mylawfirm.offtherecord.com Open in urlscan Pro
18.173.187.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mylawfirm.offtherecord.com/
Effective URL:
https://mylawfirm.offtherecord.com/
Submission: On August 18 via api (August 18th 2023, 5:08:42 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 18.173.187.44, located in United States and belongs to AMAZON-02, US. The main domain is mylawfirm.offtherecord.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time mylawfirm.offtherecord.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.173.187.102 18.173.187.102	16509 (AMAZON-02) (AMAZON-02)
13	18.173.187.44 18.173.187.44	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	108.138.36.26 108.138.36.26	16509 (AMAZON-02) (AMAZON-02)
3	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	3.227.131.212 3.227.131.212	14618 (AMAZON-AES) (AMAZON-AES)
1	54.231.129.169 54.231.129.169	16509 (AMAZON-02) (AMAZON-02)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
41	10

1 18.173.187.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-102.muc50.r.cloudfront.net

mylawfirm.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.173.187.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-44.muc50.r.cloudfront.net

mylawfirm.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-26.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o485979.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.227.131.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-131-212.compute-1.amazonaws.com

otr-backend-service-us-prod.offtherecord.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.129.169 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

otr-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	offtherecord.com 1 redirects mylawfirm.offtherecord.com otr-backend-service-us-prod.offtherecord.com	1 MB
8	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2185 ka-p.fontawesome.com — Cisco Umbrella Rank: 4009	160 KB
6	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2465 rs.fullstory.com — Cisco Umbrella Rank: 2314	86 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	3 KB
2	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 5077	22 KB
1	amazonaws.com otr-assets.s3.amazonaws.com	6 KB
1	sentry.io o485979.ingest.sentry.io	333 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15601	43 KB
41	8

	Domain	Requested by
14	mylawfirm.offtherecord.com	1 redirects mylawfirm.offtherecord.com browser.sentry-cdn.com
6	otr-backend-service-us-prod.offtherecord.com	browser.sentry-cdn.com
6	ka-p.fontawesome.com	kit.fontawesome.com
3	rs.fullstory.com	browser.sentry-cdn.com edge.fullstory.com
3	edge.fullstory.com	mylawfirm.offtherecord.com browser.sentry-cdn.com rs.fullstory.com
3	fonts.googleapis.com	mylawfirm.offtherecord.com
2	browser.sentry-cdn.com	mylawfirm.offtherecord.com
2	kit.fontawesome.com	mylawfirm.offtherecord.com kit.fontawesome.com
1	otr-assets.s3.amazonaws.com
1	o485979.ingest.sentry.io	mylawfirm.offtherecord.com
1	cdn.plaid.com	mylawfirm.offtherecord.com
41	11

This site contains no links.

Subject Issuer	Validity	Valid
*.offtherecord.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-14`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-07-23` - `2023-10-21`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-07-18` - `2023-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mylawfirm.offtherecord.com/
Frame ID: 36E36E6EB869C905D55D5CB508AC0BD3
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Off The Record - Lawfirm Dashboard

Page URL History Show full URLs

http://mylawfirm.offtherecord.com/ HTTP 301
https://mylawfirm.offtherecord.com/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

41
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

1827 kB
Transfer

9813 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mylawfirm.offtherecord.com/ HTTP 301
https://mylawfirm.offtherecord.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mylawfirm.offtherecord.com/
Redirect Chain

http://mylawfirm.offtherecord.com/
https://mylawfirm.offtherecord.com/

4 KB
2 KB

260ms
216ms

Document
text/html

18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9ba484c37bd1f9996ff8928bc5b42d2a05310a82febaab54e8051f406469eab0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 18 Aug 2023 17:08:34 GMT
ETag: W/"f83-189d629e850"
Expires: 0
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 1ZlUreFfRxq7rGu5S82xIjI-zSWk_Ti_uE76hB1soj9XkAbDus3eTg==
X-Amz-Cf-Pop: MUC50-P4
X-Cache: Miss from cloudfront
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Fri, 18 Aug 2023 17:08:34 GMT
Location: https://mylawfirm.offtherecord.com/
Server: CloudFront
Via: 1.1 577c189d14f20f4f61c76d2711499f1c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: DgeOT0N0J009L3KT5jauvFqBgYmKkSFxxGNtTFTTmWy5MLDaNSIXcA==
X-Amz-Cf-Pop: MUC50-P4
X-Cache: Redirect from cloudfront

