mylawfirm.offtherecord.com Open in urlscan Pro
18.239.183.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mylawfirm.offtherecord.com/
Submission: On August 21 via api (August 21st 2023, 3:35:52 pm UTC) from US — Scanned from US

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 41 HTTP transactions. The main IP is 18.239.183.12, located in United States and belongs to AMAZON-02, US. The main domain is mylawfirm.offtherecord.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time mylawfirm.offtherecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	18.239.183.12 18.239.183.12	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	65.8.20.15 65.8.20.15	16509 (AMAZON-02) (AMAZON-02)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
6	3.227.131.212 3.227.131.212	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.140.124 52.216.140.124	16509 (AMAZON-02) (AMAZON-02)
41	10

13 18.239.183.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-12.bos50.r.cloudfront.net

mylawfirm.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.20.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-20-15.bos50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o485979.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.227.131.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-131-212.compute-1.amazonaws.com

otr-backend-service-us-prod.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.140.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

otr-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	offtherecord.com mylawfirm.offtherecord.com otr-backend-service-us-prod.offtherecord.com	1 MB
8	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2185 ka-p.fontawesome.com — Cisco Umbrella Rank: 4009	160 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2465 rs.fullstory.com — Cisco Umbrella Rank: 2314	86 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
2	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 5077	22 KB
1	amazonaws.com otr-assets.s3.amazonaws.com	6 KB
1	sentry.io o485979.ingest.sentry.io	333 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15601	43 KB
41	8

	Domain	Requested by
13	mylawfirm.offtherecord.com	mylawfirm.offtherecord.com browser.sentry-cdn.com
6	otr-backend-service-us-prod.offtherecord.com	browser.sentry-cdn.com
6	ka-p.fontawesome.com	kit.fontawesome.com
3	rs.fullstory.com	browser.sentry-cdn.com edge.fullstory.com
3	edge.fullstory.com	mylawfirm.offtherecord.com edge.fullstory.com rs.fullstory.com
3	fonts.googleapis.com	mylawfirm.offtherecord.com
2	browser.sentry-cdn.com	mylawfirm.offtherecord.com
2	kit.fontawesome.com	mylawfirm.offtherecord.com kit.fontawesome.com
1	otr-assets.s3.amazonaws.com
1	o485979.ingest.sentry.io	mylawfirm.offtherecord.com
1	cdn.plaid.com	mylawfirm.offtherecord.com
41	11

This site contains no links.

Subject Issuer	Validity	Valid
*.offtherecord.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://mylawfirm.offtherecord.com/
Frame ID: A12FA13294C177DE91D5B2A4B7C872EF
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Off The Record - Lawfirm Dashboard

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

41
Requests

100 %
HTTPS

30 %
IPv6

8
Domains

11
Subdomains

10
IPs

1
Countries

1826 kB
Transfer

9813 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mylawfirm.offtherecord.com/ 4 KB
2 KB 248ms
92ms Document
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9ba484c37bd1f9996ff8928bc5b42d2a05310a82febaab54e8051f406469eab0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Aug 2023 15:35:42 GMT
ETag: W/"f83-189d629e850"
Expires: 0
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 337d88078ff923a29006ed9c5984df62.cloudfront.net (CloudFront)
X-Amz-Cf-Id: AeWrA-f5IhsnL9dJ9l4K10se6liKmjVtMYYICWB_oEWmMX-KVkmAxw==
X-Amz-Cf-Pop: BOS50-P4
X-Cache: Miss from cloudfront
X-Powered-By: Express

GET
H2 200 4076c3ec08.js Show response
kit.fontawesome.com/ 12 KB
5 KB 149ms
61ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/4076c3ec08.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaac6c7b33723810a263675ab13cffd6c7903d94b3f613c606644cc9b560d51d

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 7fa3f28ccc6b6393-ORD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3esuidzzQza0cQCkYZB

GET
H2 200 css
fonts.googleapis.com/ 730 B
783 B 165ms
65ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 13:41:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 15:35:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 177ms
78ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 13:42:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 15:35:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 175ms
77ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 14:58:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Aug 2023 15:35:42 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.19.7/ 65 KB
21 KB 93ms
29ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 2961859
etag: "4dc87c1e025f84ef0d14fe9187946dfd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20887
expires: Wed, 17 Jul 2024 08:51:23 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.19.7/ 2 KB
976 B 100ms
37ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/angular.min.js

