img=1
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 23:10:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
43
sync
partners.tremorhub.com/ Frame BCF8 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5140084922536731388&r=XtTEeIS27eLY
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Mon, 14 Nov 2022 23:10:03 GMT
server
Apache-Coyote/1.1
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame BCF8 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.86.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame BCF8 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084922536731388
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.167.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-167-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n008-dub-prod.krxd.net
date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=22 t=1668467403
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame BCF8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084922536731388&expires=30
Requested by
Host: 11988031.fls.doubleclick.net
URL: https://11988031.fls.doubleclick.net/ddm/fls/r/dc_pre=CIrNm7blrvsCFRlEHQkdy_APsg;src=11988031;type=lsflu0;cat=ls-us00;ord=3083792627875;gtm=2wgb90;auiddc=825305249.1668467401;~oref=https%3A%2F%2Fwww.legalshield.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.124.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-124-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20842111p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&RedC=c.clarity.ms&MXFR=33406654375E6CFE2EF47408335E6283
  • https://c.clarity.ms/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&MUID=3543AC7AB91D61CF0648BE26B86C600C
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&MUID=3543AC7AB91D61CF0648BE26B86C600C
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
last-modified
Thu, 13 Oct 2022 20:07:05 GMT
server
Microsoft-IIS/10.0
etag
"40db785d3fdfd81:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 14 Nov 2022 23:10:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 47E4EDE496C54943968420E2375DB2FF Ref B: FRAEDGE1116 Ref C: 2022-11-14T23:10:04Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=43C3A71700434FAC892D5AFF53E1D34E&MUID=3543AC7AB91D61CF0648BE26B86C600C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
legalshield.jsp
www.upsellit.com/active/ 		0
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/legalshield.jsp
Requested by
Host: container.pepperjam.com
URL: https://container.pepperjam.com/1266561626.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.39.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
date
Wed, 19 Oct 2022 00:28:35 GMT
server
nginx
age
2328089
content-type
text/html
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 19 Oct 2023 00:28:35 GMT
rum
www.legalshield.com/cdn-cgi/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.legalshield.com/cdn-cgi/rum?
Requested by
Host: cdn-eildb.nitrocdn.com
URL: https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/desktop/optimized/rev-7294ff7/beacon.min.js/nitro-min-vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
application/json

Response headers

date
Mon, 14 Nov 2022 23:10:04 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.legalshield.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
76a36b1c6e0a90bb-FRA
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-TG8J8VD&cv=253&t=ol&p=gtmo&l=785&q=725&f=78&e=449&i=51&d=285&c=753&hc=1&fh=257&sr=0.050000&ps=0.013326431778945214&cb=706222849
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:04 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
to.getnitropack.com/ 		20 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://to.getnitropack.com/
Requested by
Host: www.legalshield.com