GET
H2 200 4076c3ec08.js Show response
kit.fontawesome.com/ 12 KB
5 KB 205ms
151ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/4076c3ec08.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaac6c7b33723810a263675ab13cffd6c7903d94b3f613c606644cc9b560d51d

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 7f8bc2748f24364e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3yJSuNkaRGf1rtwodzh

GET
H2 200 css
fonts.googleapis.com/ 730 B
783 B 58ms
21ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 16:43:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 17:08:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 60ms
24ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 16:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 17:08:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
738 B 59ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 16:13:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 17:08:34 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.19.7/ 65 KB
21 KB 42ms
12ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 9862425
etag: "4dc87c1e025f84ef0d14fe9187946dfd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20887
expires: Wed, 26 Apr 2023 13:34:47 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.19.7/ 2 KB
976 B 45ms
16ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.19.7/angular.min.js

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 26 Apr 2022 13:11:05 GMT
server: Fastly
age: 620919
etag: "14f18525c8f97317f08d5cc6f80a1953"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 882
expires: Sat, 10 Aug 2024 12:39:55 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 143 KB
43 KB 112ms
57ms Script
application/javascript 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c3a6ceb16ed61739b0be1d6b795a62d0c059c0984140b2844c85eb4f2f59043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:19:27 GMT
x-amz-version-id: h7lEeAOoqxSjdwZboVTqoDKza7ZjAPTW
content-encoding: gzip
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
x-amz-request-id: JV27BB79KVK2G9DJ
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 71348
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: Qivd3xFzZ743W0/6z4eIUmIvQ8TmJoSPsR8WHo3yOdwGjTeZMF3cwKUtaEv55nUuME9k0ZZEO38=
last-modified: Thu, 17 Aug 2023 21:01:17 GMT
server: AmazonS3
etag: W/"6a736cb7743cd5fa8f7164422852d5b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: ckOXjFodB8MayWZAYOLSPkbHIMDfiQbFzVzafqL6MmpxDje0Edog_g==

GET
H/1.1 200
OK 776.18c184e9f0733303f837.js Show response
mylawfirm.offtherecord.com/ 7 MB
1 MB 22ms
21ms Script
application/javascript 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/776.18c184e9f0733303f837.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 75eb7d8d23231db5606d3fdcd5bb43ed844fe166f4fbd0d77121a4091c486267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 11:37:08 GMT
Content-Encoding: gzip
Via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 797486
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
ETag: W/"774b0a-189d629e850"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: YelBfJeCsAdgdlLhHzCTFqFqyt149UYmDtLp5x1FSHWDP-T29-jTfQ==

GET
H/1.1 200
OK main.c238c1d14aeee24875f1.js Show response
mylawfirm.offtherecord.com/ 581 KB
108 KB 70ms
30ms Script
application/javascript 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/main.c238c1d14aeee24875f1.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 0ae7351c176a2834c6c1fc895fde04e8937bf48338f21a81451a584a550ce091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 07:11:32 GMT
Content-Encoding: gzip
Via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 727022
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:18 GMT
Server: nginx/1.20.0
ETag: W/"915ec-189d629e850"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: 4vyKMrz9Y4pV53J9BErWOul5Dj5_sTb9IAehv6RaLfytLKIhPKX79w==

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 653 KB
116 KB 1122ms
1103ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:57 GMT
server: cloudflare
etag: "64c9580d-1cdb4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc275c8ce364e-FRA
content-length: 118196