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 874547
etag: "14f18525c8f97317f08d5cc6f80a1953"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 882
expires: Sat, 10 Aug 2024 12:39:55 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 143 KB
43 KB 260ms
109ms Script
application/javascript 65.8.20.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.20.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-20-15.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf335a68f0be85a338baeeefb488bbce98e2a159a9c66f51311707e8aeadc6e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: cxYa7I_vXMyJqm_7tLsp1JojPZCGgKmA
content-encoding: gzip
via: 1.1 5d90b9fb6ab804caa33b8aa5260094e8.cloudfront.net (CloudFront)
date: Sun, 20 Aug 2023 19:11:01 GMT
x-amz-request-id: 8B7N44TTXV07C0RT
x-amz-cf-pop: BOS50-C3
x-amz-server-side-encryption: AES256
age: 73482
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: Cmj+nIO6/WJ+PoAE9icLWGQ5GKa3JEGVcfVcEdXMp+u/sxP3oJPI4gfvkySLhsJxUkBmdGTE87o=
last-modified: Fri, 18 Aug 2023 18:41:22 GMT
server: AmazonS3
etag: W/"188189e857f4649abb28050c81c977c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: floGfRznkoXu3ZV5ltE1EIL8fMS7vRi4zdjYu6cX4Edub7Wm9SzkXQ==

GET
H/1.1 200
OK 776.18c184e9f0733303f837.js Show response
mylawfirm.offtherecord.com/ 7 MB
1 MB 59ms
59ms Script
application/javascript 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/776.18c184e9f0733303f837.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 75eb7d8d23231db5606d3fdcd5bb43ed844fe166f4fbd0d77121a4091c486267

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:33:51 GMT
Content-Encoding: gzip
Via: 1.1 337d88078ff923a29006ed9c5984df62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1116111
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
ETag: W/"774b0a-189d629e850"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: PttTfso1zC6tTa4tyxkB-Xnqq5BKzHRnMPscMAnXVyamZrvMabEGbw==

GET
H/1.1 200
OK main.c238c1d14aeee24875f1.js Show response
mylawfirm.offtherecord.com/ 581 KB
107 KB 158ms
56ms Script
application/javascript 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/main.c238c1d14aeee24875f1.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 0ae7351c176a2834c6c1fc895fde04e8937bf48338f21a81451a584a550ce091

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 17:33:51 GMT
Content-Encoding: gzip
Via: 1.1 fed200cefaebfb8fa1ffcc5b43eee6be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1116112
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
ETag: W/"915ec-189d629e850"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: Fcv_PipK2NcsWMAe8ocUdpf6agbPaqgMFzHQER2RdRhNYs_AXpUlEg==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 653 KB
116 KB 68ms
44ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:57 GMT
server: cloudflare
age: 1622042
etag: "64c9580d-1cdb4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 7fa3f28d7d1c6393-ORD
content-length: 118196

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 27 KB
4 KB 63ms
40ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-shims.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
age: 1622042
etag: "64c9580c-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 7fa3f28d7d1d6393-ORD
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 54 KB
7 KB 99ms
76ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v5-font-face.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
age: 1622042
etag: "64c9580c-1c20"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
cf-ray: 7fa3f28d7d1f6393-ORD
content-length: 7200

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 7 KB
2 KB 61ms
39ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-font-face.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
age: 696738
etag: "64c9580c-6dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fa3f28d7d1e6393-ORD
content-length: 1756

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/4076c3ec08/38014416/ 422 B
393 B 55ms
55ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/4076c3ec08/38014416/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98d11d0db939d9ce23d3dad99efcc55967915dbae612c56def8f7b0f1b580b4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:42 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926, public, must-revalidate
cf-ray: 7fa3f28d4cf56393-ORD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F31v90_YI-DCdCtJdQ4i

