rrbertram.wearelegalshield.com Open in urlscan Pro
2606:4700::6812:1d65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://restoremytrust.com/
Effective URL:
https://rrbertram.wearelegalshield.com/
Submission: On October 20 via automatic, source certstream-suspicious (October 20th 2020, 7:43:57 pm UTC)

Summary HTTP 72 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:1d65, located in United States and belongs to CLOUDFLARENET, US. The main domain is rrbertram.wearelegalshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time rrbertram.wearelegalshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.96.149.17 66.96.149.17	29873 (BIZLAND-SD) (BIZLAND-SD)
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2 2	2606:4700::68... 2606:4700::6812:844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	12.28.84.179 12.28.84.179	7018 (ATT-INTER...) (ATT-INTERNET4)
1 1	12.28.84.175 12.28.84.175	7018 (ATT-INTER...) (ATT-INTERNET4)
37	2606:4700::68... 2606:4700::6812:1d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:205... 2600:9000:2057:4e00:d:d64b:9600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	12.28.84.176 12.28.84.176	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.73.104 13.225.73.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	54.192.206.8 54.192.206.8	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	13.224.194.84 13.224.194.84	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	52.49.158.250 52.49.158.250	16509 (AMAZON-02) (AMAZON-02)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
72	20

1 66.96.149.17 (Burlington, United States) 1 redirects

ASN29873 (BIZLAND-SD, US)
PTR: 17.149.96.66.static.eigbox.net

restoremytrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

www.prepaidlegal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:844 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 12.28.84.179 (Ada, United States) 2 redirects

ASN7018 (ATT-INTERNET4, US)

sites.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w3.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.28.84.175 (Ada, United States) 1 redirects

ASN7018 (ATT-INTERNET4, US)

legalshieldassociate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2606:4700::6812:1d65 (United States)

ASN13335 (CLOUDFLARENET, US)

rrbertram.wearelegalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2057:4e00:d:d64b:9600:93a1 (United States)

ASN16509 (AMAZON-02, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.28.84.176 (Ada, United States)

ASN7018 (ATT-INTERNET4, US)

api.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-104.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.206.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-8.ham50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-84.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.158.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-158-250.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	wearelegalshield.com rrbertram.wearelegalshield.com	3 MB
8	localizecdn.com global.localizecdn.com	59 KB
5	legalshield.com 4 redirects www.legalshield.com sites.legalshield.com w3.legalshield.com api.legalshield.com	5 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
4	google-analytics.com www.google-analytics.com	57 KB
3	gstatic.com fonts.gstatic.com	88 KB
2	nr-data.net bam.nr-data.net	343 B
2	google.de www.google.de	1004 B
2	doubleclick.net stats.g.doubleclick.net	875 B
2	google.com analytics.google.com www.google.com	690 B
2	googletagmanager.com www.googletagmanager.com	83 KB
2	jquery.com code.jquery.com	75 KB
1	newrelic.com js-agent.newrelic.com	11 KB
1	jsdelivr.net cdn.jsdelivr.net	28 KB
1	googleapis.com fonts.googleapis.com	923 B
1	legalshieldassociate.com 1 redirects legalshieldassociate.com	142 B
1	prepaidlegal.com 1 redirects www.prepaidlegal.com	233 B
1	restoremytrust.com 1 redirects restoremytrust.com	298 B
72	18

	Domain	Requested by
37	rrbertram.wearelegalshield.com	rrbertram.wearelegalshield.com
8	global.localizecdn.com	rrbertram.wearelegalshield.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rrbertram.wearelegalshield.com
3	fonts.gstatic.com	fonts.googleapis.com
2	bam.nr-data.net	js-agent.newrelic.com rrbertram.wearelegalshield.com
2	www.google.de	rrbertram.wearelegalshield.com
2	stats.g.doubleclick.net	www.googletagmanager.com rrbertram.wearelegalshield.com
2	www.googletagmanager.com	rrbertram.wearelegalshield.com www.googletagmanager.com
2	code.jquery.com	rrbertram.wearelegalshield.com
2	www.legalshield.com	2 redirects
1	in.hotjar.com	rrbertram.wearelegalshield.com
1	js-agent.newrelic.com	rrbertram.wearelegalshield.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.com	rrbertram.wearelegalshield.com
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	rrbertram.wearelegalshield.com
1	api.legalshield.com	rrbertram.wearelegalshield.com
1	cdn.jsdelivr.net	rrbertram.wearelegalshield.com
1	fonts.googleapis.com	rrbertram.wearelegalshield.com
1	legalshieldassociate.com	1 redirects
1	w3.legalshield.com	1 redirects
1	sites.legalshield.com	1 redirects
1	www.prepaidlegal.com	1 redirects
1	restoremytrust.com	1 redirects
72	25

This site contains links to these domains. Also see Links.

Domain
checkout.wearelegalshield.com
accounts.legalshield.com
vimeo.com
lspro.wearelegalshield.com
get.adobe.com
localizejs.com

Subject Issuer	Validity	Valid
wearelegalshield.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
cdn.localizejs.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-05` - `2021-04-17`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.legalshield.com Go Daddy Secure Certificate Authority - G2	`2020-02-26` - `2022-04-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-13` - `2021-05-07`	7 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://rrbertram.wearelegalshield.com/
Frame ID: 2E8D97E9B348AABECC13F08406645537
Requests: 72 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 91BA097DA04C0CD006012D7629870B46
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://restoremytrust.com/ HTTP 302
http://www.prepaidlegal.com/info/rrbertram HTTP 301
http://www.legalshield.com/info/rrbertram HTTP 301
https://www.legalshield.com/info/rrbertram HTTP 301
https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram HTTP 302
https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram HTTP 301
http://legalshieldassociate.com/hub/rrbertram HTTP 301
https://rrbertram.wearelegalshield.com/ Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

72
Requests

100 %
HTTPS

54 %
IPv6

18
Domains

25
Subdomains

20
IPs

6
Countries

3478 kB
Transfer

5428 kB
Size

8
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.wearelegalshield.com/rrbertram/upgrade
Title: Add Legal Supplements

Search URL Search Domain Scan URL

URL: http://accounts.legalshield.com/
Title: Member Login

Search URL Search Domain Scan URL

URL: https://vimeo.com/382594494

Search URL Search Domain Scan URL

URL: https://vimeo.com/395237046

Search URL Search Domain Scan URL

URL: https://vimeo.com/376928804

Search URL Search Domain Scan URL

URL: https://vimeo.com/395237374

Search URL Search Domain Scan URL

URL: https://vimeo.com/295813952

Search URL Search Domain Scan URL

URL: https://vimeo.com/398855726

Search URL Search Domain Scan URL

URL: https://vimeo.com/424863592

Search URL Search Domain Scan URL

URL: https://lspro.wearelegalshield.com/incorporated-associates
Title: Requirements