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 27 KB
4 KB 523ms
504ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-shims.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: "64c9580c-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc275c8c7364e-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 54 KB
7 KB 499ms
480ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v5-font-face.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: "64c9580c-1c20"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc275c8cd364e-FRA
content-length: 7200

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.4.2/css/ 7 KB
2 KB 166ms
148ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/css/pro-v4-font-face.min.css?token=4076c3ec08
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:34 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: "64c9580c-6dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc275c8c9364e-FRA
content-length: 1756

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/4076c3ec08/38014416/ 422 B
404 B 497ms
497ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/4076c3ec08/38014416/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4076c3ec08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98d11d0db939d9ce23d3dad99efcc55967915dbae612c56def8f7b0f1b580b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926, public, must-revalidate
cf-ray: 7f8bc275a8a7364e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F3yJSwLAa2MsAW-0wzZC

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
66 KB 77ms
13ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 16:47:03 GMT
content-encoding: br
age: 1291
x-guploader-uploadid: ADPycdtnG2Duzt0LLpIWh2zM1SQ6_Bk2ZM-7-2XpVI_RRPg3GVXrrx0QNe38MznJ2fFlthstDGZ1gGvD-gLkdN-8DI6xIg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67382
last-modified: Thu, 17 Aug 2023 14:49:44 GMT
server: UploadServer
etag: "73ae3407fb422f1b2d35137c774b84b1"
vary: Accept-Encoding
x-goog-generation: 1692283784371563
x-goog-hash: crc32c=1E7iYA==, md5=c640B/tCLxstNRN8d0uEsQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67382
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 18 Aug 2023 17:47:03 GMT

POST
H2 200 / Show response
o485979.ingest.sentry.io/api/4504459467882496/envelope/ 2 B
333 B 76ms
15ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o485979.ingest.sentry.io/api/4504459467882496/envelope/?sentry_key=fc5f6137911941ec91dd57cfcb740444&sentry_version=7

Requested by

Host: mylawfirm.offtherecord.com
URL: https://mylawfirm.offtherecord.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 web Show response
edge.fullstory.com/s/settings/6DGA5/v1/ 5 KB
2 KB 259ms
259ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/6DGA5/v1/web
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71210ac42f5f0b1b7fb1d3bc5ac89d398caaa3011d8f566d4f2352b807c2f139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:35 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduhlZ8EPqp7ZHRgWpJPK97k45Y_OE_rCq3zfdpYoHy0VNVhCuOjMzAr3CykY4bnIKf_5vctiLygPyLqMKN3-WHrCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
last-modified: Fri, 18 Aug 2023 17:01:19 GMT
server: UploadServer
etag: "b495a732ec6b43e608e7d410e5baee01"
x-goog-generation: 1692378079840818
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=hMeAKQ==, md5=tJWnMuxrQ+YI59QQ5bruAQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1516
accept-ranges: bytes
expires: Fri, 18 Aug 2023 17:23:35 GMT

GET
H2 200 user Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/ 162 B
594 B 346ms
105ms XHR
application/json 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/user

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

985eac4dfdd9ae40dd7d9ee86606bf66c1eff64e73f30deb289d1a69e387982f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 17:08:35 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.22.1
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK login.view.8a269619d2c256a8a9d7.html Show response
mylawfirm.offtherecord.com/templates/ 19 KB
3 KB 20ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/login.view.8a269619d2c256a8a9d7.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 9e0268efb3ae10466827ae5ff4d7f135ac8ef17d7fc777ff1e487e82bd285e7e

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 11:10:50 GMT
Content-Encoding: gzip
Via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 885465
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"4dd8-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: 2l8lTt8rmHaM0GbBcSM15RaxW692-36KhJLbi2tq2T3VsTgeuJRxiQ==

GET
H/1.1 200
OK conversation-chat-panel.component.5a6707193cf8cb281387.html Show response
mylawfirm.offtherecord.com/templates/ 2 KB
1 KB 21ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/conversation-chat-panel.component.5a6707193cf8cb281387.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 08743c0335c91ed2e87515ad038625f1e2a4309eb63ca3576bfc274039828b4b