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
66 KB 113ms
38ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:20:17 GMT
content-encoding: br
age: 926
x-guploader-uploadid: ADPycdtaCPTfeMHRsSkzuUmHKQuLLzdtMYpBmMgmn5pqX--nmJfYVpyKbYFBAEL_ugVLB-XuIcHkPwwIz3aKlgyCSFV5n1TW9Ivz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Aug 2023 16:20:17 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/6DGA5/v1/ 5 KB
2 KB 32ms
30ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/6DGA5/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71210ac42f5f0b1b7fb1d3bc5ac89d398caaa3011d8f566d4f2352b807c2f139

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:25:09 GMT
content-encoding: gzip
age: 634
x-guploader-uploadid: ADPycdvfIP3_bv3l47XyH-DBGGoF3H2AIP3a02TWCQqP00cTKaU69pg_ESN76MN-RCZWT61_HNsnIRObmOicRtXsmknbDwv6MmM3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
last-modified: Mon, 21 Aug 2023 15:21:19 GMT
server: UploadServer
etag: "b495a732ec6b43e608e7d410e5baee01"
x-goog-generation: 1692283879827603
x-goog-hash: crc32c=hMeAKQ==, md5=tJWnMuxrQ+YI59QQ5bruAQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1516
accept-ranges: bytes
content-type: application/json
expires: Mon, 21 Aug 2023 15:40:09 GMT

POST
H2 200 / Show response
o485979.ingest.sentry.io/api/4504459467882496/envelope/ 2 B
333 B 148ms
40ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o485979.ingest.sentry.io/api/4504459467882496/envelope/?sentry_key=fc5f6137911941ec91dd57cfcb740444&sentry_version=7

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 21 Aug 2023 15:35:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 page Show response
rs.fullstory.com/rec/ 6 KB
2 KB 151ms
66ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a9a4f91b6770f6438fb5d44ce59fc6ebf01f2c1a255f7f121b2e1802dd4bdbd6

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 21 Aug 2023 15:35:44 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1698

GET
H2 200 user Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/ 162 B
594 B 195ms
51ms XHR
application/json 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/user

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

985eac4dfdd9ae40dd7d9ee86606bf66c1eff64e73f30deb289d1a69e387982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 15:35:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.22.1
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK login.view.8a269619d2c256a8a9d7.html Show response
mylawfirm.offtherecord.com/templates/ 19 KB
3 KB 52ms
51ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/login.view.8a269619d2c256a8a9d7.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9e0268efb3ae10466827ae5ff4d7f135ac8ef17d7fc777ff1e487e82bd285e7e

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 00:39:56 GMT
Content-Encoding: gzip
Via: 1.1 fed200cefaebfb8fa1ffcc5b43eee6be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1954548
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"4dd8-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: IMJ3aO8f6tZdsVMKIXCsJo1vT4pHgBNq6UcooOXFo30jJue5OPyrDQ==

GET
H/1.1 200
OK conversation-chat-panel.component.5a6707193cf8cb281387.html Show response
mylawfirm.offtherecord.com/templates/ 2 KB
1 KB 52ms
52ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/conversation-chat-panel.component.5a6707193cf8cb281387.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 08743c0335c91ed2e87515ad038625f1e2a4309eb63ca3576bfc274039828b4b

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 16:00:01 GMT
Content-Encoding: gzip
Via: 1.1 337d88078ff923a29006ed9c5984df62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1467343
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"76a-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: S9C-0Qhf-ZeMKEPLNK_02FggOntozSdSp3IR0BnfxSNZAYHa8GXmxQ==

GET
H/1.1 200
OK action-message.component.1ca74772a287e41456ac.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 103ms
51ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/action-message.component.1ca74772a287e41456ac.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 1eda80b1d5706718e221bc8e8ae78153027486534fbf4b4258aaeb7e50a657b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 06:51:36 GMT
Content-Encoding: gzip
Via: 1.1 fed200cefaebfb8fa1ffcc5b43eee6be.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 2018648
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"c8c-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: Da51d4XeBAy7iLelnWeyEg0VlQbOaa0yU4O1xtdE52PzaTTS8zg_rw==

GET
H/1.1 200
OK message.component.5ada0582f2197c9d2785.html Show response
mylawfirm.offtherecord.com/templates/ 5 KB
1 KB 102ms
52ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/message.component.5ada0582f2197c9d2785.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: b84d7989f10105efa3d03c749febc1567b94530b3668e437d91074e018f1881d

