legalthoughtbd.com Open in urlscan Pro
104.193.142.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Submission Tags: @jcybersec_
Submission: On July 15 via api (July 15th 2020, 1:55:33 pm UTC) from GB

Summary HTTP 73 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 29 IPs in 9 countries across 19 domains to perform 73 HTTP transactions. The main IP is 104.193.142.80, located in Los Angeles, United States and belongs to INMOTI-1, US. The main domain is legalthoughtbd.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 18th 2020. Valid for: 3 months.

This is the only time legalthoughtbd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Trademe (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.193.142.80 104.193.142.80	54641 (INMOTI-1) (INMOTI-1)
22	122.252.191.120 122.252.191.120	9834 (TRADEME-A...) (TRADEME-AS-NZ Trade Me Limited)
2	202.162.72.3 202.162.72.3	9834 (TRADEME-A...) (TRADEME-AS-NZ Trade Me Limited)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2 5	54.246.213.133 54.246.213.133	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:3000:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	23.5.109.251 23.5.109.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.111 13.225.78.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	52.51.146.233 52.51.146.233	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.77.103.12 54.77.103.12	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.186.63 13.224.186.63	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.120 13.225.78.120	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.244 185.64.189.244	62713 (AS-PUBMATIC) (AS-PUBMATIC)
73	29

3 104.193.142.80 (Los Angeles, United States) 1 redirects

ASN54641 (INMOTI-1, US)

legalthoughtbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.legalthoughtbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 122.252.191.120 (New Zealand)

ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ)

www.trademe.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.162.72.3 (New Zealand)

ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ)

ads.trademe.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.246.213.133 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

secure-nz.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:3000:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.251 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.146.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.103.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.63 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

d3f5l8ze0o4j2m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.staticcdn.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.244 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	trademe.co.nz www.trademe.co.nz ads.trademe.co.nz	450 KB
10	imrworldwide.com 2 redirects secure-nz.imrworldwide.com cdn-gl.imrworldwide.com bee.imrworldwide.com	76 KB
8	googlesyndication.com d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	87 KB
4	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	121 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com t.pubmatic.com	87 KB
3	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com fastlane.rubiconproject.com	3 KB
3	legalthoughtbd.com 1 redirects legalthoughtbd.com www.legalthoughtbd.com	50 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	747 B
2	google.com 1 redirects www.google.com adservice.google.com	338 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	googletagmanager.com www.googletagmanager.com	138 KB
1	ampproject.org cdn.ampproject.org	7 KB
1	staticcdn.co.nz www.staticcdn.co.nz	1 KB
1	cloudfront.net 1 redirects d3f5l8ze0o4j2m.cloudfront.net	249 B
1	adsrvr.org match.adsrvr.org	545 B
1	google.pl adservice.google.pl	887 B
1	google.de www.google.de	106 B
73	19

	Domain	Requested by
22	www.trademe.co.nz	legalthoughtbd.com
5	secure-nz.imrworldwide.com	2 redirects cdn-gl.imrworldwide.com legalthoughtbd.com
4	cdn-gl.imrworldwide.com	legalthoughtbd.com cdn-gl.imrworldwide.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com legalthoughtbd.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.trademe.co.nz securepubads.g.doubleclick.net
3	cdn.krxd.net	legalthoughtbd.com cdn.krxd.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googletagmanager.com	legalthoughtbd.com www.googletagmanager.com
2	ads.pubmatic.com	www.trademe.co.nz ads.pubmatic.com
2	ads.trademe.co.nz	legalthoughtbd.com
2	legalthoughtbd.com	1 redirects
1	t.pubmatic.com	ads.pubmatic.com
1	cdn.ampproject.org	securepubads.g.doubleclick.net
1	acdn.adnxs.com	ads.pubmatic.com
1	www.staticcdn.co.nz
1	d3f5l8ze0o4j2m.cloudfront.net	1 redirects
1	beacon.krxd.net	cdn.krxd.net
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	ib.adnxs.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	consumer.krxd.net	cdn.krxd.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	bee.imrworldwide.com	cdn-gl.imrworldwide.com
1	www.google.de	legalthoughtbd.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	legalthoughtbd.com
1	secure-assets.rubiconproject.com	1 redirects
1	mug.criteo.com	legalthoughtbd.com
1	gum.criteo.com	1 redirects
1	www.legalthoughtbd.com	legalthoughtbd.com
73	35

This site contains links to these domains. Also see Links.

Domain
www.lifedirect.co.nz
www.trademeinsurance.co.nz
www.holidayhouses.co.nz
www.trademe.co.nz
www.findsomeone.co.nz
www.motorweb.co.nz
www.harmoney.co.nz
www.harmoney.com
sell.trademe.co.nz
help.trademe.co.nz
trademe.nz

Subject Issuer	Validity	Valid
legalthoughtbd.com cPanel, Inc. Certification Authority	`2020-06-18` - `2020-09-16`	3 months	crt.sh
www.trademe.co.nz DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2021-03-15`	a year	crt.sh
*.trademe.co.nz DigiCert SHA2 High Assurance Server CA	`2019-05-19` - `2021-07-14`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
staticcdn.co.nz Amazon	`2020-01-27` - `2021-02-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Frame ID: 71C2A7382F3F48048D78893CBCE4936E
Requests: 64 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Frame ID: 86A132F271A978F849C3A7CED33E950C
Requests: 1 HTTP requests in this frame