Search URL Search Domain Scan URL

URL: https://lspro.wearelegalshield.com/sites/default/files/file/2020-04/aa.app_.us_.3.18.pdf
Title: Associate Agreement

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Adobe Acrobat Reader

Search URL Search Domain Scan URL

URL: https://lspro.wearelegalshield.com/associate-terms
Title: terms

Search URL Search Domain Scan URL

URL: https://localizejs.com/?utm_source=widget
Title: Localize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://restoremytrust.com/ HTTP 302
http://www.prepaidlegal.com/info/rrbertram HTTP 301
http://www.legalshield.com/info/rrbertram HTTP 301
https://www.legalshield.com/info/rrbertram HTTP 301
https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram HTTP 302
https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram HTTP 301
http://legalshieldassociate.com/hub/rrbertram HTTP 301
https://rrbertram.wearelegalshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rrbertram.wearelegalshield.com/
Redirect Chain

https://restoremytrust.com/
http://www.prepaidlegal.com/info/rrbertram
http://www.legalshield.com/info/rrbertram
https://www.legalshield.com/info/rrbertram
https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram
https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram
http://legalshieldassociate.com/hub/rrbertram
https://rrbertram.wearelegalshield.com/

263 KB
71 KB

76ms
38ms

Document
text/html

2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e87edd73d00a17a4e4198e8d80439ac82d4086c3afb678ff53da91f18895c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: rrbertram.wearelegalshield.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 20 Oct 2020 19:43:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da627644c5ea2fa21e437e9789887495c1603223018; expires=Thu, 19-Nov-20 19:43:38 GMT; path=/; domain=.wearelegalshield.com; HttpOnly; SameSite=Lax; Secure __cf_bm=d6017881e4b714c87a3d9c7d23abe5595998726e-1603223018-1800-Adb9bpJZ88uh8jVqmwC53nEAvSsHKWGxdkoOdLBkHrVq176AGYnBgydjZSwJmNHuJpoDM3e26L3b7kIQ6IUQcWM=; path=/; expires=Tue, 20-Oct-20 20:13:38 GMT; domain=.wearelegalshield.com; HttpOnly; Secure; SameSite=None
cf-ray: 5e553a998ca705d0-FRA
age: 4
cache-control: no-cache, private, max-age=10800, public
content-language: en
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 20 Oct 2020 19:43:32 GMT
link: <https://rrbertram.wearelegalshield.com/>; rel="shortlink", <https://rrbertram.wearelegalshield.com/>; rel="canonical", <https://rrbertram.wearelegalshield.com/we-are-legalshield>; rel="revision"
vary: X-USER_REGION_OK,Accept-Encoding
via: varnish
cf-cache-status: HIT
cf-request-id: 05e922f3f9000005d015b6b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 8 (https://www.drupal.org)
x-request-id: v-8902208e-130c-11eb-8402-3792bc0d3b0c
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: gzip

Redirect headers

Location: https://rrbertram.wearelegalshield.com
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2 200 localize.js Show response
global.localizecdn.com/ 55 KB
20 KB 34ms
11ms Script
application/javascript 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.localizecdn.com/localize.js
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7e63fc7a5bb6de4e434a6132379c3719ef08eca40e582f7399e342bf373012a

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v: 430
date: Tue, 20 Oct 2020 13:21:12 GMT
content-encoding: gzip
age: 22947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Tue, 20 Oct 2020 13:21:06 GMT
server: AmazonS3
etag: W/"d22bea1d86e45c335911ff7a9238db27"
vary: Accept-Encoding
x-amz-version-id: OKFXPoGTodTYL.s_2njn37kprrr1LHP5
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
cache-control: public, max-age=172800
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: zSklwM-Jbx3g5xsHnKQiOfn9bMu8t5t-HspCntrDyUg6zRjXjj9EzA==

GET
H2 200 google_tag.script.js Show response
rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/ 416 B
518 B 428ms
419ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/google_tag.script.js?qhw6kl

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d22e0dc6c76cf2a432f0e31b94b1f8ec5eded5e91cbc6c1e3709c0a17b8a25b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 330
cf-request-id: 05e922f42e000005d022a6b000000001
x-request-id: v-2e4c94ba-0fd0-11eb-bb99-273b5bd99574
last-modified: Thu, 08 Oct 2020 16:46:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Fri, 30 Oct 2020 16:53:56 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a99ed8905d0-FRA
x-cache-hits: 2

GET
H2 200 css_felUocGH9pKtUSIISK0_OCvn7UOKz9dvtWDIM3P0vLE.css
rrbertram.wearelegalshield.com/sites/default/files/css/ 13 KB
4 KB 423ms
415ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/css/css_felUocGH9pKtUSIISK0_OCvn7UOKz9dvtWDIM3P0vLE.css

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de954a1c187f692ad51220848ad3f382be7ed438acfd76fb560c83373f4bcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 3665
cf-request-id: 05e922f42b000005d0aa91a000000001
x-request-id: v-c7d07286-11a7-11eb-a040-37ce385ef0a2
last-modified: Tue, 15 Sep 2020 21:18:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
expires: Mon, 02 Nov 2020 01:09:47 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a99dd7e05d0-FRA
x-cache-hits: 1

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 31ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-8c85"
vary: Accept-Encoding
x-hw: 1603223018.dop216.fr8.t,1603223018.cds273.fr8.hn,1603223018.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
rrbertram.wearelegalshield.com/sites/default/files/css/ 11 KB
3 KB 428ms
420ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0498e0c1b38c505685a4f6491ee9212967ee8c99229b4961fd1eda480f7b9360

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 2768
cf-request-id: 05e922f42b000005d0128b7000000001
x-request-id: v-2e4adf30-0fd0-11eb-aa4a-d7c7f1425b33
last-modified: Fri, 11 Sep 2020 19:43:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
expires: Fri, 30 Oct 2020 16:53:56 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a99dd7f05d0-FRA
x-cache-hits: 3

GET
H2 200 css
fonts.googleapis.com/ 9 KB
923 B 22ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06d55b7a49c007a424dfcc3e4bc65e7577a54d9d5cada532d5b79be0cfa2f1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Oct 2020 19:43:38 GMT
server: ESF
date: Tue, 20 Oct 2020 19:43:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Oct 2020 19:43:38 GMT