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 16:34:22 GMT
Content-Encoding: gzip
Via: 1.1 337d88078ff923a29006ed9c5984df62.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1119682
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2023 23:29:57 GMT
Server: nginx/1.20.0
ETag: W/"145f-189d255f908"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: HxEelMnemEkVVbLPyhXTtCzP2Mds_1TPS1VDLZEaJNzT5RTKXpY5vQ==

GET
H/1.1 200
OK conversation-header.component.c9c2c63fb439898da619.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 154ms
50ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/conversation-header.component.c9c2c63fb439898da619.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: cf48435afc018ce7204d8087c5d656ae2dab57ba5b4fe7b9ca20fb38639f78da

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 12:47:57 GMT
Content-Encoding: gzip
Via: 1.1 ed0934ec01ea9cc7d841313a8f4658f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 874067
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:17 GMT
Server: nginx/1.20.0
ETag: W/"ad7-189d629e468"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: T6mTv6aTOEq-sq7--pMYv2FjJCL6PGR7O1NhHKa7tJGlGnpwwe3Xsg==

GET
H/1.1 200
OK new-message-form.component.80cdbc82aba55f31f298.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 155ms
51ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/new-message-form.component.80cdbc82aba55f31f298.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: dd6f9f365103d53ad3a5bbd82ae9f6b8052818008eed70304c4ce18b9c03a689

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 15:24:34 GMT
Content-Encoding: gzip
Via: 1.1 7081c54b3a12412858fb9c52e842b4fa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1469470
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"ab5-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: CeVFRCSpkuyxi89bfU7EAP7ItfXdndh1dU3Yn_CBfSBhjyN0uuefhg==

GET
H/1.1 200
OK message-timestamp.component.710c7ec2cc1817dd1256.html Show response
mylawfirm.offtherecord.com/templates/ 340 B
872 B 155ms
53ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/message-timestamp.component.710c7ec2cc1817dd1256.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a7d91a6c2b7ad9eb740c27856a347dd7a43165fbabdb9b75dcd8c4afd9042a14

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 16:00:02 GMT
Via: 1.1 fed200cefaebfb8fa1ffcc5b43eee6be.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: BOS50-P4
Age: 1467342
X-Powered-By: Express
ETag: W/"154-188d54021d0"
X-Cache: Hit from cloudfront
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 340
X-Amz-Cf-Id: RD8ZeRqlHOaorsg7glJK1FxBu8chH1UtOf8GKzX6w90cZXKMoWb7UQ==

GET
H/1.1 200
OK avatar-image-fallback.component.31d2811901fb446ef182.html Show response
mylawfirm.offtherecord.com/templates/ 59 B
589 B 153ms
54ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/avatar-image-fallback.component.31d2811901fb446ef182.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 15:24:35 GMT
Via: 1.1 337d88078ff923a29006ed9c5984df62.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: BOS50-P4
Age: 1469469
X-Powered-By: Express
ETag: W/"3b-188d54021d0"
X-Cache: Hit from cloudfront
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59
X-Amz-Cf-Id: KyXKQbAzCBYd7Z-yT1G-rrKGQ6Qrx6YeRSp1f0xhLWNCy1DtN_9Q5w==

GET
H/1.1 200
OK image-upload.component.e61a21546b8965b4dc94.html Show response
mylawfirm.offtherecord.com/templates/ 2 KB
1 KB 153ms
55ms XHR
text/html 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/image-upload.component.e61a21546b8965b4dc94.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 45ec62f8f19d6abb6f36715f841d387ffc943c79e27fa3e6419bef8e3e371d8b

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 15:24:35 GMT
Content-Encoding: gzip
Via: 1.1 1400daf58929007edfec4f92e9b3dde8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1469469
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"85a-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: uqOnHBHKFa5Bbzc33aC4fV_PRCJt5d9kxsraRPtnm3_IMI-7d3v2Uw==

GET
H2 200 status Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/users/authentication/ 49 B
547 B 81ms
50ms XHR
application/json 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/users/authentication/status