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 03:53:06 GMT
Content-Encoding: gzip
Via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 1257329
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"76a-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: xtAYNfVNFDQMqB8aZs36hQpIuLFTix_kByDYr7copqS9nt0Nwd6-eg==

GET
H/1.1 200
OK action-message.component.1ca74772a287e41456ac.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 35ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/action-message.component.1ca74772a287e41456ac.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 1eda80b1d5706718e221bc8e8ae78153027486534fbf4b4258aaeb7e50a657b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 03:53:42 GMT
Content-Encoding: gzip
Via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 1257292
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"c8c-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: bMHf7JQVRSsnP5lpiE1go21pPEW7LVDDEbAqddu1hw9blna1HBA_Ng==

GET
H/1.1 200
OK message.component.5ada0582f2197c9d2785.html Show response
mylawfirm.offtherecord.com/templates/ 5 KB
2 KB 40ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/message.component.5ada0582f2197c9d2785.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: b84d7989f10105efa3d03c749febc1567b94530b3668e437d91074e018f1881d

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 11:38:07 GMT
Content-Encoding: gzip
Via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 797428
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 08 Aug 2023 17:20:17 GMT
Server: nginx/1.20.0
ETag: W/"145f-189d629e468"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: kqapCXFjxR1xK6W5y7t-ZIKG9xv8YTFzGklmz-1KxMIFcM2thKJLVg==

GET
H/1.1 200
OK conversation-header.component.c9c2c63fb439898da619.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 54ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/conversation-header.component.c9c2c63fb439898da619.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: cf48435afc018ce7204d8087c5d656ae2dab57ba5b4fe7b9ca20fb38639f78da

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 03:53:07 GMT
Content-Encoding: gzip
Via: 1.1 46d62d4755f0b1a587a0581348e41608.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 1257328
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"ad7-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: nrP31yF1NpHPLmUKC1sNEDmoWes3kAEuBe1zzK0dQNzvXGp7b_yK0Q==

GET
H/1.1 200
OK new-message-form.component.80cdbc82aba55f31f298.html Show response
mylawfirm.offtherecord.com/templates/ 3 KB
1 KB 62ms
22ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/new-message-form.component.80cdbc82aba55f31f298.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: dd6f9f365103d53ad3a5bbd82ae9f6b8052818008eed70304c4ce18b9c03a689

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 11:25:29 GMT
Content-Encoding: gzip
Via: 1.1 ed0321bab00e6823808eaacb7b137e08.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 1057386
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"ab5-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: -_tWqMYRO46ESECVJ0dOIIFTi-6KgkfGdZnDL79TTFROzMPjmYBL7Q==

GET
H/1.1 200
OK message-timestamp.component.710c7ec2cc1817dd1256.html Show response
mylawfirm.offtherecord.com/templates/ 340 B
872 B 61ms
22ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/message-timestamp.component.710c7ec2cc1817dd1256.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: a7d91a6c2b7ad9eb740c27856a347dd7a43165fbabdb9b75dcd8c4afd9042a14

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 03:53:07 GMT
Via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: MUC50-P4
Age: 1257328
X-Powered-By: Express
ETag: W/"154-188d54021d0"
X-Cache: Hit from cloudfront
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 340
X-Amz-Cf-Id: DFwCc_xvIDPkD-9V5ttsQ1dBRVPsQFBCwyrYWk4zc1wjieoPM--rog==

GET
H/1.1 200
OK avatar-image-fallback.component.31d2811901fb446ef182.html Show response
mylawfirm.offtherecord.com/templates/ 59 B
588 B 59ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/avatar-image-fallback.component.31d2811901fb446ef182.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 10 Aug 2023 07:46:20 GMT
Via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Aug 2023 17:20:17 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: MUC50-P4
Age: 724935
X-Powered-By: Express
ETag: W/"3b-189d629e468"
X-Cache: Hit from cloudfront
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59
X-Amz-Cf-Id: 95CB9IV__05_cF4PDcZ0hMTJJHNW9nKptMaWDuSi_fpSSyv8Mg3Vgw==