GET
H2 200 css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
rrbertram.wearelegalshield.com/sites/default/files/css/ 449 KB
44 KB 625ms
618ms Stylesheet
text/css 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8ed83cc6a779eebbee7318e6a4f2f57241dbd31ecc904f2169d49c32ebdc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 45015
cf-request-id: 05e922f42c000005d00a81d000000001
x-request-id: v-8ce03e5c-130c-11eb-bfda-f351c4361c70
last-modified: Thu, 08 Oct 2020 16:46:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a99dd8105d0-FRA
expires: Tue, 03 Nov 2020 19:43:38 GMT

GET
H2 200 modernizr.min.js Show response
rrbertram.wearelegalshield.com/core/assets/vendor/modernizr/ 5 KB
2 KB 444ms
437ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.3.1

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 2110
cf-request-id: 05e922f42e000005d0ce2e0000000001
x-request-id: v-ed96bf08-12ff-11eb-9dc2-2f32f8a8701c
last-modified: Wed, 01 Jul 2020 16:31:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 03 Nov 2020 18:13:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a99ed8605d0-FRA
x-cache-hits: 1

GET
H2 200 wals-legal-plan-detail-image.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/ 1 MB
1 MB 682ms
678ms Image
image/png 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/wals-legal-plan-detail-image.png?itok=pcM2Sj_s

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

551d539116a008efcd0b7acecd4ac0d3b60e5614f9faa091b33f3793809d8bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 1056224
cf-request-id: 05e922f6c0000005d0e914f000000001
x-request-id: v-8d446756-130c-11eb-b6fa-13d6c2f549c4
last-modified: Mon, 16 Mar 2020 14:46:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9dfa0205d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 Uql18luxTDBvnMhDmPePFBv_7ElzulCFzlhBefkzGh0.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 2 KB
2 KB 431ms
427ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/Uql18luxTDBvnMhDmPePFBv_7ElzulCFzlhBefkzGh0.jpg?h=b3d4a7b7&itok=HphiHJ4y

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b88538a90496f327d7a27e72f6eb754b366459f404777cf928aa3eb1c2a20b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 2287
cf-request-id: 05e922f6bf000005d0eeb79000000001
x-request-id: v-db3e822c-11a7-11eb-9bb9-771f849bc0b4
last-modified: Wed, 01 Apr 2020 20:34:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 02 Nov 2020 01:10:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9dfa0605d0-FRA
x-cache-hits: 1

GET
H2 200 N2S205XXUi95cvnC66DYyXs5k-N0vFBdh3pcqT8nGdQ.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 2 KB
2 KB 430ms
426ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/N2S205XXUi95cvnC66DYyXs5k-N0vFBdh3pcqT8nGdQ.jpg?h=b3d4a7b7&itok=OaN3Ua0Z

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc1f7dd7b8200b3a78b545dae8008123fb7656784f8e6dda7f604bd168dbfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 2249
cf-request-id: 05e922f6bf000005d0c0914000000001
x-request-id: v-8d4311b2-130c-11eb-bdbe-a7188d43a750
last-modified: Thu, 03 Sep 2020 19:28:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9dfa0805d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 wals-19.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/ 150 KB
150 KB 667ms
663ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-19.jpg?itok=TGtgl5ki

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e10287727b7d245ba6c9a5e415bd40474473d8d8b551b95a5b2ed3b9629e364

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 153120
cf-request-id: 05e922f6c0000005d0b8131000000001
x-request-id: v-8d44b4d6-130c-11eb-9f96-4b53016945e6
last-modified: Tue, 30 Jun 2020 21:38:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9dfa0a05d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 ExZ7zPw2Kf1w6Xpg_5-GYx3BjAJoDgs6fIzxkGpIXzc.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 2 KB
2 KB 425ms
420ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ExZ7zPw2Kf1w6Xpg_5-GYx3BjAJoDgs6fIzxkGpIXzc.jpg?h=b3d4a7b7&itok=92l_sswY

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c226d886ea166bf5ad691f6759369e13e28459ec2b0e02d4d4770fdb4a37cd9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 2063
cf-request-id: 05e922f6c0000005d018a67000000001
x-request-id: v-dc68840e-11a7-11eb-bcf0-e7d78b92d88b
last-modified: Wed, 01 Apr 2020 14:27:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 02 Nov 2020 01:10:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a0b05d0-FRA
x-cache-hits: 1

GET
H2 200 fEjGrX_KS5w5mFcyrnrXl5blptAmWlkMKfhcoHqXs04.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 2 KB
2 KB 430ms
426ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/fEjGrX_KS5w5mFcyrnrXl5blptAmWlkMKfhcoHqXs04.jpg?h=b3d4a7b7&itok=xMi1B8nZ

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec3081dae059d98ab44c7e1bcd0c387e7659ccebe8bf7bf1ab974d18635db1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 1976
cf-request-id: 05e922f6c0000005d0b5b77000000001
x-request-id: v-dc67b45c-11a7-11eb-82bd-f3bf4fe9e74a
last-modified: Thu, 03 Sep 2020 19:29:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 02 Nov 2020 01:10:21 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a0e05d0-FRA
x-cache-hits: 1

GET
H2 200 smb-hero.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/ 544 KB
545 KB 631ms
627ms Image
image/png 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/smb-hero.png?itok=TXX5CNTk

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51daf84a97e9a43a4ea86168486ea13f6642d4992800384967c68f2756145133

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 557146
cf-request-id: 05e922f6c1000005d0f6a69000000001
x-request-id: v-8d44a806-130c-11eb-a5fa-17a22bec34fb
last-modified: Wed, 11 Mar 2020 14:36:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1005d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 703ARCqQiUVdLPnxY8YhiSWPkvYKBdRO4BJQPh9HigU.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 2 KB
3 KB 407ms
404ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/703ARCqQiUVdLPnxY8YhiSWPkvYKBdRO4BJQPh9HigU.jpg?h=7a6e80fd&itok=dxeIGz_P

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f02ce1b5ad76645828e1312e8cdd5b5fb8f52e8e1bc56b76e853e0456fab02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 2271
cf-request-id: 05e922f6c1000005d0fda24000000001
x-request-id: v-dc92d7e0-11a7-11eb-85fb-4bc39163d15c
last-modified: Wed, 01 Apr 2020 14:28:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 02 Nov 2020 01:10:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1105d0-FRA
x-cache-hits: 1

GET
H2 200 wals-7.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/ 171 KB
171 KB 627ms
624ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-7.jpg?itok=ruCxr1sy

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

349f7ab3e261a12647bbeb0b771b08d987ed89592f845c3c6e59514958b4bdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 174759
cf-request-id: 05e922f6c1000005d0ef1a5000000001
x-request-id: v-8d4522d6-130c-11eb-94a2-1f7a2b8c818b
last-modified: Tue, 30 Jun 2020 21:42:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1305d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 wals-33.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/ 163 KB
163 KB 633ms
629ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-33.jpg?itok=wkaEIuc8

