rrbertram.wearelegalshield.com Open in urlscan Pro
2606:4700::6812:1d65  Public Scan

Submitted URL: https://restoremytrust.com/
Effective URL: https://rrbertram.wearelegalshield.com/
Submission: On October 20 via automatic, source certstream-suspicious

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 72 HTTP transactions. The main IP is 2606:4700::6812:1d65, located in United States and belongs to CLOUDFLARENET, US. The main domain is rrbertram.wearelegalshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.
This is the only time rrbertram.wearelegalshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.96.149.17 29873 (BIZLAND-SD)
1 1 184.168.131.241 26496 (AS-26496-...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 12.28.84.179 7018 (ATT-INTER...)
1 1 12.28.84.175 7018 (ATT-INTER...)
37 2606:4700::68... 13335 (CLOUDFLAR...)
8 2600:9000:205... 16509 (AMAZON-02)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 12.28.84.176 7018 (ATT-INTER...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.225.73.104 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.192.206.8 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.84 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
1 52.49.158.250 16509 (AMAZON-02)
2 162.247.242.20 23467 (NEWRELIC-...)
72 20
Domain Requested by
37 rrbertram.wearelegalshield.com rrbertram.wearelegalshield.com
8 global.localizecdn.com rrbertram.wearelegalshield.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
rrbertram.wearelegalshield.com
3 fonts.gstatic.com fonts.googleapis.com
2 bam.nr-data.net js-agent.newrelic.com
rrbertram.wearelegalshield.com
2 www.google.de rrbertram.wearelegalshield.com
2 stats.g.doubleclick.net www.googletagmanager.com
rrbertram.wearelegalshield.com
2 www.googletagmanager.com rrbertram.wearelegalshield.com
www.googletagmanager.com
2 code.jquery.com rrbertram.wearelegalshield.com
2 www.legalshield.com 2 redirects
1 in.hotjar.com rrbertram.wearelegalshield.com
1 js-agent.newrelic.com rrbertram.wearelegalshield.com
1 vars.hotjar.com static.hotjar.com
1 www.google.com rrbertram.wearelegalshield.com
1 script.hotjar.com static.hotjar.com
1 analytics.google.com www.googletagmanager.com
1 static.hotjar.com rrbertram.wearelegalshield.com
1 api.legalshield.com rrbertram.wearelegalshield.com
1 cdn.jsdelivr.net rrbertram.wearelegalshield.com
1 fonts.googleapis.com rrbertram.wearelegalshield.com
1 legalshieldassociate.com 1 redirects
1 w3.legalshield.com 1 redirects
1 sites.legalshield.com 1 redirects
1 www.prepaidlegal.com 1 redirects
1 restoremytrust.com 1 redirects
72 25
Subject Issuer Validity Valid
wearelegalshield.com
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
cdn.localizejs.com
Amazon
2020-03-20 -
2021-04-20
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-05 -
2021-04-17
6 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.legalshield.com
Go Daddy Secure Certificate Authority - G2
2020-02-26 -
2022-04-16
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.hotjar.com
Amazon
2020-01-22 -
2021-02-22
a year crt.sh
*.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
www.google.de
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
www.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.google.de
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-13 -
2021-05-07
7 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 2 frames:

Primary Page: https://rrbertram.wearelegalshield.com/
Frame ID: 2E8D97E9B348AABECC13F08406645537
Requests: 72 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 91BA097DA04C0CD006012D7629870B46
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://restoremytrust.com/ HTTP 302
    http://www.prepaidlegal.com/info/rrbertram HTTP 301
    http://www.legalshield.com/info/rrbertram HTTP 301
    https://www.legalshield.com/info/rrbertram HTTP 301
    https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram HTTP 302
    https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram HTTP 301
    http://legalshieldassociate.com/hub/rrbertram HTTP 301
    https://rrbertram.wearelegalshield.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers expires /19 Nov 1978/i

Overall confidence: 100%
Detected patterns
  • headers expires /19 Nov 1978/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