GET
H/1.1 200
OK image-upload.component.e61a21546b8965b4dc94.html Show response
mylawfirm.offtherecord.com/templates/ 2 KB
1 KB 60ms
20ms XHR
text/html 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mylawfirm.offtherecord.com/templates/image-upload.component.e61a21546b8965b4dc94.html
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 45ec62f8f19d6abb6f36715f841d387ffc943c79e27fa3e6419bef8e3e371d8b

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 06 Aug 2023 11:25:07 GMT
Content-Encoding: gzip
Via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P4
Age: 1057408
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 20:02:10 GMT
Server: nginx/1.20.0
ETag: W/"85a-188d54021d0"
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=31557600
X-Amz-Cf-Id: YHvfoto1RG8SjZAMWenqfSFAb3AwqXShkBW9NJP_Hp3Idzj2O-8PAw==

GET
H2 200 status Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/users/authentication/ 49 B
547 B 297ms
105ms XHR
application/json 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/users/authentication/status

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

0680595a1cf1e3602cac947e67cba6facd645c609d62c3033532646c31243b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 17:08:35 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.22.1
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 200
OK bfe7bd97dc628ec312ec.jpeg
mylawfirm.offtherecord.com/ 234 KB
234 KB 30ms
29ms Image
image/jpeg 18.173.187.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mylawfirm.offtherecord.com/bfe7bd97dc628ec312ec.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-44.muc50.r.cloudfront.net
Software: nginx/1.20.0 / Express
Resource Hash: 052f579eb42047af020d1d10df31094acc5a50eabba0f082422cc07d44e67062

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 12:10:38 GMT
Via: 1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Aug 2023 17:20:17 GMT
Server: nginx/1.20.0
X-Amz-Cf-Pop: MUC50-P4
Age: 104277
X-Powered-By: Express
ETag: W/"3a75e-189d629e468"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31557600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239454
X-Amz-Cf-Id: vxgt4rcY1yGdcZ-BnbaWvYyn701A9kKVuhCLmV5S--5W_h3z532QSQ==

GET
H/1.1 200
OK full-logo-v2.png
otr-assets.s3.amazonaws.com/img/logos/ 5 KB
6 KB 362ms
127ms Image
image/png 54.231.129.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otr-assets.s3.amazonaws.com/img/logos/full-logo-v2.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.129.169 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8590adc052e5e24b74c658e65922ba7b64d85dec711eceef9bbf6f7b39f37d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 17:08:37 GMT
Last-Modified: Thu, 27 Jan 2022 06:35:56 GMT
Server: AmazonS3
x-amz-request-id: VGC6QR5H79QM9FFQ
ETag: "813a7853a311e1bcc15704bafdac37b0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5373
x-amz-id-2: ozKZB9hsAR0sRTzzmNByFA+V5JEoVwftk3+AtV6iCyDKvzJxDiBoc/1LOd7V03epjpYrB/QUNyY=

POST
H2 200 page Show response
rs.fullstory.com/rec/ 6 KB
2 KB 201ms
148ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9d306b553e8bb2f8816f0e023ef80c5c1125938f4fed067ac5307a3699ad38db

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Aug 2023 17:08:36 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1697

POST
H2 200 logout Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
450 B 105ms
105ms XHR
text/plain 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 17:08:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.22.1
x-frame-options: DENY
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 logout
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
0 324ms
108ms Preflight 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-131-212.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mylawfirm.offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
access-control-max-age: 3600
date: Fri, 18 Aug 2023 17:08:36 GMT
server: nginx/1.22.1

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 4 KB
4 KB 133ms
132ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 436f42de25846fdc9ec518d72746e9e03e5a2fdd9715b04744f4ddd33584ade8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:36 GMT
via: 1.1 google
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