URL: https://www.legalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-713.bunnyinfra.net
Software
BunnyCDN-DE-713 / PHP/7.3.33
Resource Hash
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4ALw9mF7GvF0JfxU

Response headers

date
Mon, 14 Nov 2022 23:10:04 GMT
content-encoding
none
strict-transport-security
max-age=15724800; includeSubDomains
cdn-edgestorageid
713
x-powered-by
PHP/7.3.33
cdn-cachedat
11/14/2022 23:10:04
cdn-pullzone
234442
content-length
20
server
BunnyCDN-DE-713
cdn-proxyver
1.03
cdn-requestpullcode
200
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cdn-uid
b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cache-control
public, max-age=0
cdn-requestid
b903d5e781b79768f6acae7713758b47
cdn-requestcountrycode
RO
cdn-status
200
cdn-requestpullsuccess
True
Photo-1-1.png
cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-eildb.nitrocdn.com/LaQBisxHZCjUdXtrVcLeuKPdghmRtJAz/assets/static/optimized/rev-7294ff7/wp-content/uploads/2021/11/Photo-1-1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c9a727384e86729fc9d4a3f00087c98ca564ee0d215674ab2c180b750a39ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 23:10:04 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 20:27:42 GMT
server
cloudflare
age
6203
etag
"6372a4be-49a5"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
cf-ray
76a36b1c8f4390e2-FRA
link
<https://www.legalshield.com/wp-content/uploads/2021/11/Photo-1-1.png>; rel="canonical"
content-length
18730
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
b.clarity.ms/ 		0
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.43/clarity.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.legalshield.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.legalshield.com
date
Mon, 14 Nov 2022 23:10:06 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/views/layout/footer.html
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/heroImage.jpg
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/fonts/glyphicons-halflings-regular.woff2
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/loading.gif
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/legalShield_logo.svg
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/legalShield_ca_logo.png
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/iDShield_logo.svg
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/primerica.jpg
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/images/home.svg
Domain
groups.uat-shield-service.com
URL
https://groups.uat-shield-service.com/fonts/glyphicons-halflings-regular.woff
Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| href object| NPSH object| NitroScrollHelper function| $ function| jQuery number| monetateT object| monetate number| waitForJQuery object| trustpilot_settings object| WPMLLanguageSwitcherDropdownClick string| InvocaTagId function| gtag object| dataLayer boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes object| webVitals object| _pix string| protocol object| a undefined| proxyPurgeOnly undefined| nitroData undefined| xhr object| Trustpilot function| _ object| _wpUtilSettings object| wp object| lsc_cookie_handler function| Swiper object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| LscDiviFrontendData object| google_tag_manager object| google_tag_data object| monetateQ string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external string| env function| rdt string| _linkedin_data_partner_id object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| _dcq object| _dcs function| saq function| _saq function| clarity object| webpackChunklsc_divi object| lsc_available_products object| lsc_selected_products object| lsc_region_selector function| io object| Invoca object| __cfBeacon string| et_location_hash