Frame: https://secure-nz.imrworldwide.com/storageframe.html
Frame ID: BFA24A90A762E3F35C6FB77AC8DCC8BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 743446F8E8D50F0ABD94BA56DDF4E01F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 35D6EE5C68753AA5F60CAE66458F3756
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 61D2FB0AB7E2AB942F208383424DCC51
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 72A553B8D64334E724D511C53651CBA6
Requests: 1 HTTP requests in this frame

Frame: https://d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 0B6FF8BA2038F612DD85C0241EDAAEC6
Requests: 1 HTTP requests in this frame

Frame: https://d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2C1B501E33CB767B4DC23261985FCA10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A67D88805724370E09BC7DE8EDD20970
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

73
Requests

97 %
HTTPS

36 %
IPv6

19
Domains

35
Subdomains

29
IPs

9
Countries

1052 kB
Transfer

3104 kB
Size

2
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lifedirect.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: LifeDirect

Search URL Search Domain Scan URL

URL: https://www.trademeinsurance.co.nz/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_header&tm_mid=4319943
Title: Trade Me Insurance

Search URL Search Domain Scan URL

URL: http://www.holidayhouses.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: Holiday Houses

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=103172
Title: Services

Search URL Search Domain Scan URL

URL: http://www.findsomeone.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: FindSomeone

Search URL Search Domain Scan URL

URL: http://www.motorweb.co.nz/?referral=trademe&utm_source=trademe&utm_medium=text-link&utm_content=free-vehicle-reports&utm_campaign=trademe-header
Title: MotorWeb

Search URL Search Domain Scan URL

URL: https://www.harmoney.co.nz/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_Harmoney_2015
Title: Harmoney

Search URL Search Domain Scan URL

URL: https://www.findsomeone.co.nz/?utm_source=TradeMe&utm_medium=navbar&utm_campaign=homepage
Title: FindSomeone

Search URL Search Domain Scan URL

URL: https://www.harmoney.com/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_Harmoney_2015
Title: Harmoney

Search URL Search Domain Scan URL

URL: https://sell.trademe.co.nz/lastchance
Title: Last chance

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69859&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=general
Title: General item

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69860&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=motors
Title: Car, motorbike or boat

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69861&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=property
Title: Property

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69862&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=jobs
Title: Job

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69863&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=flatmates
Title: Flatmates wanted

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69864&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=service
Title: Service

Search URL Search Domain Scan URL

URL: https://sell.trademe.co.nz/myproducts
Title: My products

Search URL Search Domain Scan URL

URL: https://help.trademe.co.nz/hc
Title: Help

Search URL Search Domain Scan URL

URL: https://trademe.nz/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78317
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78318
Title: Apps

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78319
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78320
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78321
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://help.trademe.co.nz/hc/categories/360000655232
Title: Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://legalthoughtbd.com/Images/Payments/ping-balance.svg HTTP 301
https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg

Request Chain 29

https://secure-nz.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 30

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flegalthoughtbd.com%2F&domain=legalthoughtbd.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=rozyanxNL0FEOW93WHZTYWVzOS9ITW9ieDdmZHRVSTdzVm9GRG8yd2JEeXJOd1BiVHdPUWl0eXJsZWw3ZmJUQXh0bnlISTZXNDgvaEFvbVF0eUJBekJVYWVMQmhvZFRjWXlmYkhORkZZa1ZxSkFBZVVLL2VNRlIreGpzT1FmRWhTM0xMYjY3RGVvcUozTm1ZclVXYWJaeGl2UmhjT3QwZ2lqRkV2bmZKWGZvZ1pUbTVVUi9YVmdOZVFReDk0M2JnMWFyNC9vcDhkc1Y5RFd2MGoydXQweGpRTmpZZVFNTzVCOTFOMi9rUFY4VDNDVnR2QXFsRG5rSU0xZUtMREplQ1pJOEgyfA&cppv=2

Request Chain 33

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dfp&endpoint=apac HTTP 302
https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac

Request Chain 36

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&gjid=565149674&_gid=605107384.1594821315&_u=aGBAgAAj~&z=1160306681 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681&slf_rd=1&random=658605164

Request Chain 43

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-f7df15f1af23bc6156324ca41420ed84&tz=2 HTTP 302
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-f7df15f1af23bc6156324ca41420ed84&tz=2&ja=1

Request Chain 49

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316946 HTTP 301
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316946

Request Chain 50

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316953 HTTP 301
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316953

Request Chain 57

https://d3f5l8ze0o4j2m.cloudfront.net/m87/k33spt.js HTTP 301
https://www.staticcdn.co.nz/m87/k33spt.js

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request e4hul.htm Show response
legalthoughtbd.com/wp-admin/maint/mytrademe/ 49 KB
49 KB 600ms
141ms Document
text/html 104.193.142.80
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.142.80 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS
Software: Apache /
Resource Hash: cdca9397978d82b303eb47c408c5dac18ff79455bc41e67314f264891b4eb9e2

Request headers

Host: legalthoughtbd.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:10 GMT
Server: Apache
Last-Modified: Sat, 11 Jul 2020 03:10:30 GMT
Accept-Ranges: bytes
Content-Length: 50242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK jQuery-bdl Show response
www.trademe.co.nz/JavaScript/ 101 KB
51 KB 2392ms
712ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/jQuery-bdl?v=Q0zamtzUCaOkcfK9AkRLDh0wYek7PJ2-vkczkFeKvlU1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