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

0680595a1cf1e3602cac947e67cba6facd645c609d62c3033532646c31243b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 15:35:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.22.1
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK bfe7bd97dc628ec312ec.jpeg
mylawfirm.offtherecord.com/ 234 KB
234 KB 57ms
54ms Image
image/jpeg 18.239.183.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mylawfirm.offtherecord.com/bfe7bd97dc628ec312ec.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-12.bos50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 052f579eb42047af020d1d10df31094acc5a50eabba0f082422cc07d44e67062

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:31:36 GMT
Via: 1.1 2973fb2eaa311ae16e58b191132e039a.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Aug 2023 17:20:17 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: BOS50-P4
Age: 345848
X-Powered-By: Express
ETag: W/"3a75e-189d629e468"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239454
X-Amz-Cf-Id: QGnH_FHkvvIGlxGMTqE_g7L64_xUSgO8n1FoxQmU02ROD7lXY_voAA==

GET
H2 200 pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 11 KB
11 KB 44ms
43ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-14.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:44 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
age: 130234
etag: "64c95c33-2a40"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fa3f2967f996393-ORD
content-length: 10816

GET
H2 200 pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 16 KB
16 KB 64ms
63ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:44 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
etag: "64c95c2f-3f0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7fa3f2967f9c6393-ORD
content-length: 16140

GET
H/1.1 200
OK full-logo-v2.png
otr-assets.s3.amazonaws.com/img/logos/ 5 KB
6 KB 195ms
69ms Image
image/png 52.216.140.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otr-assets.s3.amazonaws.com/img/logos/full-logo-v2.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.140.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8590adc052e5e24b74c658e65922ba7b64d85dec711eceef9bbf6f7b39f37d79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Mon, 21 Aug 2023 15:35:45 GMT
Last-Modified: Thu, 27 Jan 2022 06:35:56 GMT
Server: AmazonS3
x-amz-request-id: 7FW6JXZBRDPY65G4
ETag: "813a7853a311e1bcc15704bafdac37b0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5373
x-amz-id-2: UAB8U/58nBmg736nHNLXcM6hogT79rYxxzqvXJ2M0clqyr4RNZH1R5jivQaFu/IHK7Kdj4K8aRk=

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 4 KB
4 KB 74ms
54ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 436f42de25846fdc9ec518d72746e9e03e5a2fdd9715b04744f4ddd33584ade8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 15:35:44 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

OPTIONS
H2 200 logout
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
0 140ms
46ms Preflight 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-131-212.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mylawfirm.offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
access-control-max-age: 3600
date: Mon, 21 Aug 2023 15:35:44 GMT
server: nginx/1.22.1

POST
H2 200 logout Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
450 B 50ms
49ms XHR
text/plain 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 15:35:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.22.1
x-frame-options: DENY
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 42 KB
12 KB 90ms
29ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 14:55:51 GMT
content-encoding: gzip
age: 2393
x-guploader-uploadid: ADPycdto0dEioWnlT-qbO_vDcrC1ISLXpIWDUcUqqQMwEIBWBMwVQ9M6PJhuB6rRolTxUlvgn_KslBzzE2hyeizzYeej7wcrqoR-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
last-modified: Thu, 03 Aug 2023 16:30:48 GMT
server: UploadServer
etag: "038e81eb121703e8bf798099bb4fb954"
x-goog-generation: 1691080248135238
x-goog-hash: crc32c=EPsiLQ==, md5=A46B6xIXA+i/eYCZu0+5VA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11918
accept-ranges: bytes
expires: Mon, 21 Aug 2023 15:55:51 GMT

POST
H2 200 logout Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
450 B 51ms
50ms XHR
text/plain 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 15:35:44 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.22.1
x-frame-options: DENY
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 logout
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
0 46ms
46ms Preflight 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-131-212.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mylawfirm.offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
access-control-max-age: 3600
date: Mon, 21 Aug 2023 15:35:44 GMT
server: nginx/1.22.1

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 274ms
91ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=6DGA5&UserId=c74a20bc-a046-4b55-b82f-dd98fcfd768f&SessionId=42d79878-1b56-4690-b811-200fb09fb0da&PageId=abefaa5e-6284-48c6-b9a6-1c0c6e93159a&Seq=1&PageStart=1692632144420&PrevBundleTime=0&LastActivity=862&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 380ac2f2e28b8c21e450f024ecfb83c09c8c62e2bcb206c64ac2cab2f075a4e4