function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| uetq function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| inIframe function| tryParseJson string| TrustpilotObject function| tp object| f function| lintrk object| google_optimize object| __scs function| UET function| UET_init function| UET_push object| ueto_d1cf23b699 object| ube object| Pepperjam function| PepperjamTracking string| usi_launch_tag number| usi_installed function| USI_installCode object| FullCalendarVDom object| res object| saCookies string| current_window_url_param object| json_rr1 function| et_pb_init_woo_custom_button_icon string| waypointContextKey

91 Cookies

Domain/Path Name / Value
groups.uat-shield-service.com/ Name: affinitytoken
Value: d5a4216cb2be40b27386e921ad0f7fca
.legalshield.com/ Name: mt.v
Value: 2.327350158.1668467400594
www.legalshield.com/ Name: nitroCachedPage
Value: 1
.legalshield.com/ Name: _gcl_au
Value: 1.1.825305249.1668467401
.legalshield.com/ Name: _gid
Value: GA1.2.2022134419.1668467401
www.clarity.ms/ Name: CLID
Value: bc6da6403b8a4bb781c76aa3be9710d1.20221114.20231114
.legalshield.com/ Name: _gat_gtag_UA_7450226_17
Value: 1
.legalshield.com/ Name: _ga_P7ENYQJBJE
Value: GS1.1.1668467401.1.0.1668467401.60.0.0
www.legalshield.com/ Name: __scs
Value: s:j:%7B%22id%22:%22c44e8d56-a73d-45da-9b77-90b032e521b5%22,%22name%22:%22Guest%20215841658%22%7D.SeNJBM0L4qnDK1rQ9XzFtqx27AEF5pTzyXh8MvRJt/Q
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6f61b655-0e88-483e-6fec-88439e9b24f7.n20suUx8RteCc9z%2FaLroPIrg9XXBNK1CTE2WN6r9cGA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Ab2G2VQ6ISD5v7IhDnpsk95JGdUU.n5nm1ftaMkPrIJfFsS1bbFFj0tebDb9YioJz3uT13sg
.bing.com/ Name: MUID
Value: 3543AC7AB91D61CF0648BE26B86C600C
.legalshield.com/ Name: _rdt_uuid
Value: 1668467401739.f2c5e1a0-7b0d-472c-9384-643fc2dbba67
.legalshield.com/ Name: _ga
Value: GA1.2.177753735.1668467401
.legalshield.com/ Name: _gat_UA-7450226-61
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A80c8M-9zUY7vRyWKPciBPA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.legalshield.com/ Name: sa-user-id
Value: s%253A0-6f61b655-0e88-483e-6fec-88439e9b24f7.n20suUx8RteCc9z%252FaLroPIrg9XXBNK1CTE2WN6r9cGA
www.legalshield.com/ Name: sa-user-id-v2
Value: s%253Ab2G2VQ6ISD5v7IhDnpsk95JGdUU.n5nm1ftaMkPrIJfFsS1bbFFj0tebDb9YioJz3uT13sg
.linkedin.com/ Name: UserMatchHistory
Value: AQJKJemqMR9kbwAAAYR4aCST_FBrKktPizzyAgI8CEPYHsnCN38I9ekKgtRCRFkcKt3ruGZQR3punw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK0zUTPX9_VvgAAAYR4aCSTpxmNLsSPsxcvTiP07oZM2BvXDj0NHwFFYSPOtMO6K3LFcpCFM_dMO9cdXf32lw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&2a390821-1be7-4b5c-85e6-37a2af1bb64e"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3008:u=1:x=1:i=1668467401:t=1668553801:v=2:sig=AQG1lE0kXmw2wHKNIi9b4SLGBVBi39LC"
.www.legalshield.com/ Name: ln_or
Value: d
.legalshield.com/ Name: _uetsid
Value: 77a54270647111ed82300f6e06f2caf8
.legalshield.com/ Name: _uetvid
Value: 77a53c70647111ed9fb3d9975468b3a0
.doubleclick.net/ Name: IDE
Value: AHWqTUmt1mTi701jhaYXGTt_Hx_fd1CuJ7iRdpNTqUXyyiY6LcsM4tN2epxM9qVXLdo
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221114231002044aecc6-907b-4094-8161-6beb40fc6156AQEfYLR1AmzCi_DkBiN6WRsHpvgNkZk4"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Njg0Njc0MDI7MjswMjFjyXNWoX7z/GRCuyBhAZ3vKZ8YH4gM+KE8gAgcFGileA==
.legalshield.com/ Name: _clck
Value: 1wdm2ib|1|f6k|0
.adnxs.com/ Name: uuid2
Value: 2274428672264789033
.legalshield.com/ Name: _fbp
Value: fb.1.1668467402412.279783481
.bidswitch.net/ Name: tuuid
Value: 6d0611ea-070f-4665-b3d0-5c2bbd83112c
.bidswitch.net/ Name: c
Value: 1668467402
.bidswitch.net/ Name: tuuid_lu
Value: 1668467402
.yahoo.com/ Name: A3
Value: d=AQABBMrKcmMCEIcJwnjTFw-_8cDdiY2btiUFEgEBAQEcdGN8YwAAAAAA_eMAAA&S=AQAAAvgpyPBBhVY0Z9RrPfdhcjg