06021d8aec850fc5a07f583db1bcad20bbb67cbac61107e509481fafd3d484a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:12 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:12 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 51039
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Common-bdl
www.trademe.co.nz/Styles/ 71 KB
22 KB 2256ms
657ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/Common-bdl?v=bczNkqZF7L2YFZMcNZkWzpUtJ95FRqsPDR3tesGY8uU1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

a46c27a1b49cf19fbe5c512716bb7340cf07ac137413a70cb9a0d409b358236b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:12 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:12 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 22094
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK old-site-wrapper-bdl
www.trademe.co.nz/Styles/ 418 KB
106 KB 2270ms
665ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

d4557c5d282a49832255aac86f160773c01d5b3c6adac0be1827cab8151bb2c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:12 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:12 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 107500
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK blueFish-bdl
www.trademe.co.nz/Styles/ 68 KB
19 KB 2267ms
663ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/blueFish-bdl?v=ksp4cADbDQSBwxWZ1E7et7cvJWb_5wzJzfQOe3SH8U41

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

b51687b2f65536226234604891a13b26edc7f84cdfc9da91a419a7dc1b59a3b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:12 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:12 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 18812
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK property-sidebar-search-bdl
www.trademe.co.nz/Styles/Property/Sidebar/ 11 KB
4 KB 1950ms
345ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/Property/Sidebar/property-sidebar-search-bdl?v=VEziZiGVDJhOMRCkYulAASt4adSOVvOFyyWmOrFqTBo1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

0c63b3065b61139291e48ed29dd61228e25edb7b4c82c789c53e21ecaf0404c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:12 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:12 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 3691
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK AdsChecker.js Show response
www.trademe.co.nz/Javascript/Ads/ 19 B
429 B 2088ms
379ms Script
application/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/Ads/AdsChecker.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:12 GMT
Last-Modified: Sun, 05 Jan 2020 20:10:32 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 19
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Init-bdl Show response
www.trademe.co.nz/JavaScript/Ads/ 911 B
2 KB 2297ms
345ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

122f5c14d70f3c5bef8416cf35536281cfe4611334637aa0ead43041e42cf14e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:13 GMT
Date: Wed, 15 Jul 2020 13:55:13 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:13 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 911
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK SiteClock-bdl Show response
www.trademe.co.nz/JavaScript/ 1 KB
2 KB 2469ms
380ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/SiteClock-bdl?v=b2Keyrc_W89Z2FEdSqFN9drtzY8XTS_Sqxabu5OcJTA1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

5f857fc7e37732ef3132a9fdc01ecd6a4c614eb7d5f7a2c1528e4e4cb07c9b4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:13 GMT
Date: Wed, 15 Jul 2020 13:55:12 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:13 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 725
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK tm-logo-2016-594x116-v1.png
www.trademe.co.nz/images/new-brand-2016/common/ 8 KB
9 KB 356ms
354ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/new-brand-2016/common/tm-logo-2016-594x116-v1.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 723179aa7f40d71a484b10feb58814d6f3e2e535bec1bb1e5d4f047cbef3d884

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:13 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8685
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK ping-logo.svg
www.trademe.co.nz/Images/Payments/ 5 KB
5 KB 345ms
344ms Image
image/svg+xml 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Payments/ping-logo.svg
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: bf933e84833a4f9dc896deea8a8a427503c3725df10be0b1a9e0b166ad665921

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 5325
X-UA-Compatible: IE=Edge

GET
H/1.1

404
Not Found

ping-balance.svg
www.legalthoughtbd.com/Images/Payments/
Redirect Chain

https://legalthoughtbd.com/Images/Payments/ping-balance.svg
https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg

0
0

1093ms
515ms

Image
text/html

104.193.142.80
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.142.80 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Server: Apache
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK CookieHelper-bdl Show response
www.trademe.co.nz/Javascript/ 533 B
1 KB 376ms
370ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Javascript/CookieHelper-bdl?v=kRryoz--ZrPeC2NN6IPgkeOJfOvwBvFR72HZu7Ec65k1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

39d35057a4a2fda91aca7244a784fd8c2a84c056fc99f9130f0f4d1f9b6d288e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:14 GMT
Date: Wed, 15 Jul 2020 13:55:14 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:14 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 533
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK 1pixel.gif
www.trademe.co.nz/images/ 43 B
301 B 588ms
342ms Image
image/gif 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/1pixel.gif
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 43
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK MobileRedirectCleanUp-bdl Show response
www.trademe.co.nz/Javascript/Footer/ 412 B
1 KB 369ms
369ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Javascript/Footer/MobileRedirectCleanUp-bdl?v=DCf_1QR-Q_krHZ8xTcbLODDPjIJFs3aR-kPeEFevqaw1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

2a7bbab360397f8fae61498d8ad0895d4e7dcfc66a632e5904c22577770f17e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:14 GMT
Date: Wed, 15 Jul 2020 13:55:14 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:14 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 412
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK TMCommon-bdl Show response
www.trademe.co.nz/JavaScript/ 74 KB
31 KB 352ms
352ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/TMCommon-bdl?v=Ooy0EvBMsd_3M8RPFgfO_8qfwEdAGO30MM0Vmb-KLuc1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

54f64036a4ba633bed6f4ad96fdff3633c37f237ad408f79d1be21886858bd78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:14 GMT
Date: Wed, 15 Jul 2020 13:55:14 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:14 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 30568
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Ads5.js Show response
ads.trademe.co.nz/Javascript/ 8 KB
3 KB 2282ms
335ms Script
application/x-javascript 202.162.72.3
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trademe.co.nz/Javascript/Ads5.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 202.162.72.3 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 16ec8c024b49dd5463a80c83d3c85857d7b360a1add4e9845b241eb9d2f374e4

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:16 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 3177

GET
H/1.1 200
OK AdHandlers-bdl Show response
www.trademe.co.nz/JavaScript/ 2 KB
2 KB 344ms
341ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/AdHandlers-bdl?v=LYS0s675bnw1LQfxHhGhqiluizqegGZ0DugRLdQfKOI1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