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e243ff29a2e0086bf4e06a7d7d41dd41b4fd66dc42a2ca4123657d75ce096389

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 166779
cf-request-id: 05e922f6c1000005d0c6b86000000001
x-request-id: v-8d44ae96-130c-11eb-88af-d37e44404e5f
last-modified: Tue, 30 Jun 2020 21:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1505d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 wals-8.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/ 131 KB
131 KB 685ms
682ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-8.jpg?itok=auB0L9yY

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e0e0881b09d994f010896c467a083568810fc3a8af8cae6950391d67139e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 134066
cf-request-id: 05e922f6c2000005d0dc8e4000000001
x-request-id: v-8d46008e-130c-11eb-9c45-3f6b618c68a0
last-modified: Tue, 30 Jun 2020 21:47:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1805d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 0GKsntHScfHSBj_x8HVRQXtdi_htMNwM0EN6cqtIPuc.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 4 KB
4 KB 422ms
419ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/0GKsntHScfHSBj_x8HVRQXtdi_htMNwM0EN6cqtIPuc.jpg?h=b3d4a7b7&itok=QxEhcpkO

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c87f86df77914508df621718210116f7469b9b3232796c0c24385eb1556989

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 3835
cf-request-id: 05e922f6c2000005d0c32f7000000001
x-request-id: v-dc9a5542-11a7-11eb-bd14-b7f938df3c53
last-modified: Tue, 28 Apr 2020 14:12:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 02 Nov 2020 01:10:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1905d0-FRA
x-cache-hits: 2

GET
H2 200 Wvua9talD_r0DzR_MyqBFdXdvQFAK-In1zrx-cbEtac.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ 3 KB
3 KB 423ms
420ms Image
image/jpeg 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/Wvua9talD_r0DzR_MyqBFdXdvQFAK-In1zrx-cbEtac.jpg?h=b3d4a7b7&itok=XCTnsUtg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e772c2a351b10ffb36a90e983cc8719f3e0f81d6b4930bea7c775ab04d59af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 3180
cf-request-id: 05e922f6c2000005d0b9b5e000000001
x-request-id: v-ee773772-12ff-11eb-b5d1-43543f276589
last-modified: Thu, 03 Sep 2020 19:30:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 03 Nov 2020 18:13:19 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1a05d0-FRA
x-cache-hits: 1

GET
H2 200 anthony.png
rrbertram.wearelegalshield.com/sites/default/files/styles/small_square_hq_1_1/public/image/2020-04/ 147 KB
148 KB 609ms
606ms Image
image/png 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/small_square_hq_1_1/public/image/2020-04/anthony.png?h=e699c218&itok=lrQ7Ja71

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a86a61184f4646c08365e35193ee12405580420685238e70af80432277a1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 150793
cf-request-id: 05e922f6c3000005d022ab9000000001
x-request-id: v-dca1a716-11a7-11eb-b92b-9b0e2c551687
last-modified: Thu, 23 Apr 2020 19:45:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 02 Nov 2020 01:10:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1c05d0-FRA
x-cache-hits: 2

GET
H2 200 YourOwnBoss.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/ 350 KB
350 KB 665ms
662ms Image
image/png 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/YourOwnBoss.png?itok=5vRFEqHH

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8159460b139cf8670d4d8c74f80895086bd892ca4de7141452c37e38e61fed6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 358370
cf-request-id: 05e922f6c3000005d0d92c2000000001
x-request-id: v-8d44e564-130c-11eb-8394-3f7541b86c80
last-modified: Tue, 30 Jun 2020 18:06:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e0a1d05d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 js_vBSNlynj6qX7e5X5m77lOUAsCT3mEuhmeZ_QMH9gPXY.js Show response
rrbertram.wearelegalshield.com/sites/default/files/js/ 516 KB
128 KB 608ms
607ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/js/js_vBSNlynj6qX7e5X5m77lOUAsCT3mEuhmeZ_QMH9gPXY.js

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc148d9729e3eaa5fb7b95f99bbee539402c093de612e866799fd0307f603d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 130590
cf-request-id: 05e922f5e6000005d0dc8ca000000001
x-request-id: v-edaf2c78-12ff-11eb-9366-6b905db254b3
last-modified: Thu, 08 Oct 2020 16:46:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 03 Nov 2020 18:13:17 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9cae4505d0-FRA
x-cache-hits: 1

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@4.0.9/dist/min/ 116 KB
28 KB 21ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@4.0.9/dist/min/jquery.inputmask.bundle.min.js

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3b8af6338a757717d51602afc0adb70f545075353c001948062afd6863fe2896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1095086
x-cache: MISS, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 28213
etag: W/"1ce80-9w3azvl2iMMrbDtCSEnQWGT+2m8"
x-served-by: cache-fra19121-FRA, cache-hhn4075-HHN
date: Tue, 20 Oct 2020 19:43:39 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js_vIaJPIQyJEHS7DDl9uWwbhECp-spWKuAAdkkKzxQfvs.js Show response
rrbertram.wearelegalshield.com/sites/default/files/js/ 6 KB
2 KB 415ms
410ms Script
application/javascript 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/sites/default/files/js/js_vIaJPIQyJEHS7DDl9uWwbhECp-spWKuAAdkkKzxQfvs.js

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc86893c84322441d2ec30e5f6e5b06e1102a7eb2958ab8001d9242b3c507efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-ah-environment: prod
content-length: 1930
cf-request-id: 05e922f6bf000005d00a876000000001
x-request-id: v-ee0fbe4e-12ff-11eb-b922-47cd6e40e220
last-modified: Thu, 01 Oct 2020 14:04:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 03 Nov 2020 18:13:18 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9dfa0005d0-FRA
x-cache-hits: 1

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 15ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1603223019.dop216.fr8.t,1603223019.cds273.fr8.hn,1603223019.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 tu Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 501 B
919 B 113ms
99ms XHR
application/json 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tu?v=430

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

df2b17615d633ad68332964c263d140420253b631a78c21dc765f0c7a9ad0eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:38 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
etag: W/"1f5-V3uXRNNexlQlYxOHjA05fMtx5Tg"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 501
x-amz-cf-id: nsAlEqLFyE-il9pY9VJwZHcg8diQf34pKyZBhRadEt6p06JvRT5iAw==
expires: 0

GET
H2 200 g Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 KB
19 KB 44ms
30ms XHR
text/plain 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=0&l=source

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b50df0b192f065032cd11136036986e908aed4dad79c4fee0766149f4d2d46f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 15:40:37 GMT
content-encoding: gzip
server: nginx
age: 14581
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-pop: FRA6-C1
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-id: sCzI9o65v1ntYVzErhkm6WGfakGasmmYolirzDNCVaGTIii7T8wAlg==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)