.myvisualiq.net/ Name: tuuid
Value: ccc4fd4c-b0ac-4cc2-ad27-d166c161b167
.myvisualiq.net/ Name: c
Value: 1668467402
.myvisualiq.net/ Name: tuuid_lu
Value: 1668467402
.casalemedia.com/ Name: CMID
Value: Y3LKyp-l07z0-MIc5lD7pgAA
.casalemedia.com/ Name: CMPS
Value: 1163
.casalemedia.com/ Name: CMPRO
Value: 1163
.agkn.com/ Name: ab
Value: 0001%3A5eO5wZb76c9GHqvjvf5xYJAcjtAfRwbe
.ads.stickyadstv.com/ Name: UID
Value: cecab136869d669367702b17c5b08c52
.analytics.yahoo.com/ Name: IDSYNC
Value: 195g~28an
.bluekai.com/ Name: bku
Value: b/X991gvzZ1DLby7
.bluekai.com/ Name: bkpa
Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.krxd.net/ Name: _kuid_
Value: PMv4NbEO
.360yield.com/ Name: tuuid
Value: 02b82a10-636a-4e2a-aa20-0ffd75632ec8
.360yield.com/ Name: tuuid_lu
Value: 1668467402
.legalshield.com/ Name: _clsk
Value: zo6kkr|1668467403019|1|1|b.clarity.ms/collect
.legalshield.com/ Name: __cf_bm
Value: FNN1OShw.S_bBo0gHHlUeWnEuvzANR1zc4GP_N6kwL4-1668467403-0-AbZKgSwj3cWKtjxeELgiYaOPDPISidDXqXSGKtrnBBfsVtAT84CL7kB2oM0ilSV7vr4OJlsCME+i8FHlR+5j+7mR/wCyQxg8FX4sBPf0m9dpOaGijRZPhUqVVHwdhEEOCX0n9Vz/DDS2g35yE5cQxkOrUGtkwjHyA/xqZN+NXEmO
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: Wd1DHQOPStao7gm1ctjiAA
.360yield.com/ Name: um
Value: !416,3trTqOocvol79rjoWpL8fVTE,1676243403
.360yield.com/ Name: umeh
Value: !416,0,1730675403,-1
.legalshield.com/ Name: _gat_UA-7450226-17
Value: 1
.mookie1.com/ Name: id
Value: 10811735332922892045
.mookie1.com/ Name: mdata
Value: 1|10811735332922892045|1668467403077
.mookie1.com/ Name: ov
Value: aa029a45e04da2d85c724ac6a0f4e111
.adform.net/ Name: C
Value: 1
.rezync.com/ Name: zync-uuid
Value: b9d6db25-4b4a-4878-bd15-df7e159bd9ec:1668467402.787175
.demdex.net/ Name: demdex
Value: 91797799919823914791551740581169516974
.spotxchange.com/ Name: audience
Value: 785eb677-6471-11ed-91e7-174deb1e0206
.adform.net/ Name: uid
Value: 4805909204924635496
bs.serving-sys.com/ Name: r1
Value: 1668467403_1
.serving-sys.com/ Name: u2
Value: 56048332-923b-4025-b8f1-c92cea0e3b064JK060
.dpm.demdex.net/ Name: dpm
Value: 91797799919823914791551740581169516974
ads.samba.tv/ Name: sambapxid
Value: 104b53a9887b5ec44
.pubmatic.com/ Name: KRTBCOOKIE_290
Value: 23261-bAu5BLuST3eV3U8eZX1phg&KRTB&23219-bAu5BLuST3eV3U8eZX1phg
.pubmatic.com/ Name: PugT
Value: 1668467402
.adnxs.com/ Name: anj
Value: dTM7k!M40]DYRWSF']wIg2C$KtxJ-O!]tco8i_j.ey)PK#^V*XIh_KW/FR$_iuRoPW<e_l>GIvq8d5o7>]@]>D)ITn>r%v((nQY*3jklh^w#6p5+`9P5HmpL(6*.w)$8)u>wL5L!!)P%+ZyKt
.semasio.net/ Name: SEUNCY
Value: 2769D18BCC216542
.media.net/ Name: visitor-id
Value: 3114690039107716000V10
.media.net/ Name: data-rk
Value: 5140084922536731388~~3
.ispot.tv/ Name: pt
Value: v2:8dfb619be94db2186895677e604e272e1750685836c8d226873be7c6e5961587|19df90b63a88f1a0b5575278c2b6198ae8a71a74f90316047801928480c3e480
.eyeota.net/ Name: SERVERID
Value: 17712~DM
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 87D42FC8-AE12-4FFD-83F1-50AE98E68CD3
live.rezync.com/ Name: sd-session-id
Value: .eJwNykkOgzAMAMC_-EyqLHbs5DOIEFeKWmhF4FLE38txpDlh_Oq2TKuuO-R9O3SA-d1udcgn9PZb9AUZyKG1gsl7CpGDCyJwDdC19_ZZx1bvU1KNtXgyWHAyKCymVEemPlkdpVKTztnFKBgZrX-wsGOC6w-giiYR.Y3LKyw.6NVyUiMsXmaxlAHsx0scq_JugRs
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjU0NDExNLUwshDiM9QNz_AszTKODC7X9fEFAMndjvIlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjU0NDExNLUwshDiM9QNz_AszTKODC7X9fEFAMndjvIlAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3LKywAIEYBs8wAr
.ninthdecimal.com/ Name: ndat
Value: LU+M1GNyysstfBwLMzWWAg==