72
Requests

100 %
HTTPS

54 %
IPv6

18
Domains

25
Subdomains

20
IPs

6
Countries

3478 kB
Transfer

5428 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://restoremytrust.com/ HTTP 302
    http://www.prepaidlegal.com/info/rrbertram HTTP 301
    http://www.legalshield.com/info/rrbertram HTTP 301
    https://www.legalshield.com/info/rrbertram HTTP 301
    https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram HTTP 302
    https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram HTTP 301
    http://legalshieldassociate.com/hub/rrbertram HTTP 301
    https://rrbertram.wearelegalshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rrbertram.wearelegalshield.com/
Redirect Chain
  • https://restoremytrust.com/
  • http://www.prepaidlegal.com/info/rrbertram
  • http://www.legalshield.com/info/rrbertram
  • https://www.legalshield.com/info/rrbertram
  • https://sites.legalshield.com/redirect/RedirectMS?site=info&value=rrbertram
  • https://w3.legalshield.com/aasites/Multisite?site=info&assoc=rrbertram
  • http://legalshieldassociate.com/hub/rrbertram
  • https://rrbertram.wearelegalshield.com/
263 KB
71 KB
Document
General
Full URL
https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e87edd73d00a17a4e4198e8d80439ac82d4086c3afb678ff53da91f18895c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
rrbertram.wearelegalshield.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 20 Oct 2020 19:43:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da627644c5ea2fa21e437e9789887495c1603223018; expires=Thu, 19-Nov-20 19:43:38 GMT; path=/; domain=.wearelegalshield.com; HttpOnly; SameSite=Lax; Secure __cf_bm=d6017881e4b714c87a3d9c7d23abe5595998726e-1603223018-1800-Adb9bpJZ88uh8jVqmwC53nEAvSsHKWGxdkoOdLBkHrVq176AGYnBgydjZSwJmNHuJpoDM3e26L3b7kIQ6IUQcWM=; path=/; expires=Tue, 20-Oct-20 20:13:38 GMT; domain=.wearelegalshield.com; HttpOnly; Secure; SameSite=None
cf-ray
5e553a998ca705d0-FRA
age
4
cache-control
no-cache, private, max-age=10800, public
content-language
en
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 20 Oct 2020 19:43:32 GMT
link
<https://rrbertram.wearelegalshield.com/>; rel="shortlink", <https://rrbertram.wearelegalshield.com/>; rel="canonical", <https://rrbertram.wearelegalshield.com/we-are-legalshield>; rel="revision"
vary
X-USER_REGION_OK,Accept-Encoding
via
varnish
cf-cache-status
HIT
cf-request-id
05e922f3f9000005d015b6b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 8 (https://www.drupal.org)
x-request-id
v-8902208e-130c-11eb-8402-3792bc0d3b0c
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
server
cloudflare
content-encoding
gzip

Redirect headers

Location
https://rrbertram.wearelegalshield.com
Server
BigIP
Connection
Keep-Alive
Content-Length
0
localize.js
global.localizecdn.com/
55 KB
20 KB
Script
General
Full URL
https://global.localizecdn.com/localize.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7e63fc7a5bb6de4e434a6132379c3719ef08eca40e582f7399e342bf373012a