GET
H2 200 g Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 KB
19 KB 108ms
107ms XHR
text/plain 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=3469&l=en

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f41428382d1c678c48082204d28e1e9792b069917bfe6d3b47018d3d1a8ffc8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:38 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-id: PNdqEe2Xi4qwDdk2seA3j8g1i_GYO2yXT2GCkjRZOXkL9eO6BUZDGg==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)

GET
H3-Q050 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v11/ 35 KB
35 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://rrbertram.wearelegalshield.com
Referer: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 2020 22:16:56 GMT
server: sffe
age: 116569
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35668
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:50 GMT

GET
H2 200 icon-phone.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 677 B
552 B 417ms
415ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-phone.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1722191791666b8cc53de2d2f476af336755e1a9c01b9b9766629ec43f33c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6cd000005d018a6a000000001
x-request-id: v-8d45aada-130c-11eb-8d4b-7f93a42c8a44
last-modified: Fri, 14 Aug 2020 14:35:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e1a4705d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 icon-email.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 854 B
525 B 436ms
434ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-email.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6892852050fc37b773197d04b9ad2239c0d0b89a9ffbe686a27dca8d85db24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6cd000005d0d92c4000000001
x-request-id: v-8d459b6c-130c-11eb-bce0-6393135f1bc7
last-modified: Fri, 14 Aug 2020 14:35:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e1a4a05d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H/1.1 200
OK 119316362-1491992795.903000.jpg
api.legalshield.com/v2/public/associates/avatar/ 3 KB
3 KB 790ms
194ms Image
image/jpeg 12.28.84.176
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.legalshield.com/v2/public/associates/avatar/119316362-1491992795.903000.jpg
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 12.28.84.176 Ada, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 91f3cb69726109d125891ae3ed9ab527a5d6297d1ef1f8925d13bc3bb3eac954

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 20 Oct 2020 19:43:39 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/jpeg;charset=utf-8

GET
H2 200 cart-icon.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 690 B
634 B 415ms
414ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/cart-icon.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6cd000005d00b3bd000000001
x-request-id: v-8d46908a-130c-11eb-9544-5b658d2fe1e7
last-modified: Mon, 21 Sep 2020 21:10:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e1a4d05d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 e63463b2803b2638498a6ef941e55eb0.png
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/ 9 KB
9 KB 430ms
429ms Image
image/png 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/e63463b2803b2638498a6ef941e55eb0.png

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

969c928204c41a6f90104df6bd2bfbe169b3b030c75bcaecd36bf257d00bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-length: 9420
cf-request-id: 05e922f6ce000005d0ac110000000001
x-request-id: v-8d48292c-130c-11eb-b912-8b0cadc1dd03
last-modified: Wed, 01 Jul 2020 16:31:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e1a4f05d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 dot-pattern.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 23 KB
4 KB 499ms
498ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/dot-pattern.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-cache-hits: 1
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6ce000005d0b30e7000000001
x-request-id: v-ee76222e-12ff-11eb-bc68-7b873271b789
last-modified: Wed, 01 Jul 2020 16:31:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e1a5405d0-FRA
expires: Tue, 03 Nov 2020 18:13:19 GMT

GET
H2 200 required.svg
rrbertram.wearelegalshield.com/core/misc/icons/ee0000/ 513 B
506 B 408ms
406ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/core/misc/icons/ee0000/required.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-cache-hits: 1
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6d1000005d00f3bf000000001
x-request-id: v-ee766f7c-12ff-11eb-a8a8-d32654972d87
last-modified: Wed, 01 Jul 2020 16:46:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e1a5c05d0-FRA
expires: Tue, 03 Nov 2020 18:13:19 GMT

GET
DATA 200
OK truncated
/ 179 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icon-call-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 4 KB
2 KB 417ms
415ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-call-mobile.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88bba78dc0d69d9d4204001830a7a225e0d3d6e120453bc00b63c8b4e5a0615a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-cache-hits: 1
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6d6000005d0ea2cf000000001
x-request-id: v-ee76d282-12ff-11eb-a130-8f38a326029e
last-modified: Wed, 01 Jul 2020 16:31:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e2a6e05d0-FRA
expires: Tue, 03 Nov 2020 18:13:19 GMT

GET
H2 200 icon-message-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 8 KB
3 KB 425ms
424ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-message-mobile.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff6a2c54a93f9da7e4e45b12072c1dcab4b6a55b97fef3e306c4a639d9b0a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6d6000005d0e9151000000001
x-request-id: v-8d48f546-130c-11eb-9cee-77d18bdfa02c
last-modified: Wed, 01 Jul 2020 16:46:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e2a7305d0-FRA
expires: Tue, 03 Nov 2020 19:43:39 GMT

GET
H2 200 icon-team-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/ 6 KB
3 KB 419ms
418ms Image
image/svg+xml 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-team-mobile.svg

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7190dcf67a74e9ac7445367159edbd70707ce9b70d53654058c0effba95126a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-cache-hits: 2
x-ah-environment: prod
content-encoding: gzip
cf-request-id: 05e922f6d7000005d0f21bc000000001
x-request-id: v-e47480a8-11a7-11eb-8984-4fe8f609220e
last-modified: Wed, 01 Jul 2020 16:31:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 5e553a9e2a7505d0-FRA
expires: Mon, 02 Nov 2020 01:10:35 GMT

GET
H3-Q050 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v10/ 20 KB
20 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v10/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9005681ed03419ecf95af5ee9d20956942181bfc47bd28caa4dbea97173fe1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://rrbertram.wearelegalshield.com
Referer: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 21:01:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Sep 2020 00:05:01 GMT
server: sffe
age: 81709
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20060
x-xss-protection: 0
expires: Tue, 19 Oct 2021 21:01:50 GMT

GET
H2 200 icomoon.woff
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/fonts/icomoon/fonts/ 7 KB
7 KB 415ms
414ms Font
text/plain 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/fonts/icomoon/fonts/icomoon.woff

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1b70c6e9c7eff0765a7356fbf94838f6425f7cf07d159b7102dea9906964f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://rrbertram.wearelegalshield.com
Referer: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
status: 200
x-cache-hits: 2
x-ah-environment: prod
content-length: 6700
cf-request-id: 05e922f6d9000005d01c1b2000000001
x-request-id: v-025a8a04-11a8-11eb-a8ce-b36a49d8737a
last-modified: Wed, 01 Jul 2020 16:31:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 5e553a9e2a7b05d0-FRA
expires: Mon, 02 Nov 2020 01:11:25 GMT