5573d4a0ecf5dff081f8cf6b3ac301584fd06b900e311280d607cdfe19e38b3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:14 GMT
Date: Wed, 15 Jul 2020 13:55:14 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:14 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 952
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK TradeMeAds33.js Show response
ads.trademe.co.nz/JavaScript/ 16 KB
4 KB 2289ms
338ms Script
application/x-javascript 202.162.72.3
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trademe.co.nz/JavaScript/TradeMeAds33.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 202.162.72.3 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b482bf27d45738dc0d8f8f36200077b8ee785abe85fd786c42b0d9df1143ff86

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:15 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 3991

GET
H/1.1 404
Not Found LoadAudienceSegs-bdl
www.trademe.co.nz/Javascript/ 0
0 788ms
786ms Script
text/html 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/LoadAudienceSegs-bdl?v=l9tA7PYZ7x0WrVx2o5LvusZBqGHDRaaftsF5Yq6fbaY1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK Dfp-bdl Show response
www.trademe.co.nz/JavaScript/Ads/ 4 KB
3 KB 348ms
346ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/Ads/Dfp-bdl?v=ZpuCHRtRbRheNydOh5FiSyJA3j2Nt0pMqewHx2F-rYs1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

df95df4cc58b1f550a44677491e48eff254ed850c54e70a8de08eaf28cb376e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:55:14 GMT
Date: Wed, 15 Jul 2020 13:55:14 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:55:14 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 2133
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156692/1002/ 281 KB
86 KB 197ms
84ms Script
text/javascript 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Requested by: Host: www.trademe.co.nz
URL: https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b3bc9de780c98a68237e0074c506646f4e9c851e8c5c67e24cf32ba549b02017

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 May 2020 03:42:01 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "16a0c99-4641b-5a5f80ff7adb1"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=108529
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 87613
Expires: Thu, 16 Jul 2020 20:04:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 721 KB
93 KB 82ms
81ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

433ad230c3f05aaf8a7e8f5d4582b85c82f58ac3ce28e53ac32fe6d2537746b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:14 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94799
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Jul 2020 13:55:14 GMT

GET
H/1.1 200
OK sprites-v4.2.png
www.trademe.co.nz/Images/Common/ 66 KB
66 KB 591ms
349ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites-v4.2.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 615ceb6319ee1a7601369300773c65b28505f563890290ad0c6197a9c6753898

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 67741
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sprites-v4.4.png
www.trademe.co.nz/Images/Common/ 71 KB
71 KB 903ms
657ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites-v4.4.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 36da47385ebce25b47f19117cf48f4739a5aaabde8fc793f274cb051a03fa1e6

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 72527
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sell-dropdown-hand.png
www.trademe.co.nz/images/loyalty/ 1 KB
2 KB 344ms
342ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/loyalty/sell-dropdown-hand.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 04f5cbbdad3af0f77b8cbe51a04dde86296379329d8c987a15526422a6a41fa9

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:15 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1455
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sprites_non-repeating_v19.png
www.trademe.co.nz/Images/Common/ 45 KB
45 KB 570ms
377ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites_non-repeating_v19.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: eecdeb4349604c7926f8c08ed6992a333f446db6843d5b563e35ba8d1ffb85d7

Request headers

Referer: https://www.trademe.co.nz/Styles/Common-bdl?v=bczNkqZF7L2YFZMcNZkWzpUtJ95FRqsPDR3tesGY8uU1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:55:14 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 45743
X-UA-Compatible: IE=Edge

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8RZQCW6NQC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d70b0f09c74a564129496e3f8b7e34188a103f1f89209c0188f616a520513f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46561
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:55:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5974
date: Wed, 15 Jul 2020 12:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 15 Jul 2020 14:15:40 GMT

GET
H2 200 controltag Show response
cdn.krxd.net/ 24 KB
7 KB 232ms
136ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=J6xELiDv
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2244e4420d5c8643bfeac7447eaa20793a09c7d19325142950fce443b959bd36

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
age: 136
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 6830
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5147-BWI, cache-fra19137-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1594821315.055939,VS0,VE88
etag: "872779106b03a3e660fd2500d494a1bcd0702ef5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 3, 1

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-nz.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
22 KB

31ms
12ms

Script
application/javascript

2600:9000:21f3:3000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
etag: "485e22c0ad60bcb2677b2f8f9b011e61"
age: 74409
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 21675
last-modified: Mon, 04 May 2020 13:03:46 GMT
server: AmazonS3
date: Tue, 14 Jul 2020 17:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: W47ZX2nvGIjxPiweKm_AH_kr7Ox-JKYl4GUpkidtRt_PtY1sbvyYIA==

Redirect headers

status: 301
date: Wed, 15 Jul 2020 13:55:15 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flegalthoughtbd.com%2F&domain=legalthoughtbd.com&cw=1
https://mug.criteo.com/sid?cpp=rozyanxNL0FEOW93WHZTYWVzOS9ITW9ieDdmZHRVSTdzVm9GRG8yd2JEeXJOd1BiVHdPUWl0eXJsZWw3ZmJUQXh0bnlISTZXNDgvaEFvbVF0eUJBekJVYWVMQmhvZFRjWXlmYkhORkZZa1ZxSkFBZVVLL2VNRlIreGpzT1...