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129a9KdSnODayMLDEvdHLMq0gMKco18FzFKBBp7ONdWe7o6RrpVGxR7ljUxGKWZJlilpJkZKprkmSSqGtiYW6hm5RiaKqbkmaeamhqmZRimZpsZWhmZmFiZm5iYKRnbmFuaG4KABktEtFqAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129a9KdSnODayMLDEvdHLMq0gMKco18AziNTQzszAxMzcxMDYztJjFiMQ3srBchcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuNv4hVINLYx7uy3NHTNdKp2KLcsWgVK0KJiYGhySZWNCu40byExp8kbJZkmWKWkmRkqmuSZJKoa2JhbqGblGJoqpuSZp5qaGqZlGKZmmwF12SkZ25hbmhuOksYOaxNjBcJoxr8CI0PAJnoZme5AQAA
.c.bing.com/ Name: SRM_B
Value: 3543AC7AB91D61CF0648BE26B86C600C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3543AC7AB91D61CF0648BE26B86C600C
.c.clarity.ms/ Name: ANONCHK
Value: 0
.legalshield.com/ Name: invoca_session
Value: %7B%22ttl%22%3A%222022-12-14T23%3A10%3A04.652Z%22%2C%22session%22%3A%7B%22utm_medium%22%3A%22referral%22%2C%22utm_source%22%3A%22uat-shield-service.com%22%2C%22invoca_id%22%3A%22i-aebfc533-8ebe-4574-9c66-cb249ff5dcd1%22%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Afalse%2C%22rn%22%3Afalse%7D%7D

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559725114415828
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084922536731388
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://usermatch.krxd.net/um/v2?partner=amzn
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b9d6db25-4b4a-4878-bd15-df7e159bd9ec%3A1668467402.787175
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11988031.fls.doubleclick.net
20840888p.rfihub.com
20842111p.rfihub.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.events.ubembed.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.js.ubembed.com
8c1aab619aac40b3b3c7f4e8f3ca02ba.pages.ubembed.com
a.rfihub.com
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alb.reddit.com
amazon.partners.tremorhub.com
assets.ubembed.com
b.clarity.ms
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
builder-assets.unbounce.com
c.bing.com
c.clarity.ms
c1.adform.net
c1.rfihub.net
cdn-eildb.nitrocdn.com
cdn.boomtrain.com
cdn.linkedin.oribi.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
container.pepperjam.com
contextual.media.net
d.monetate.net
d9hhrg4mnvzow.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
groups.uat-shield-service.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
invitejs.trustpilot.com
lciapi.ninthdecimal.com
live.rezync.com
livechat.sentimentmetrics.com
lm.serving-sys.com
loadus.exelator.com
match.360yield.com
odr.mookie1.com
p.rfihub.com
partners.tremorhub.com
people.api.boomtrain.com
pi.ispot.tv
pixel.rubiconproject.com
pnapi.invoca.net
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px.surveywall-api.survata.com
px4.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
sb.scorecardresearch.com
se.monetate.net
snap.licdn.com
solutions.invocacdn.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tag.getdrip.com
tags.bluekai.com
tags.srv.stackadapt.com
to.getnitropack.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imdb.com
www.legalshield.com
www.linkedin.com
www.redditstatic.com
www.upsellit.com
x.bidswitch.net
x.dlx.addthis.com
groups.uat-shield-service.com
px.surveywall-api.survata.com
104.76.200.221
107.21.155.183
108.138.17.118
108.157.4.15
108.157.4.81
13.107.42.14
13.226.147.102
13.248.245.213
13.32.27.30
141.226.228.48
142.250.184.226
142.250.186.102
143.204.215.85
149.3.133.19
151.101.1.140
151.101.194.132
151.101.194.49
151.101.65.131
172.64.154.237
18.184.216.10
18.197.178.27
18.66.248.71
18.66.9.91
185.59.220.194
185.64.189.110
185.64.190.78
185.80.39.216
185.86.139.114
185.94.180.125
188.65.124.66
193.0.160.128
2.16.186.10
20.234.93.27
20.75.32.255
2001:4860:4802:34::36
209.54.182.161
212.82.100.182
23.205.251.151
2600:1f18:612b:4216:f6:411e:ff52:dd4b
2600:9000:214f:ca00:1:76cf:fe80:93a1
2606:4700:4400::6812:27b0
2606:4700:4400::ac40:925f
2606:4700:4400::ac40:9394
2606:4700::6810:3965
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::396
3.122.138.253
3.126.202.50
3.126.56.137
3.229.160.205