GET
H3-Q050 200 iJWEBXyIfDnIV7nEnX661E_c5Ig.woff2
fonts.gstatic.com/s/rubik/v11/ 33 KB
33 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v11/iJWEBXyIfDnIV7nEnX661E_c5Ig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://rrbertram.wearelegalshield.com
Referer: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:25:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 2020 22:17:17 GMT
server: sffe
age: 116303
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34104
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:25:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 89 KB
33 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/google_tag.script.js?qhw6kl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2307f791ef4a35ce53b6d35acad09355a3c7ec6b346815a9346bf56f433dad49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:39 GMT
content-encoding: br
vary: *
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33426
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 B
400 B 111ms
111ms Image
image/gif 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=source&c=2023754

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 43
x-amz-cf-id: CH2h-0I2PDooY5P9f6N6NWA4OaOjKWv7sHfzkk5I9Qoot1nMspnC4g==
expires: 0

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 B
401 B 111ms
110ms Image
image/gif 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=en&c=4284818

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 43
x-amz-cf-id: 7OzyeDXytVQMNY7Hkt3LvDuEco0F0jet1N6m0SX3Tq__pH0nnydE9w==
expires: 0

GET
H2 200 associate_plans Show response
rrbertram.wearelegalshield.com/plan_details/get/ 26 B
928 B 765ms
765ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/plan_details/get/associate_plans?_=1603223019703

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d3e5fbb5dd07198713297628388aff670094e92453da51e935824fa6f848a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With: XMLHttpRequest
Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
vary: X-USER_REGION_OK,Accept-Encoding
content-length: 44
cf-request-id: 05e922fa04000005d0ce38f000000001
x-request-id: v-8dc5929a-130c-11eb-ab92-ab3bba6b4f65
x-ua-compatible: IE=edge
x-newrelic-app-data: PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7QVpSDDkHB0QDUQ5LZGhxXAtNE14NXwcWamsxCgJWd1UQAAtbQnoDCkQbDQUDFyNDEVcBUVlAV2MJWA9CQx9SSgYHUVZTFAMeV1JXAgMbS1UdFFYGB1FaA1UNUQ0MDFMCU1pDHQdSDhdTag==
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-language: en
via: varnish
x-generator: Drupal 8 (https://www.drupal.org)
x-xss-protection: 1; mode=block
cache-control: no-cache, private, must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 5e553aa33a4e05d0-FRA
content-type: application/json
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 current_domain Show response
rrbertram.wearelegalshield.com/lang/get/ 22 B
673 B 752ms
752ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/lang/get/current_domain?_=1603223019704

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b8ec743f51bd8390fa1e019356508b0a5e0d4b4da4bf5defca336e0b9d1dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With: XMLHttpRequest
Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
vary: X-USER_REGION_OK,Accept-Encoding
content-length: 48
cf-request-id: 05e922fa21000005d0193d9000000001
x-request-id: v-8dc93cc4-130c-11eb-aeb4-97c3ffcd0320
x-ua-compatible: IE=edge
x-newrelic-app-data: PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7XVddBTo/IV8MTBBXVFhXQTllLVAPVCELWEMTCQ9UVkJJXwVSRXQTFkNTXRYiDA9RC1ZAFAgaAgNVCVEdUR1RVQ8FUkpOCR8SUgJVD1BVVgAGBwEAAgIGBUAUBFlUR1du
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-language: en
via: varnish
x-generator: Drupal 8 (https://www.drupal.org)
x-xss-protection: 1; mode=block
cache-control: no-cache, private, must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 5e553aa36ae905d0-FRA
content-type: application/json
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 cookie Show response
rrbertram.wearelegalshield.com/geolocate/set/ 214 B
718 B 782ms
782ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/geolocate/set/cookie?_=1603223019705

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73daf99d7fa5a3f6364d3e43e641c4de4823e30027475814012bbaaced5da552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With: XMLHttpRequest
Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
vary: X-USER_REGION_OK,Accept-Encoding
content-length: 148
cf-request-id: 05e922fa32000005d0dd3e2000000001
x-request-id: v-8dc9304e-130c-11eb-a9dd-6fe0dddb6c4b
x-ua-compatible: IE=edge
x-newrelic-app-data: PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7VlNcDgkAA0QHZD57V1pGQQpVDVQTbz4jU1gNCQBZR1UnDgxDQ1gKCFREHlwVBhZzDVcJUV0WHgNLCVEBUQNOVBgEVlRWDh8dVU1ABgUOU1QABABRVwdQBFFdVxoUUlNfFlw8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-language: en
via: varnish
x-generator: Drupal 8 (https://www.drupal.org)
x-xss-protection: 1; mode=block
cache-control: no-cache, private, no-cache, private, must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 5e553aa38b2705d0-FRA
content-type: application/json
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 58ms
44ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c866a928a7bf24210dd51d71baf64dea619c85ffb2606be21233dbb1ed976425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50689
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Oct 2020 19:43:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1671
date: Tue, 20 Oct 2020 19:15:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 20 Oct 2020 21:15:49 GMT

GET
H2 200 hotjar-1545105.js Show response
static.hotjar.com/c/ 3 KB
2 KB 137ms
70ms Script
application/javascript 13.225.73.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1545105.js?sv=6

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.73.104 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-104.fra2.r.cloudfront.net

Software

Resource Hash

26e5f82466e011766e9d73f7e0d0be20c80e0e4e1290cf651aa47dd5034e6ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/0069cf3b6056be295d116bb10d6fa08f
status: 200
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
content-length: 1553
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-id: B4eSDAI5jsRqjb3Gp43vvw1PIGmqpWlIKh73i9FYJ3ekIdHUl0qNAg==

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 662
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 20 Oct 2020 20:32:38 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 100 KB
37 KB 30ms
24ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-W9DBLVT&t=gtm2&cid=1517110335.1603223020

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bbddeac4c852f6487ba9189d426136f7a8010aab63930e2554fb2ffc0343356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37389
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Oct 2020 19:43:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
401 B 34ms
14ms Other
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C8FXTVVG5Z&gtm=2oe9u1&_p=1957994938&sr=1600x1200&_gaz=1&ul=en-us&cid=1517110335.1603223020&_s=1&dl=https%3A%2F%2Frrbertram.wearelegalshield.com%2F&dr=&dt=We%20are%20LegalShield%20%7C%20We%20Are%20LegalShield&sid=1603223020&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://rrbertram.wearelegalshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
401 B 40ms
15ms Other
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C8FXTVVG5Z&cid=1517110335.1603223020&gtm=2oe9u1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://rrbertram.wearelegalshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 48ms
29ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C8FXTVVG5Z&cid=1517110335.1603223020&gtm=2oe9u1&aip=1&z=592772126