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v
430
date
Tue, 20 Oct 2020 13:21:12 GMT
content-encoding
gzip
age
22947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Tue, 20 Oct 2020 13:21:06 GMT
server
AmazonS3
etag
W/"d22bea1d86e45c335911ff7a9238db27"
vary
Accept-Encoding
x-amz-version-id
OKFXPoGTodTYL.s_2njn37kprrr1LHP5
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
cache-control
public, max-age=172800
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
zSklwM-Jbx3g5xsHnKQiOfn9bMu8t5t-HspCntrDyUg6zRjXjj9EzA==
google_tag.script.js
rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/
416 B
518 B
Script
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/google_tag.script.js?qhw6kl
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22e0dc6c76cf2a432f0e31b94b1f8ec5eded5e91cbc6c1e3709c0a17b8a25b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
330
cf-request-id
05e922f42e000005d022a6b000000001
x-request-id
v-2e4c94ba-0fd0-11eb-bb99-273b5bd99574
last-modified
Thu, 08 Oct 2020 16:46:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
expires
Fri, 30 Oct 2020 16:53:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a99ed8905d0-FRA
x-cache-hits
2
css_felUocGH9pKtUSIISK0_OCvn7UOKz9dvtWDIM3P0vLE.css
rrbertram.wearelegalshield.com/sites/default/files/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_felUocGH9pKtUSIISK0_OCvn7UOKz9dvtWDIM3P0vLE.css
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de954a1c187f692ad51220848ad3f382be7ed438acfd76fb560c83373f4bcb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
3665
cf-request-id
05e922f42b000005d0aa91a000000001
x-request-id
v-c7d07286-11a7-11eb-a040-37ce385ef0a2
last-modified
Tue, 15 Sep 2020 21:18:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
expires
Mon, 02 Nov 2020 01:09:47 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a99dd7e05d0-FRA
x-cache-hits
1
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/
35 KB
8 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
status
200
etag
W/"57d97c08-8c85"
vary
Accept-Encoding
x-hw
1603223018.dop216.fr8.t,1603223018.cds273.fr8.hn,1603223018.cds272.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8323
css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
rrbertram.wearelegalshield.com/sites/default/files/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0498e0c1b38c505685a4f6491ee9212967ee8c99229b4961fd1eda480f7b9360
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
2768
cf-request-id
05e922f42b000005d0128b7000000001
x-request-id
v-2e4adf30-0fd0-11eb-aa4a-d7c7f1425b33
last-modified
Fri, 11 Sep 2020 19:43:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
expires
Fri, 30 Oct 2020 16:53:56 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a99dd7f05d0-FRA
x-cache-hits
3
css
fonts.googleapis.com/
9 KB
923 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06d55b7a49c007a424dfcc3e4bc65e7577a54d9d5cada532d5b79be0cfa2f1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Oct 2020 19:43:38 GMT
server
ESF
date
Tue, 20 Oct 2020 19:43:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Oct 2020 19:43:38 GMT
css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
rrbertram.wearelegalshield.com/sites/default/files/css/
449 KB
44 KB
Stylesheet
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8ed83cc6a779eebbee7318e6a4f2f57241dbd31ecc904f2169d49c32ebdc10
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
45015
cf-request-id
05e922f42c000005d00a81d000000001
x-request-id
v-8ce03e5c-130c-11eb-bfda-f351c4361c70
last-modified
Thu, 08 Oct 2020 16:46:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a99dd8105d0-FRA
expires
Tue, 03 Nov 2020 19:43:38 GMT
modernizr.min.js
rrbertram.wearelegalshield.com/core/assets/vendor/modernizr/
5 KB
2 KB
Script
General
Full URL
https://rrbertram.wearelegalshield.com/core/assets/vendor/modernizr/modernizr.min.js?v=3.3.1
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
2110
cf-request-id
05e922f42e000005d0ce2e0000000001
x-request-id
v-ed96bf08-12ff-11eb-9dc2-2f32f8a8701c
last-modified
Wed, 01 Jul 2020 16:31:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
expires
Tue, 03 Nov 2020 18:13:17 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a99ed8605d0-FRA
x-cache-hits
1
wals-legal-plan-detail-image.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/
1 MB
1 MB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/wals-legal-plan-detail-image.png?itok=pcM2Sj_s
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
551d539116a008efcd0b7acecd4ac0d3b60e5614f9faa091b33f3793809d8bd4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
1056224
cf-request-id
05e922f6c0000005d0e914f000000001
x-request-id
v-8d446756-130c-11eb-b6fa-13d6c2f549c4
last-modified
Mon, 16 Mar 2020 14:46:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9dfa0205d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
Uql18luxTDBvnMhDmPePFBv_7ElzulCFzlhBefkzGh0.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
2 KB
2 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/Uql18luxTDBvnMhDmPePFBv_7ElzulCFzlhBefkzGh0.jpg?h=b3d4a7b7&itok=HphiHJ4y