3.66.124.166
34.117.39.58
34.207.12.71
34.230.221.167
34.98.67.61
35.244.159.8
35.244.174.68
37.157.3.29
37.252.171.52
44.199.71.207
44.207.237.180
45.79.140.212
52.28.196.126
52.55.72.99
52.72.138.89
54.161.222.185
54.217.24.103
54.229.43.180
54.72.167.131
54.76.86.77
54.78.254.47
65.9.66.6
69.173.144.139
69.173.144.165
77.243.60.138
88.221.168.23
99.86.4.108
99.86.4.11
001e01f4b3443909a86be1ce2ce28407d067af6503a29f895264617c08fa6e58
00e48c418a83b98e6c6fa971c109f31f588d94aab875a16d6409c89d3bafb218
0166b0380029a21d3ac3ef3b4d22c44b5eeb9d56fbdbebb4d48f7477f2e17532
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
056a20c22e7e759bfa60e77788d4eb1b74010c9d1506da94f62ef3259fd434fd
0756c85cce1371414529393018de28d1ced5139b9ea4b6c699d636e85f7e6d9f
07b6eeede8881171009f665ee67e2959c4a3b1f8c3fcd9924dcbd5c241e0fdbb
0a7c64f33e3ca151989d28d811a5e270a0b74cebf1c96f49ff816403bb8b525c
0bb743ff17032fb81744351062643aef0915eaf80f24a2c22a7c2a769e026ed8
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0e69afe76a69e51f9e2317d8290e2efd2dfb32b50ddc678ca25719f4248ea8a0
0f00ba3e27c018779130e2601a80ea98375b85b395fc2d13861b94bdf101cf35
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0f9fc54cb053cb85232761c64f3353c4d7773e040007c612e40f1469158f64f5
0fa45bc9a52df91400d527ec26d05ba289e5fe619b74d7143ab6d7f1477d5b3e
133fcffcdcadc97f0b1d23da0c4c90aa0ccf625382e1616b464719ebc86f01f2
13ee97b36f05d1081d62e8353c5a00a464ecc71af207faf5458d7af2d7454b2d
1480dde465c92981da40ccf7258d0c58c707be591589060515d5cbf36c5d86d2
18640c4924359c4eadc3a03686364213d71dd69dc229b82816f8dc63bc046ce7
19bbb8d77bec7b86253e7b6939c10b45b93be58620d225760aa76e7ec6d66a05
1a3f6e9db47db9c2c18d3a808ad74a51f6ea12deb3ede38533875a7f30c5ad73
1aea47d53b28ae82a46fcf66757e79359df3bc2da17849348e3bda502cf94016
1cfd64452a2dcdf8b64c0fe8e1db7f17bbde068765d19ffa703eb3285cc7b59c
20ddde5cf80db4f46844129c2826dbbd444b689a99bb49aa96130f3d61d50534
20fafa7fdce3b892b281d229291ea5e18266508462ca7383d66ccc822f1ab7e8
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d912ee315f21988890b70d22a83b86b4d37e4a79008d764ffaddf4b5c5b116
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b9269abc72b50364621b29e49381551b29a9204fce63f94453a0f84b3b7d59
26d7afe74c1b711803bb949b572cf10b8b4d22e68e1339455e9ad2a8ad1607dc
2702946205614315a78c13551043dee9954f6321419dd0f9fc226cadc7332a63
28e1087f012ad58f271b49886cba865a844a30e3d84360764f042824d0540e51
28fe0bd84e12b1b28af73cb9ce0b57bc62187cae4e9eb5a33b56c933983b4bd0
291a7bf6f039c3d1eeb62a8f4b9aab144960fd495f4ef6d2e4007ace67893c6b
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
2cf161729abfdf3cabd97f16b0140febb7312a9d934c8ca3d9ba868f267445be
2f1d7e5f71dd8db88b7b3e9a0b82ca34f928361f71e75fa9c61d2ebf228d6e5f
311a7bc969bdf54b2e8f19e194dd704bfda5df37507eeb1a294bec10ec0cbdd5
34552ce7708f4ce1d068343882fb6aac9bdf2bca97b4fa07fc6dfbe2c47cd77d
374cc3975d3d759836b2dcc3eab83497d62e75b2d912c455cb7bd222231abade
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
3926660da7d3e1fd76c2b8d1bb22a1def26c6c5809463f6ff0e43b9304dc2507
3b454a94d32bf4e6e8056e8d3289b90777e496cab8161f3e7cc0f2a07ebcbd16
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3edb0046a07071dd8ecc3fbb6b426ee738237b17d132546661519707ce55067d
3f6e3c3c58ad4de493650ac14d574a6f83530b935bdf3fd9932308853dc8b38c
3ff3b90a1723f3cece7cd248dd300b7dc4f373905dc5f78f9cd0d2f82466add7
40a743d41ace24d87002a752bfa1f0dece05c6692678526c9ff40aebb4a57727
4245af97531cb254ff53e6230a82c7f9b3e95931a7e44af71d08c76177a6cee5
424e490df6248cb953f42022c3fec5a28fa25f1f35373ec20859151123e789b1
4461243333a0fd4885187488ef61ad420873ac623f3e6d18c4941ee4148ed469
457e03b53ba0f6d4b2cde2d03fadc58caa2795b9d36ef251102141b607081ae2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
486f1870d85b6e5f3efe63789d9bb1215dc8cd038ad07e3a37aa0dbddffff3a7