417 B
710 B

195ms
63ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rozyanxNL0FEOW93WHZTYWVzOS9ITW9ieDdmZHRVSTdzVm9GRG8yd2JEeXJOd1BiVHdPUWl0eXJsZWw3ZmJUQXh0bnlISTZXNDgvaEFvbVF0eUJBekJVYWVMQmhvZFRjWXlmYkhORkZZa1ZxSkFBZVVLL2VNRlIreGpzT1FmRWhTM0xMYjY3RGVvcUozTm1ZclVXYWJaeGl2UmhjT3QwZ2lqRkV2bmZKWGZvZ1pUbTVVUi9YVmdOZVFReDk0M2JnMWFyNC9vcDhkc1Y5RFd2MGoydXQweGpRTmpZZVFNTzVCOTFOMi9rUFY4VDNDVnR2QXFsRG5rSU0xZUtMREplQ1pJOEgyfA&cppv=2

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9c11ae093842af774464617e72a2766b7b644f3a36cc95ee6068d60af07f596c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 15 Jul 2020 13:55:14 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1244
content-length: 417
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Wed, 15 Jul 2020 13:55:14 GMT
location: https://mug.criteo.com/sid?cpp=rozyanxNL0FEOW93WHZTYWVzOS9ITW9ieDdmZHRVSTdzVm9GRG8yd2JEeXJOd1BiVHdPUWl0eXJsZWw3ZmJUQXh0bnlISTZXNDgvaEFvbVF0eUJBekJVYWVMQmhvZFRjWXlmYkhORkZZa1ZxSkFBZVVLL2VNRlIreGpzT1FmRWhTM0xMYjY3RGVvcUozTm1ZclVXYWJaeGl2UmhjT3QwZ2lqRkV2bmZKWGZvZ1pUbTVVUi9YVmdOZVFReDk0M2JnMWFyNC9vcDhkc1Y5RFd2MGoydXQweGpRTmpZZVFNTzVCOTFOMi9rUFY4VDNDVnR2QXFsRG5rSU0xZUtMREplQ1pJOEgyfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://legalthoughtbd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 903
content-length: 509
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
16 KB 277ms
114ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.trademe.co.nz
URL: https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0ca2e24ec7243f1d5800ef02619e8ab6618a48faa6171802720c40b503c5f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "571 / 200 of 1000 / last-modified: 1594764943"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16412
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:55:15 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
932 B 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2247
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 15 Jul 2020 14:17:48 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 86A1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dfp&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac

0
0

158ms
53ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9231
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=50098
Expires: Thu, 16 Jul 2020 03:50:13 GMT
Date: Wed, 15 Jul 2020 13:55:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Date: Wed, 15 Jul 2020 13:55:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

POST
H2 204 collect
www.google-analytics.com/g/ 0
80 B 13ms
12ms Other
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8RZQCW6NQC&gtm=2oe783&_p=83975923&sr=1600x1200&ul=en-us&cid=1480831363.1594821315&_s=1&dl=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&dr=&dt=-Verify%20Email-&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&sid=1594821314&sct=1&seg=0&en=page_view&_fv=2&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZQCW6NQC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:15 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://legalthoughtbd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=83975923&t=pageview&_s=1&dl=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&ul=en-us&de=UTF-8&dt=-Verify%20Email-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=407353626&gjid=565149674&cid=1480831363.1594821315&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&tid=UA-10222729-2&_gid=605107384.1594821315&gtm=2wg783KMC2M2&cd6=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&cd32=&cd98=a4bb8c46-d96e-45c1-ab64-b72577053544&cd111=1594821314926.t2zvjg3l&cd134=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&cd90=1480831363.1594821315&z=585947247

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 18:39:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3006932
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&gjid=565149674&_g...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681&slf_rd=1&random=658605164

42 B
106 B

16ms
16ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681&slf_rd=1&random=658605164

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1480831363.1594821315&jid=407353626&_v=j83&z=1160306681&slf_rd=1&random=658605164
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 50ms
49ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=J6xELiDv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
age: 10882858
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 3643969
content-length: 81295
x-served-by: cache-fra19137-FRA
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1594821315.193393,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 39 B
502 B 140ms
46ms XHR
application/json 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=trademe&url=https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Requested by

Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.111 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

998663e0e19f3ee6372475d80eef684e9d6125adc9ff16361cb288109b4308ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 03:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37097
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-frame-options: DENY
strict-transport-security: max-age=25920000; includeSubDomains
content-type: application/json; charset=utf-8
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1gNw6Lwt0QqJJl_ehKTqKJfQ13DEEZpOsvsc1zsNClQTf6ve64ojAw==

GET
H2 200 storageframe.html
secure-nz.imrworldwide.com/ Frame BFA2 0
0 69ms
68ms Document
text/html 54.246.213.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-nz.imrworldwide.com/storageframe.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.213.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-nz.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
date: Wed, 15 Jul 2020 13:55:15 GMT
content-type: text/html
content-length: 3489
server: nginx
last-modified: Wed, 08 Jul 2020 13:40:45 GMT
etag: "5f05ccdd-da1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
887 B 28ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=legalthoughtbd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=legalthoughtbd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020070801.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
89 KB 174ms
174ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 15:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90527
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:55:15 GMT

GET
H2

200

m
secure-nz.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytr...
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytr...