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
154 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1957994938&t=pageview&_s=1&dl=https%3A%2F%2Frrbertram.wearelegalshield.com%2F&ul=en-us&de=UTF-8&dt=We%20are%20LegalShield%20%7C%20We%20Are%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=53187578&gjid=2129761468&cid=1517110335.1603223020&tid=UA-7450226-32&_gid=1935128717.1603223020&_r=1&gtm=2wg9u1N2JV2JV&z=965452703

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://rrbertram.wearelegalshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
474 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&gjid=2129761468&_gid=1935128717.1603223020&_u=aGDAAEAKQAAAAC~&z=1240328040

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Oct 2020 19:43:40 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://rrbertram.wearelegalshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8892a865463d29e21514.js Show response
script.hotjar.com/ 361 KB
71 KB 135ms
53ms Script
application/javascript 54.192.206.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8892a865463d29e21514.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1545105.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.206.8 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-206-8.ham50.r.cloudfront.net

Software

Resource Hash

96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 11:51:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28309
x-cache: Hit from cloudfront
status: 200
content-length: 72450
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 11:48:03 GMT
etag: "bdab316b804b450b477b25a55b099ba6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: JCtacIhUOof5UwLBdugsLJcRepqDsdQUk_tNS850E7pDyNSQ8oiEJA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
289 B 32ms
30ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&_u=aGDAAEAKQAAAAC~&z=523768656

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
491 B 50ms
36ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&_u=aGDAAEAKQAAAAC~&z=523768656

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 91BA 0
0 96ms
31ms Document
text/html 13.224.194.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1545105.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-84.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rrbertram.wearelegalshield.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://rrbertram.wearelegalshield.com/

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: AnTmcL6WuxX0JGPVkFmA-JTkJN9xFEQ6iR65EOI_6vlm4P2EVfZVDA==
age: 1320055

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 90ms
30ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: gzip
x-amz-request-id: 56EA6FC207045B4A
x-cache: HIT
status: 200
content-length: 10624
x-amz-id-2: uuJq8l4/GQY+JgvDjzOrYyBmMFeI+giKQUxO070uUoDDC3xFCWuCaTfbc4ynBcc3qgltYSdwh7A=
x-served-by: cache-fra19123-FRA
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1603223021.616345,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 22914

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1545105/ 178 B
321 B 155ms
51ms XHR
application/json 52.49.158.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1545105/visit-data?sv=6
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.158.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-158-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 20 Oct 2020 19:43:40 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H/1.1 200
OK c786e855e0 Show response
bam.nr-data.net/1/ 57 B
146 B 510ms
126ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c786e855e0?a=311551747&v=1184.ab39b52&to=ZQZUZUVWXkIHAUJaV1xMd1JDXl9fSSZERkhTD2pfWFNVbSUNWEdKXQ9aVEVrfl4CB2BaXUUgWV9DRV9dCgdEHgZEClNG&rst=5775&ck=0&ref=https://rrbertram.wearelegalshield.com/&ap=1911&be=3638&fe=5641&dc=4862&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1603223014900,%22n%22:0,%22f%22:3549,%22dn%22:3550,%22dne%22:3566,%22c%22:3566,%22s%22:3572,%22ce%22:3587,%22rq%22:3587,%22rp%22:3625,%22rpe%22:3641,%22dl%22:3629,%22di%22:4861,%22ds%22:4862,%22de%22:5183,%22dc%22:5640,%22l%22:5640,%22le%22:5641%7D,%22navigation%22:%7B%7D%7D&fp=4412&fcp=4412&at=SUFXEw1MTUw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 get-licenses Show response
rrbertram.wearelegalshield.com/lgs/ 39 B
391 B 837ms
837ms XHR
application/json 2606:4700::6812:1d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrbertram.wearelegalshield.com/lgs/get-licenses?_=1603223019706

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e235fd9b8be35e8a8d45b3a72acd4bdb34e9c97905b2c688adf16877c8e41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With: XMLHttpRequest
Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 19:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
status: 200
x-ah-environment: prod
vary: X-USER_REGION_OK,Accept-Encoding
content-length: 57
cf-request-id: 05e922fd48000005d0c33c7000000001
x-request-id: v-8e5394b4-130c-11eb-8dac-afe9b0bc54ed
x-ua-compatible: IE=edge
x-newrelic-app-data: PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7UEVADQUKA0QHSz5ke1tcRxdWDV0EQT44dVYPNQZUX3MLDxZFXlsKAUMbDQUDFy5ZAV0MS11QYl8EVxITTQNMVAYHUVZPCB0DVFhUDx0aV0gTA1IDUlRaUQBcBwEMBAYABBtNVwBfEQFr
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-language: en
via: varnish
x-generator: Drupal 8 (https://www.drupal.org)
x-xss-protection: 1; mode=block
cache-control: no-cache, private, must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 5e553aa869c305d0-FRA
content-type: application/json
expires: Sun, 19 Nov 1978 05:00:00 GMT

POST
H2 200 s Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 2 B
358 B 128ms
127ms XHR
application/json 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/s

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Oct 2020 19:43:42 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 2
x-amz-cf-id: tECX-3g2ULm9FEOEVUZOBt3UbKBCNTEgOieOOg80JSAIY3c4ILI_VA==

POST
H2 200 s Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 2 B
357 B 126ms
126ms XHR
application/json 2600:9000:2057:4e00:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/s

Requested by

Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Oct 2020 19:43:46 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 200
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 2
x-amz-cf-id: V2LmXz5eqAGUYAGoaYp3gQzJxezKAxAZcYfpHUGjcpEq1OYIt2LLiQ==

POST
H/1.1 200
OK c786e855e0 Show response
bam.nr-data.net/events/1/ 24 B
197 B 126ms
126ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/c786e855e0?a=311551747&v=1184.ab39b52&to=ZQZUZUVWXkIHAUJaV1xMd1JDXl9fSSZERkhTD2pfWFNVbSUNWEdKXQ9aVEVrfl4CB2BaXUUgWV9DRV9dCgdEHgZEClNG&rst=15771&ck=0&ref=https://rrbertram.wearelegalshield.com/
Requested by: Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://rrbertram.wearelegalshield.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://rrbertram.wearelegalshield.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wearelegalshield.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.wearelegalshield.com/	1970-01-20 06:51:35	Name: _ga Value: GA1.2.1517110335.1603223020
.wearelegalshield.com/	1970-01-20 06:51:35	Name: _ga_C8FXTVVG5Z Value: GS1.1.1603223020.1.0.1603223020.60
rrbertram.wearelegalshield.com/	1970-01-19 13:20:23	Name: _hjIncludedInPageviewSample Value: 1
.wearelegalshield.com/	1970-01-19 22:05:59	Name: _hjid Value: cf1a4298-dbc8-4740-bc3c-7e19b8ccac85
.wearelegalshield.com/	1970-01-19 13:20:23	Name: _gat_UA-7450226-32 Value: 1
.wearelegalshield.com/	1970-01-19 13:20:24	Name: _hjAbsoluteSessionInProgress Value: 0
.wearelegalshield.com/	1970-01-19 13:21:49	Name: _gid Value: GA1.2.1935128717.1603223020