492f3de5b6bff06f8b26f61d37e2e565f8f31e00315600c73d9caa85713e8c29
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
4fa1bfc3f5dc8e37f72649b5aaf13a18ac21fbb95562068f4849ec2214c075ee
53927b98cf6a45a93e7a036e21a1f3d2acd7d875753da82a6e78700a8b7aa5e3
53b69f49ef7e32034683c0ba92d5a97581fab17c698aae377207dab5b9760029
53fb8ae2f0a7ebfd05d0a0cbc0a73d618581f54b0f886e07ae1ee0740c323fd5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c151a0ff58885a22384e61f067e1325eeff907fa6adb41543ea266ed3f0833
56a232dc4017e093de1c4e02952764aa603767347f37be19e8f5a94350c4da8d
572edbfe6005995cb1f189271a6faeb10a2745bfd2fb195e3026aea9fde25f06
5773294963da7cd59bd6f9de42588c9ba44b772b1cd97624749b182d5024af8d
58045cb5800a566d81af1c051570c0a54eaebf024d92da170421a5360c462c63
58df394e11d66d2d6b11472acd9eb476e06436d4449a305d7cd5d6d1366a2236
59c9a727384e86729fc9d4a3f00087c98ca564ee0d215674ab2c180b750a39ce
5bc461f07b6134c757efec3a06a897820e9477707cd958d2787c1cd00c4e965e
5eeb3f0e2aa375c94d293bfa29dbf8f709f73b497be8229ff2f44b983a8a634b
60fa44ded4b1c385f5d4323d3c9222e654d261ccc642e670143d4d37dc7f3de2
6115102609baeefb5aacaa6d82668547132218d8a63dc55d5523c300d51217f2
613db24b0a85b6c3b214cb2ff4f70a89752522dd89f01f6266140fb49999c2bd
656955dd522a5ad6e4854b1ae8cc510c8eafab407ce64ec7957b5c23a8014bd1
66a26e4c86c03dd75771ca2dee0970c9ca3ba3fd513ae39ae59937f5ce544fd3
66f4574f64023dc9dd0c9700c61c32be4d293b7912ccdf544be67ca66f7aab42
6a149facb8a27886d3f036504392c986e443355a7a6457d0f57324895b7824c2
6b30151686daa09a615047f977072684adc71333e8cf0a9226efceb0498f0396
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d680ccaa414e79a982d41aabe15ffddebbff4e2c1f5449d432a9316413d0795
6db729491296867fbc5ed116e0e8f2dcfee670b72bcd55569d83d4b185b733db
6ddef894194582976649e2a7ce97a405604844b4295fe11546d9fb7b93aff4fa
6ec7638c9c608218477a4531f8ecb4405ba24e858f55b978c003607aace815a0
6f75022ca86ac3ab28a4dbe253358e0b0d975a6887d4d586e7555c5d05bf5e45
704ad309245714b95805e8bb758aa37e0e721d201a6a763c5f72ebe58a3c51f2
7478d3a947e0acee62e3216dab83d53fe622cd2fc8d642a61ae2b734fb2729c4
7691b50d02cdb147a8827f9aa4860d55cae4a57d75188ae2ccc81adc27dde144
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8259743d1bb01220fedd20c7b75dd6e17010365be3d0ab5ed4fe910c062ddc2c
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84533e094c637033edb4f1527cd90a96ee94b5e5604ae44458632bf0fb09c12c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85946750fae78bc1978c117951493258dd8b1710e5f33217f35a36473db026c0
85aedda7101b6685a52b1fb3ee5466a4dc9081b849d173d6f7dd1c3f2d65cf7e
87d3d78dc88958b7e09562c145f97ba4c957a68f638988b861f81842ab02044b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d23fa23ba1929c27cb369ea1577d1bbf5632857d9fac20c8b250a039ad9bb3b
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
9218247d5039578f690bf4b8eb7d6b644a62096763e6522b395bcb9a6809472b
9361c6c2be91a4d833017b09b920ce5dfe9d53796edfb772a8b54aed377bc4d8
9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9d057d1d46983b7c9ad8ae2cfd447fb4c69164fbe8a7fd262b73165701c563f3
9e5f9f4f2baf5bc46482336497f85e398212b3cfc015ebe903bcbe5dd2fb0c94
9ed2187530a282a373481eb892f27c13b104fadb4040656333e10d31338465f0
a062a28a88bd550aa3efcd53cd1225ebc864383aa7d5e1efeaccf2982582e3ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1563eba39e8407c35faf24494cdc3c01cbc5a5608a0b5813217499ab99a92a4
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a49069da7f130726ad101ed3bab1c3aa8712a9f545744073732314777995a1a0
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
a8cac168a7f7a0b4903557cbb6e3421409796419a1fa5842c14fb1ceb22605f7
a99d58d5c03d9076784d6388a9c6a48f3a7d7d2aa29f707c82b4c6b96f0e41b7
a9ee8974b8d7ec8b87359f0cc3c9463eef5fc0536673c629364ae87cc5a7d1ab
a9fb11c216cdba39899a4e097500b8fe2323560deb60a77fb84be8cb69bb669d