44 B
332 B

71ms
69ms

Image
image/gif

54.246.213.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-f7df15f1af23bc6156324ca41420ed84&tz=2&ja=1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.213.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:15 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:15 GMT
server: nginx
status: 302
location: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594821315281&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-f7df15f1af23bc6156324ca41420ed84&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 7434 0
0 46ms
46ms Document
text/html 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 15 Jul 2020 13:55:15 GMT
via: 1.1 varnish
age: 65287427
x-served-by: cache-fra19137-FRA
x-cache: HIT
x-cache-hits: 1207309
x-timer: S1594821315.329294,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 10ms
9ms Script
application/javascript 2600:9000:21f3:3000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76812ec085f003144677579efef7025ec438fd0e5234416a1f9b43e30772a650

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: WAMYMvWVgoeX5EF3YU12FfQGcEoxiJ.j
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 11:20:50 GMT
server: AmazonS3
age: 4967
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
date: Wed, 15 Jul 2020 13:29:53 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fnjEqINp4-HrakNGUJSJeXjZyd4HANjUWw4Vtr0GI6-rBh4KzYvLAw==
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 169 KB
48 KB 9ms
8ms Script
application/javascript 2600:9000:21f3:3000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _TBFRDn7APMbcIQKhNYOaYN.Z7QDvCXX
content-encoding: gzip
last-modified: Mon, 18 May 2020 13:14:44 GMT
server: AmazonS3
age: 3510
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 Jul 2020 13:12:34 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: t__ZklXpEzrTSPtBtTFRBw4dICr8uM0P3p9qShsbcSXQP0PJB2h30Q==
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 35D6 0
0 7ms
7ms Document
text/html 2600:9000:21f3:3000:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3000:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=cf4ccd20-c6a2-11ea-b941-416cbb1e442f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
content-type: text/html
last-modified: Mon, 18 May 2020 13:14:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: t0iAJ.us3seneTWybK060JuRB0ic7IIo
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Jul 2020 13:02:05 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: msqIwUc7HPwY66uI85oUEwEvWSXZ5mjfOOAxXh0RUVEBujvTE8qdBg==
age: 6517

GET
H2 200 5660da52-17e3-4f8d-b874-22185ed740ef Show response
consumer.krxd.net/consent/get/ 235 B
427 B 181ms
79ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5660da52-17e3-4f8d-b874-22185ed740ef?idt=device&dt=kxcookie&callback=Krux.ns.trademe.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 322332c1417b9b36943b88b4f87ef6a375f33fdfa5bc856786ac936fa710930b

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:15 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a013-dub-prod.krxd.net, cache-hhn4042-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1594821316.527830,VS0,VE29
content-length: 188
via: 1.1 varnish
x-cache-hits: 0, 0

GET

LogJavaScriptError.ashx
www.legalthoughtbd.com/API/Ajax/
Redirect Chain

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316946
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316946

0
0

GET

LogJavaScriptError.ashx
www.legalthoughtbd.com/API/Ajax/
Redirect Chain

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316953
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316953

0
0

GET
H/1.1 404
Not Found LoadAudienceSegs-bdl
www.trademe.co.nz/Javascript/ 0
0 406ms
405ms Script
text/html 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/LoadAudienceSegs-bdl?v=l9tA7PYZ7x0WrVx2o5LvusZBqGHDRaaftsF5Yq6fbaY1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 64ms
64ms XHR
application/json 52.51.146.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.146.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 19c3a45cb30c6fef027bf94d667245d38e886d89a1ab10d13253c363ca609646

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Jul 2020 13:55:16 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://legalthoughtbd.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 14 Aug 2020 13:55:16 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 166ms
60ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 15 Jul 2020 13:55:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://legalthoughtbd.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
747 B 48ms
48ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:55:19 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: e59c4f67-4a9c-4a19-b411-d8283068f008
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 346 B
3 KB 5574ms
5429ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10998&site_id=178620&zone_id=1048818&size_id=2%3B9&tpid_tdid=e178e064-6279-4884-b236-ef0b47b4b724&rf=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&tk_flint=pbjs_lite_v3.14.0&x_source.tid=efa128bc-3d4d-4f18-a631-515eceeebc20%3B82b4a20e-2d61-42a5-9f0d-5e7fb5d59176&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.2279820179722425
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4bae567a7413875dc5f54ddfb54d05483e3f8db57cdc38ede294adedca0ce69a

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:55:22 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 346
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
239 B 205ms
67ms Script
text/javascript 54.77.103.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.trademe.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.103.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecdb5701e8f9663288d97a92add618a5c0f4feba8b8060eb4dc0bbb33d8eb926

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jul 2020 13:55:17 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=28 t=1594821317
content-type: text/javascript
x-served-by: beacon-n008-dub-prod.krxd.net

GET
H2

200

k33spt.js Show response
www.staticcdn.co.nz/m87/
Redirect Chain

https://d3f5l8ze0o4j2m.cloudfront.net/m87/k33spt.js
https://www.staticcdn.co.nz/m87/k33spt.js

2 KB
1 KB

184ms
50ms

Script
application/javascript

13.225.78.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.staticcdn.co.nz/m87/k33spt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bd9b6b83dfe8d6fa47ba53b4e2fe84e0aab75407eea6fbe7c1dcddc4a2ed74

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mhtNXPp7ZB6KB1iLzLUUK14FA2zj0Cz9
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 05:00:59 GMT
server: AmazonS3
age: 132723
date: Tue, 14 Jul 2020 01:03:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: QXeAPcFoWOxLn8LckC1Z-fNAGJwlI77WqrrKK3nvQcHSCJwiAGxcEA==
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)

Redirect headers

date: Wed, 15 Jul 2020 06:43:43 GMT
via: 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
server: AmazonS3
age: 25895
status: 301
x-cache: Hit from cloudfront
location: https://www.staticcdn.co.nz/m87/k33spt.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: W0MPCnle5P9atirkveEn4_vGn5G3Qf1b09vnHNidGt3r-v4NmUL_4A==