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mylawfirm.offtherecord.com
date: Mon, 21 Aug 2023 15:35:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.offtherecord.com/	1970-01-20 14:10:33	Name: fs_lua Value: 1.1692632144417
			.offtherecord.com/	1970-01-20 22:56:08	Name: fs_uid Value: #6DGA5#c74a20bc-a046-4b55-b82f-dd98fcfd768f:42d79878-1b56-4690-b811-200fb09fb0da:1692632144417::1#/1724168143

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
cdn.plaid.com
edge.fullstory.com
fonts.googleapis.com
ka-p.fontawesome.com
kit.fontawesome.com
mylawfirm.offtherecord.com
o485979.ingest.sentry.io
otr-assets.s3.amazonaws.com
otr-backend-service-us-prod.offtherecord.com
rs.fullstory.com
18.239.183.12
2606:4700::6812:1734
2607:f8b0:4006:80d::200a
2a04:4e42:600::729
3.227.131.212
34.120.195.249
35.186.194.58
35.201.112.186
52.216.140.124
65.8.20.15
052f579eb42047af020d1d10df31094acc5a50eabba0f082422cc07d44e67062
0680595a1cf1e3602cac947e67cba6facd645c609d62c3033532646c31243b6b
08743c0335c91ed2e87515ad038625f1e2a4309eb63ca3576bfc274039828b4b
0ae7351c176a2834c6c1fc895fde04e8937bf48338f21a81451a584a550ce091
0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df
1eda80b1d5706718e221bc8e8ae78153027486534fbf4b4258aaeb7e50a657b1
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
380ac2f2e28b8c21e450f024ecfb83c09c8c62e2bcb206c64ac2cab2f075a4e4
38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4
436f42de25846fdc9ec518d72746e9e03e5a2fdd9715b04744f4ddd33584ade8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ec62f8f19d6abb6f36715f841d387ffc943c79e27fa3e6419bef8e3e371d8b
63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886
656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572
71210ac42f5f0b1b7fb1d3bc5ac89d398caaa3011d8f566d4f2352b807c2f139
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
75eb7d8d23231db5606d3fdcd5bb43ed844fe166f4fbd0d77121a4091c486267
8590adc052e5e24b74c658e65922ba7b64d85dec711eceef9bbf6f7b39f37d79
8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3
985eac4dfdd9ae40dd7d9ee86606bf66c1eff64e73f30deb289d1a69e387982f
98d11d0db939d9ce23d3dad99efcc55967915dbae612c56def8f7b0f1b580b4e
9ba484c37bd1f9996ff8928bc5b42d2a05310a82febaab54e8051f406469eab0
9e0268efb3ae10466827ae5ff4d7f135ac8ef17d7fc777ff1e487e82bd285e7e
a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564
a7d91a6c2b7ad9eb740c27856a347dd7a43165fbabdb9b75dcd8c4afd9042a14
a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9
a9a4f91b6770f6438fb5d44ce59fc6ebf01f2c1a255f7f121b2e1802dd4bdbd6
b84d7989f10105efa3d03c749febc1567b94530b3668e437d91074e018f1881d
bf335a68f0be85a338baeeefb488bbce98e2a159a9c66f51311707e8aeadc6e1
cf48435afc018ce7204d8087c5d656ae2dab57ba5b4fe7b9ca20fb38639f78da
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
dd6f9f365103d53ad3a5bbd82ae9f6b8052818008eed70304c4ce18b9c03a689
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaac6c7b33723810a263675ab13cffd6c7903d94b3f613c606644cc9b560d51d
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

mylawfirm.offtherecord.com Open in urlscan Pro 18.239.183.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

30 %IPv6

8 Domains

11 Subdomains

10 IPs

1 Countries

1826 kBTransfer

9813 kBSize

2 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mylawfirm.offtherecord.com Open in urlscan Pro
18.239.183.12 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

30 %
IPv6

8
Domains

11
Subdomains

10
IPs

1
Countries

1826 kB
Transfer

9813 kB
Size

2
Cookies

41 HTTP transactions
0 data transactions