ab0d5a596bae7f678643801cda776d03db4485be5c8231f4bd212a382f73b429
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad4c40257b574b504bad53aa279cb595192e380cd44447b94da848a4f85f8bf4
ad73b987060a7162b646285b209f6bf166f602dfd207b895ddb66e4023154d28
adda7a088f44fc5f756defdae259fefa0573e2af55e1fc397f9d69d450be1ed8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4430ded7e10c16ae61837dc01a8aa7387fb81551c599a3543156562fbb7fe46
b4973634a961de721cdf1e19dffa4f1711226f7fae939021f3b98185eb101230
b675a0d538367a94990e41004ff897cecaed04de1d3dbec25e98be0cd0e6ab6d
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba89e8d37e0d3b7b75e14edf64c12e510d13a5b9853690402bcaeb03991fcc9b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca3fc7c32407c21ee66e4f4ea2d87c897912801caae7164f09ab6c147ae4311
bcb38f06a9eab076c6f0204095f8e5e794476d13498da10f8f288c12663a654b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be46c5a78261c8e659900d428a66d1bc6e728111856727a930b248ec411d033e
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
c10c5f8ce1d4c6facf629980faf723b4017819a2a7df70530b7500f747e47a57
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2544fa3f08cf9f2cee593f3bd8a9b62d5acbc8255396f18780d063aaafdd4fb
c2e202fdc118f0d6d607dd7d96fb629cd383aec058c166cbfbd31836652703b5
c4e77ad85a1801d4b4549456c8fd70dd5c22ca6bb58c8b15ef2f061617eb499a
c541ba71478d48fb76703f2a93e2443729814a7b0e976f56263f086a6d3f35df
c5f0b9786aef3876a1dcd9a286c99188de31ec3ace82c035deac665594a19c06
c800f1956f419361bfb71f6ba384fc071667e4fb2af2e2a8c06d142ec23a71c1
cbe33f379b1a2545853ea76690f9047ef0beea55b774a171263d29a751280940
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cd0176dd10d47c45b2f4b1fee17673fa78e3d53bb982463dcac48cf56fa21864
cd53d9b910bd6eeba1c4c249fbbf0c4ea0969b07052490ab7a743c4b9578533e
cf5835b008e55bb6d40ffa698c1541cc5fe1fe7e6a2fe66842742829330599f3
cf69bf645ade3c35f7808eca63081fad8e7251eae54ba2dacea5f5712de074c3
d0553058327ae6d42c9e7c6d2bfa3969333cf34fa443392dc3699f4c1177e99b
d0adb8aa63a791e49b72db8ee2ea0eb8d2c207d8278f171804f44e1ed4356acb
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d860645f9e5eaa2d73813aa70a96560076154e1ba8a3d9700145317aa8460284
db5ba216d7049ff64e2bd1635cbc981fe75eef2ede13c1747bc936aabd722448
dcba9eabd6a7b2bd8fe0e055111f29dd4d7d547f83761f2fd5319c6ef5694aaf
dcbe9c028dee69e0661f443d043aa451f2aa8e1af117dc89dee3d653600c551b
dd2e780f60090a6a67871f75fe770713856be718a07b0cc1d55e2efd0c046fa6
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13c565f738f331ab93269e5e0b285b7407258fb483d801774e4295bf0691e6a
e1a4ce878ec242039692e46cac0bdc63a3380de0f2bf18d61502d2a8c2f7dd1c
e1d6f2f8e44b7fe2005024ff97ac72f89b6475bb87464fce8fbb96f0aea68899
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e310ec58d39a0aacd45a509a07134592778efc631fe0d0c05fa4c69453830fb8
e373889e048fa90cffa96d1332c52db160d24ce7a45fbce87327a1b62789bfb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e800aed30a8828c4a05222cd836d21fdadf5c7ee908ae8931370224549d8f3d6
e99d65bed9c935e91d2af142f446045428c171c6be0e8f6d1f268b55aeba82b1
eb02748e7abe5133b6edef9d9eac851cfa7193c587d6cce2298b25e8a2961afc
ee3364c2c3e9ae9b1bde7ff13907b994390e086ad64c76818bdb7f33b32b12fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f617ff53a6bc2ab29f6c5aaf2c845df5ec0962106d9bbca97f0c8ea94a1fdf5a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9af5c297eed4f38c97eacd4f57061be65e84d809ac92338363dab999e29d107
fdd0125c90d9d49e6db86d0607da5e684104c013999e40487879ccd36ef436ee
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff9385ad93c24f5bcaeb0a2f6ef264a938fe653ca959116b272f1cc41f50727a
ffb909510d180e1b9cc45f6bc88bba37755dd38bd8feb259fd68418830bbe4d6
ffed13d2ee281154c98f95e3beda1778ef5db4bb1694d38275b251f2d2d3f4e8
ffee4a08099184e0647423eb30fc31c4910b96683c41d36410fbb00e7e8fd310