GET
H2 200 gn
secure-nz.imrworldwide.com/cgi-bin/ 44 B
525 B 72ms
71ms Image
image/gif 54.246.213.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910615&ch=nz-910615_b99_0&sessionId=F5lKKtbS1CbaPrryP9rhWjb0BLDwj1594821315&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,NYRT4C0RSPdMbmlvZTbwqBTVSaIcU1594821317&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15948213153902230&c30=bldv,6.0.0.506&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1594821318&rnd=616719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.213.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:18 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 93 KB
16 KB 529ms
528ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1809129804283750&correlator=2273756867199754&output=ldjh&impl=fifs&adsid=NT&hxva=1&scor=2010786775501618&eid=21066754%2C21066183&vrg=2020070801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200715&iu_parts=150718986%2Ctm-web%2Cmy-trade-me&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=728x90%2C160x600&fsfs=1%2C1&fsbs=1%2C1&ppid=bf979a9a2bcd42a8b797655cf58dae5a&prev_scp=pos%3D1%26pwtsid_pubmatic%3D747e769a9ba992%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpos%3D1%26pwtsid_pubmatic%3D8b6307d67c295%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cust_params=p%3D2%26env%3Dproduction%26c%3D15%26dd%3D2140%26i%3D4%26e%3Dc%26q%3D6%26dm%3D4%26jc%3D2%26ptype%3Dmtm%26altcat%3Dmy-trade-me%26domain%3Dlegalthoughtbd.com%26pageurl%3Dwp-admin%252Cmaint%252Cmytrademe%252Ce4hul.htm%26querystring%3D%26protocol%3Dhttps%26pwtuid%3D%257B%2522pubcid%2522%253A%25223e6ba603-fe86-422c-b5eb-14bb6037bbad%2522%252C%2522tdid%2522%253A%2522e178e064-6279-4884-b236-ef0b47b4b724%2522%257D&cookie_enabled=1&bc=31&abxe=1&lmt=1594437030&dt=1594821318646&dlt=1594821311008&idt=4634&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C331&adys=13%2C642&adks=1833385390%2C4199633226&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&dssz=46&icsg=35201728118784&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C180x626&msz=728x-1%7C160x-1&ga_vid=1480831363.1594821315&ga_sid=1594821319&ga_hid=83975923&fws=0%2C0&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9861a55d4f54ba5782aca3d8cec00a3e79dbc9c92ba51074a173716748d38f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15455
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://legalthoughtbd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 73ms
39ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 61D2 0
0 59ms
58ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=118682
Expires: Thu, 16 Jul 2020 22:53:20 GMT
Date: Wed, 15 Jul 2020 13:55:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 72A5 0
0 145ms
46ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 15 Jul 2020 13:55:18 GMT
Age: 29736801
X-Served-By: cache-jfk8138-JFK, cache-fra19137-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 3520423
X-Timer: S1594821319.792288,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 container.html
d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0B6F 0
0 12ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jul 2020 13:55:18 GMT
expires: Thu, 15 Jul 2021 13:55:18 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2C1B 0
0 8ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jul 2020 13:55:18 GMT
expires: Thu, 15 Jul 2021 13:55:18 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ 20 KB
7 KB 134ms
23ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8b09df3da5b5d3ff191e657a4612f27241e4ddfb5a9dd488923b159eb954ab

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 586007
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7252
x-xss-protection: 0
server: sffe
date: Wed, 08 Jul 2020 19:08:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d09580ada292c83d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jul 2021 19:08:32 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 22ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d0518d08b826c0cf8d8b56f4a6aa616932910621c904a795f37082c643033f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5652
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:55:19 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A67D 0
0 7ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 15 Jul 2020 13:51:26 GMT
expires: Thu, 15 Jul 2021 13:51:26 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 233
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=1809129804283750&bg=!3d6l3sZYU7AGzzbOpG0CAAAAdVIAAAAbmQGDK8-WoyCcFaHUXd8M4bEL_X5jmd_0rxiuB-tKyFDZwU5EPoidNCfpWOxBxPAGCHC8eBsyuEp2zw2VG9QatsQO77Kp5ZeiSAmThQ6pu5Bqwyg9XNYQfKgJ8JsCQ5qI5uod2SKSgtyavAdQtkWRfsYZxjmYYKe9m0253sBy2ZSWcIuM1CCqb1dhOSqFq6ny4yonwq6dtzDfWty0RZwMK9gdswV10apasoE5vAPp39div0VCE4BN5IwCkveLEjm8jwjfbdoPesRiq_MBS78lwkqmTIs5OaEPvzwkv5fI7qskgFR-Jv91ZubzUhUhh4d8a2YTmhQc24TH486425v2png8eJVZydsLjK0efbM04OgGCakGVEGIe-s1IMI9RdckTV7dvYxiF0DVMPTPL89R1wMzfu--W1Uz7CpEmOFYqHIVP18iODIJGLHhDYfJ4fSxlUq3ymvZko8uHLQJl63CQyITlgwRV2Nzgad3RqaIFq3YnV9VBOUufCEdvGKz2fSFWoILu6Vo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:55:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
337 B 171ms
53ms XHR
text/plain 185.64.189.244
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156692
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:55:20 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.legalthoughtbd.com
URL: https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316946

Domain: www.legalthoughtbd.com
URL: https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594821316953

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Trademe (Online)