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.legalshield.com
bam.nr-data.net
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
in.hotjar.com
js-agent.newrelic.com
legalshieldassociate.com
restoremytrust.com
rrbertram.wearelegalshield.com
script.hotjar.com
sites.legalshield.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
w3.legalshield.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.legalshield.com
www.prepaidlegal.com
12.28.84.175
12.28.84.176
12.28.84.179
13.224.194.84
13.225.73.104
151.101.14.110
162.247.242.20
184.168.131.241
2001:4de0:ac19::1:b:1b
2600:9000:2057:4e00:d:d64b:9600:93a1
2606:4700::6812:1d65
2606:4700::6812:844
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:400c:c03::9c
2a04:4e42:1b::621
52.49.158.250
54.192.206.8
66.96.149.17
0498e0c1b38c505685a4f6491ee9212967ee8c99229b4961fd1eda480f7b9360
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06d55b7a49c007a424dfcc3e4bc65e7577a54d9d5cada532d5b79be0cfa2f1c5
08e0e0881b09d994f010896c467a083568810fc3a8af8cae6950391d67139e23
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2
1bbddeac4c852f6487ba9189d426136f7a8010aab63930e2554fb2ffc0343356
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
20e235fd9b8be35e8a8d45b3a72acd4bdb34e9c97905b2c688adf16877c8e41c
2307f791ef4a35ce53b6d35acad09355a3c7ec6b346815a9346bf56f433dad49
26e5f82466e011766e9d73f7e0d0be20c80e0e4e1290cf651aa47dd5034e6ef3
349f7ab3e261a12647bbeb0b771b08d987ed89592f845c3c6e59514958b4bdba
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
3b8af6338a757717d51602afc0adb70f545075353c001948062afd6863fe2896
3c8ed83cc6a779eebbee7318e6a4f2f57241dbd31ecc904f2169d49c32ebdc10
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51daf84a97e9a43a4ea86168486ea13f6642d4992800384967c68f2756145133
551d539116a008efcd0b7acecd4ac0d3b60e5614f9faa091b33f3793809d8bd4
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55b8ec743f51bd8390fa1e019356508b0a5e0d4b4da4bf5defca336e0b9d1dad
56c87f86df77914508df621718210116f7469b9b3232796c0c24385eb1556989
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
5d3e5fbb5dd07198713297628388aff670094e92453da51e935824fa6f848a5b
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62a86a61184f4646c08365e35193ee12405580420685238e70af80432277a1e7
6e87edd73d00a17a4e4198e8d80439ac82d4086c3afb678ff53da91f18895c9a
7190dcf67a74e9ac7445367159edbd70707ce9b70d53654058c0effba95126a9
73daf99d7fa5a3f6364d3e43e641c4de4823e30027475814012bbaaced5da552
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7de954a1c187f692ad51220848ad3f382be7ed438acfd76fb560c83373f4bcb1
8159460b139cf8670d4d8c74f80895086bd892ca4de7141452c37e38e61fed6e
81e772c2a351b10ffb36a90e983cc8719f3e0f81d6b4930bea7c775ab04d59af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88bba78dc0d69d9d4204001830a7a225e0d3d6e120453bc00b63c8b4e5a0615a
8c1722191791666b8cc53de2d2f476af336755e1a9c01b9b9766629ec43f33c9
8e10287727b7d245ba6c9a5e415bd40474473d8d8b551b95a5b2ed3b9629e364
9005681ed03419ecf95af5ee9d20956942181bfc47bd28caa4dbea97173fe1db
91f3cb69726109d125891ae3ed9ab527a5d6297d1ef1f8925d13bc3bb3eac954
969c928204c41a6f90104df6bd2bfbe169b3b030c75bcaecd36bf257d00bae48
96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc
9ff6a2c54a93f9da7e4e45b12072c1dcab4b6a55b97fef3e306c4a639d9b0a0b
afc1f7dd7b8200b3a78b545dae8008123fb7656784f8e6dda7f604bd168dbfca
b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2
b50df0b192f065032cd11136036986e908aed4dad79c4fee0766149f4d2d46f8
b7e63fc7a5bb6de4e434a6132379c3719ef08eca40e582f7399e342bf373012a
b88538a90496f327d7a27e72f6eb754b366459f404777cf928aa3eb1c2a20b49
bc148d9729e3eaa5fb7b95f99bbee539402c093de612e866799fd0307f603d76
bc86893c84322441d2ec30e5f6e5b06e1102a7eb2958ab8001d9242b3c507efb
c226d886ea166bf5ad691f6759369e13e28459ec2b0e02d4d4770fdb4a37cd9b
c866a928a7bf24210dd51d71baf64dea619c85ffb2606be21233dbb1ed976425
cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa
cd6892852050fc37b773197d04b9ad2239c0d0b89a9ffbe686a27dca8d85db24
d22e0dc6c76cf2a432f0e31b94b1f8ec5eded5e91cbc6c1e3709c0a17b8a25b3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2b17615d633ad68332964c263d140420253b631a78c21dc765f0c7a9ad0eff
e243ff29a2e0086bf4e06a7d7d41dd41b4fd66dc42a2ca4123657d75ce096389
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1b70c6e9c7eff0765a7356fbf94838f6425f7cf07d159b7102dea9906964f3
ec3081dae059d98ab44c7e1bcd0c387e7659ccebe8bf7bf1ab974d18635db1db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41428382d1c678c48082204d28e1e9792b069917bfe6d3b47018d3d1a8ffc8a
f7f02ce1b5ad76645828e1312e8cdd5b5fb8f52e8e1bc56b76e853e0456fab02

rrbertram.wearelegalshield.com Open in urlscan Pro 2606:4700::6812:1d65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

54 %IPv6

18 Domains

25 Subdomains

20 IPs

6 Countries

3478 kBTransfer

5428 kBSize

8 Cookies

14 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rrbertram.wearelegalshield.com Open in urlscan Pro
2606:4700::6812:1d65 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

54 %
IPv6

18
Domains

25
Subdomains

20
IPs

6
Countries

3478 kB
Transfer

5428 kB
Size

8
Cookies

72 HTTP transactions
1 data transactions