GET
H2 200 pro-fa-regular-400-1.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 16 KB
16 KB 598ms
598ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-regular-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:36 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:35 GMT
server: cloudflare
etag: "64c95c2f-3f0c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc27e6d70364e-FRA
content-length: 16140

GET
H2 200 pro-fa-solid-900-14.woff2
ka-p.fontawesome.com/releases/v6.4.2/webfonts/ 11 KB
11 KB 512ms
512ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.4.2/webfonts/pro-fa-solid-900-14.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9

Request headers

Referer: https://mylawfirm.offtherecord.com/
Origin: https://mylawfirm.offtherecord.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:08:36 GMT
cf-cache-status: MISS
last-modified: Tue, 01 Aug 2023 19:25:39 GMT
server: cloudflare
etag: "64c95c33-2a40"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7f8bc27e6d72364e-FRA
content-length: 10816

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 42 KB
12 KB 42ms
14ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=6DGA5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mylawfirm.offtherecord.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:07:44 GMT
content-encoding: gzip
age: 52
x-guploader-uploadid: ADPycdvOdjf--Otp2USMLYTq9ANRuXsyWDVmVSKKFMhtld0pckjP00LY4t7tIywWPVxiAUTznGhP4wPqcmCY9IovIOP4Iw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
last-modified: Thu, 03 Aug 2023 16:30:48 GMT
server: UploadServer
etag: "038e81eb121703e8bf798099bb4fb954"
x-goog-generation: 1691080248135238
x-goog-hash: crc32c=EPsiLQ==, md5=A46B6xIXA+i/eYCZu0+5VA==
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11918
accept-ranges: bytes
expires: Fri, 18 Aug 2023 18:07:44 GMT

POST
H2 200 logout Show response
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
450 B 106ms
106ms XHR
text/plain 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-227-131-212.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 17:08:36 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx/1.22.1
x-frame-options: DENY
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 logout
otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/ 0
0 109ms
108ms Preflight 3.227.131.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://otr-backend-service-us-prod.offtherecord.com/api/v1/authentication/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.131.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-131-212.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mylawfirm.offtherecord.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept, Api-Token, X-Feature, X-Resource-Id
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://mylawfirm.offtherecord.com
access-control-expose-headers: Location, Otr-url-location, Otr-signed-url-location
access-control-max-age: 3600
date: Fri, 18 Aug 2023 17:08:36 GMT
server: nginx/1.22.1

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 730ms
512ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=6DGA5&UserId=76b60a12-9f7d-47e9-bf1b-129486426d52&SessionId=3eb40120-a3bb-4493-ab75-3360731ced18&PageId=9fb08e7b-f604-4696-a470-8c86c3a3ab07&Seq=1&PageStart=1692378516131&PrevBundleTime=0&LastActivity=866&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.7/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a606950c77bdb2b6e57e110759ec649511be380d55cc99d1e14c3a63b016fbe9

Request headers

Referer: https://mylawfirm.offtherecord.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mylawfirm.offtherecord.com
date: Fri, 18 Aug 2023 17:08:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.offtherecord.com/	1970-01-20 14:06:20	Name: fs_lua Value: 1.1692378516130
			.offtherecord.com/	1970-01-20 22:51:54	Name: fs_uid Value: #6DGA5#76b60a12-9f7d-47e9-bf1b-129486426d52:3eb40120-a3bb-4493-ab75-3360731ced18:1692378516130::1#/1723914515