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.krxd.net/	1970-01-19 15:19:33	Name: _kuid_ Value: NhlDU-S4
			legalthoughtbd.com/	1970-01-19 12:26:45	Name: PubMatic-UnifiedId Value: %7B%22TDID%22%3A%22e178e064-6279-4884-b236-ef0b47b4b724%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222020-07-15T13%3A55%3A16%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.trademe.co.nz
adservice.google.com
adservice.google.pl
beacon.krxd.net
bee.imrworldwide.com
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
consumer.krxd.net
d306a26cf02ece74c28c8fd2682ebc84.safeframe.googlesyndication.com
d3f5l8ze0o4j2m.cloudfront.net
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
legalthoughtbd.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
secure-assets.rubiconproject.com
secure-nz.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.pubmatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.legalthoughtbd.com
www.staticcdn.co.nz
www.trademe.co.nz
www.legalthoughtbd.com
104.111.230.142
104.193.142.80
122.252.191.120
13.224.186.63
13.225.78.111
13.225.78.120
151.101.114.133
151.101.13.108
151.101.14.133
178.250.0.157
185.64.189.112
185.64.189.244
202.162.72.3
216.58.212.162
23.210.249.92
23.5.109.251
2600:9000:21f3:3000:2:42d9:3100:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:814::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:81d::2004
2a00:1450:400c:c00::9b
2a02:2638:1::13
37.252.172.249
52.51.146.233
54.246.213.133
54.77.103.12
69.173.144.140
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f5cbbdad3af0f77b8cbe51a04dde86296379329d8c987a15526422a6a41fa9
06021d8aec850fc5a07f583db1bcad20bbb67cbac61107e509481fafd3d484a8
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c63b3065b61139291e48ed29dd61228e25edb7b4c82c789c53e21ecaf0404c8
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
122f5c14d70f3c5bef8416cf35536281cfe4611334637aa0ead43041e42cf14e
16ec8c024b49dd5463a80c83d3c85857d7b360a1add4e9845b241eb9d2f374e4
19c3a45cb30c6fef027bf94d667245d38e886d89a1ab10d13253c363ca609646
2244e4420d5c8643bfeac7447eaa20793a09c7d19325142950fce443b959bd36
2a7bbab360397f8fae61498d8ad0895d4e7dcfc66a632e5904c22577770f17e7
322332c1417b9b36943b88b4f87ef6a375f33fdfa5bc856786ac936fa710930b
36da47385ebce25b47f19117cf48f4739a5aaabde8fc793f274cb051a03fa1e6
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
39d35057a4a2fda91aca7244a784fd8c2a84c056fc99f9130f0f4d1f9b6d288e
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
433ad230c3f05aaf8a7e8f5d4582b85c82f58ac3ce28e53ac32fe6d2537746b4
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
4bae567a7413875dc5f54ddfb54d05483e3f8db57cdc38ede294adedca0ce69a
4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8
54f64036a4ba633bed6f4ad96fdff3633c37f237ad408f79d1be21886858bd78
5573d4a0ecf5dff081f8cf6b3ac301584fd06b900e311280d607cdfe19e38b3a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f857fc7e37732ef3132a9fdc01ecd6a4c614eb7d5f7a2c1528e4e4cb07c9b4d
615ceb6319ee1a7601369300773c65b28505f563890290ad0c6197a9c6753898
723179aa7f40d71a484b10feb58814d6f3e2e535bec1bb1e5d4f047cbef3d884
76812ec085f003144677579efef7025ec438fd0e5234416a1f9b43e30772a650
7b8b09df3da5b5d3ff191e657a4612f27241e4ddfb5a9dd488923b159eb954ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d0518d08b826c0cf8d8b56f4a6aa616932910621c904a795f37082c643033f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9861a55d4f54ba5782aca3d8cec00a3e79dbc9c92ba51074a173716748d38f45
998663e0e19f3ee6372475d80eef684e9d6125adc9ff16361cb288109b4308ed
9c11ae093842af774464617e72a2766b7b644f3a36cc95ee6068d60af07f596c
a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629
a46c27a1b49cf19fbe5c512716bb7340cf07ac137413a70cb9a0d409b358236b
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
b3bc9de780c98a68237e0074c506646f4e9c851e8c5c67e24cf32ba549b02017
b482bf27d45738dc0d8f8f36200077b8ee785abe85fd786c42b0d9df1143ff86
b51687b2f65536226234604891a13b26edc7f84cdfc9da91a419a7dc1b59a3b9
bf933e84833a4f9dc896deea8a8a427503c3725df10be0b1a9e0b166ad665921
c0ca2e24ec7243f1d5800ef02619e8ab6618a48faa6171802720c40b503c5f31
cdca9397978d82b303eb47c408c5dac18ff79455bc41e67314f264891b4eb9e2
d4557c5d282a49832255aac86f160773c01d5b3c6adac0be1827cab8151bb2c7
d70b0f09c74a564129496e3f8b7e34188a103f1f89209c0188f616a520513f58
df95df4cc58b1f550a44677491e48eff254ed850c54e70a8de08eaf28cb376e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdb5701e8f9663288d97a92add618a5c0f4feba8b8060eb4dc0bbb33d8eb926
eecdeb4349604c7926f8c08ed6992a333f446db6843d5b563e35ba8d1ffb85d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd9b6b83dfe8d6fa47ba53b4e2fe84e0aab75407eea6fbe7c1dcddc4a2ed74
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

legalthoughtbd.com Open in urlscan Pro 104.193.142.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

36 %IPv6

19 Domains

35 Subdomains

29 IPs

9 Countries

1052 kBTransfer

3104 kBSize

2 Cookies

25 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

legalthoughtbd.com Open in urlscan Pro
104.193.142.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

36 %
IPv6

19
Domains

35
Subdomains

29
IPs

9
Countries

1052 kB
Transfer

3104 kB
Size

2
Cookies

73 HTTP transactions
0 data transactions