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
cdn.plaid.com
edge.fullstory.com
fonts.googleapis.com
ka-p.fontawesome.com
kit.fontawesome.com
mylawfirm.offtherecord.com
o485979.ingest.sentry.io
otr-assets.s3.amazonaws.com
otr-backend-service-us-prod.offtherecord.com
rs.fullstory.com
108.138.36.26
18.173.187.102
18.173.187.44
2606:4700::6812:1634
2a00:1450:4001:803::200a
2a04:4e42:600::729
3.227.131.212
34.120.195.249
35.186.194.58
35.201.112.186
54.231.129.169
052f579eb42047af020d1d10df31094acc5a50eabba0f082422cc07d44e67062
0680595a1cf1e3602cac947e67cba6facd645c609d62c3033532646c31243b6b
08743c0335c91ed2e87515ad038625f1e2a4309eb63ca3576bfc274039828b4b
0ae7351c176a2834c6c1fc895fde04e8937bf48338f21a81451a584a550ce091
0f1996871ba77386a475fac0db6489b0241c9a839f2e3c3f631aed26006848df
1eda80b1d5706718e221bc8e8ae78153027486534fbf4b4258aaeb7e50a657b1
24c18540ed9c6c6e79ee26e2ea2c90b9f52e1bf033f26f932d8497be0bb7e786
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
38c955b1da8fd9beae7ef0b45020e81d0140fbc070ffc85cdc7fe05ea7e652b4
3c3a6ceb16ed61739b0be1d6b795a62d0c059c0984140b2844c85eb4f2f59043
436f42de25846fdc9ec518d72746e9e03e5a2fdd9715b04744f4ddd33584ade8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ec62f8f19d6abb6f36715f841d387ffc943c79e27fa3e6419bef8e3e371d8b
63c6fcb4e0dd6d63b97574ba2717220a0ceb9fe55b7d34e7ed6133eaa82d5886
656cc7036e905a8cafd027c2105fbcbd25e9a1b74fca6098a98c426ec398c713
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
6f734ecf1191f5b75870fb8ef2b2b72acd5bb2552c23f1cd4ab8214cce385572
71210ac42f5f0b1b7fb1d3bc5ac89d398caaa3011d8f566d4f2352b807c2f139
74d5dfb509b5cd822e2337d445ff84837025c3a9fd618678d1690758f692ecee
75eb7d8d23231db5606d3fdcd5bb43ed844fe166f4fbd0d77121a4091c486267
8590adc052e5e24b74c658e65922ba7b64d85dec711eceef9bbf6f7b39f37d79
8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3
985eac4dfdd9ae40dd7d9ee86606bf66c1eff64e73f30deb289d1a69e387982f
98d11d0db939d9ce23d3dad99efcc55967915dbae612c56def8f7b0f1b580b4e
9ba484c37bd1f9996ff8928bc5b42d2a05310a82febaab54e8051f406469eab0
9d306b553e8bb2f8816f0e023ef80c5c1125938f4fed067ac5307a3699ad38db
9e0268efb3ae10466827ae5ff4d7f135ac8ef17d7fc777ff1e487e82bd285e7e
a0195cd81f03b3096ca0fee614152f1c21426db36ff2dc2dce9ba0e299f59564
a606950c77bdb2b6e57e110759ec649511be380d55cc99d1e14c3a63b016fbe9
a7d91a6c2b7ad9eb740c27856a347dd7a43165fbabdb9b75dcd8c4afd9042a14
a82bb498db64008208853eef295f3d9be6f206541484e8c83bedcf8411df5de9
b84d7989f10105efa3d03c749febc1567b94530b3668e437d91074e018f1881d
cf48435afc018ce7204d8087c5d656ae2dab57ba5b4fe7b9ca20fb38639f78da
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
dd6f9f365103d53ad3a5bbd82ae9f6b8052818008eed70304c4ce18b9c03a689
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaac6c7b33723810a263675ab13cffd6c7903d94b3f613c606644cc9b560d51d
ed627e51269f865425780547b0958d134c45d201b29ae31c990e1208158c7b03

mylawfirm.offtherecord.com Open in urlscan Pro 18.173.187.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

27 %IPv6

8 Domains

11 Subdomains

10 IPs

2 Countries

1827 kBTransfer

9813 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mylawfirm.offtherecord.com Open in urlscan Pro
18.173.187.44 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

1827 kB
Transfer

9813 kB
Size

2
Cookies

41 HTTP transactions
0 data transactions