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88538a90496f327d7a27e72f6eb754b366459f404777cf928aa3eb1c2a20b49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
2287
cf-request-id
05e922f6bf000005d0eeb79000000001
x-request-id
v-db3e822c-11a7-11eb-9bb9-771f849bc0b4
last-modified
Wed, 01 Apr 2020 20:34:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 02 Nov 2020 01:10:20 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9dfa0605d0-FRA
x-cache-hits
1
N2S205XXUi95cvnC66DYyXs5k-N0vFBdh3pcqT8nGdQ.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
2 KB
2 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/N2S205XXUi95cvnC66DYyXs5k-N0vFBdh3pcqT8nGdQ.jpg?h=b3d4a7b7&itok=OaN3Ua0Z
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc1f7dd7b8200b3a78b545dae8008123fb7656784f8e6dda7f604bd168dbfca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
2249
cf-request-id
05e922f6bf000005d0c0914000000001
x-request-id
v-8d4311b2-130c-11eb-bdbe-a7188d43a750
last-modified
Thu, 03 Sep 2020 19:28:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9dfa0805d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
wals-19.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/
150 KB
150 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-19.jpg?itok=TGtgl5ki
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e10287727b7d245ba6c9a5e415bd40474473d8d8b551b95a5b2ed3b9629e364
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
153120
cf-request-id
05e922f6c0000005d0b8131000000001
x-request-id
v-8d44b4d6-130c-11eb-9f96-4b53016945e6
last-modified
Tue, 30 Jun 2020 21:38:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9dfa0a05d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
ExZ7zPw2Kf1w6Xpg_5-GYx3BjAJoDgs6fIzxkGpIXzc.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
2 KB
2 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/ExZ7zPw2Kf1w6Xpg_5-GYx3BjAJoDgs6fIzxkGpIXzc.jpg?h=b3d4a7b7&itok=92l_sswY
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c226d886ea166bf5ad691f6759369e13e28459ec2b0e02d4d4770fdb4a37cd9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
2063
cf-request-id
05e922f6c0000005d018a67000000001
x-request-id
v-dc68840e-11a7-11eb-bcf0-e7d78b92d88b
last-modified
Wed, 01 Apr 2020 14:27:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 02 Nov 2020 01:10:22 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a0b05d0-FRA
x-cache-hits
1
fEjGrX_KS5w5mFcyrnrXl5blptAmWlkMKfhcoHqXs04.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
2 KB
2 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/fEjGrX_KS5w5mFcyrnrXl5blptAmWlkMKfhcoHqXs04.jpg?h=b3d4a7b7&itok=xMi1B8nZ
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3081dae059d98ab44c7e1bcd0c387e7659ccebe8bf7bf1ab974d18635db1db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
1976
cf-request-id
05e922f6c0000005d0b5b77000000001
x-request-id
v-dc67b45c-11a7-11eb-82bd-f3bf4fe9e74a
last-modified
Thu, 03 Sep 2020 19:29:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 02 Nov 2020 01:10:21 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a0e05d0-FRA
x-cache-hits
1
smb-hero.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/
544 KB
545 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/smb-hero.png?itok=TXX5CNTk
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51daf84a97e9a43a4ea86168486ea13f6642d4992800384967c68f2756145133
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
557146
cf-request-id
05e922f6c1000005d0f6a69000000001
x-request-id
v-8d44a806-130c-11eb-a5fa-17a22bec34fb
last-modified
Wed, 11 Mar 2020 14:36:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1005d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
703ARCqQiUVdLPnxY8YhiSWPkvYKBdRO4BJQPh9HigU.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
2 KB
3 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/703ARCqQiUVdLPnxY8YhiSWPkvYKBdRO4BJQPh9HigU.jpg?h=7a6e80fd&itok=dxeIGz_P
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f02ce1b5ad76645828e1312e8cdd5b5fb8f52e8e1bc56b76e853e0456fab02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
2271
cf-request-id
05e922f6c1000005d0fda24000000001
x-request-id
v-dc92d7e0-11a7-11eb-85fb-4bc39163d15c
last-modified
Wed, 01 Apr 2020 14:28:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 02 Nov 2020 01:10:22 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1105d0-FRA
x-cache-hits
1
wals-7.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/
171 KB
171 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-7.jpg?itok=ruCxr1sy
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349f7ab3e261a12647bbeb0b771b08d987ed89592f845c3c6e59514958b4bdba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
174759
cf-request-id
05e922f6c1000005d0ef1a5000000001
x-request-id
v-8d4522d6-130c-11eb-94a2-1f7a2b8c818b
last-modified
Tue, 30 Jun 2020 21:42:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1305d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
wals-33.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/
163 KB
163 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-33.jpg?itok=wkaEIuc8
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e243ff29a2e0086bf4e06a7d7d41dd41b4fd66dc42a2ca4123657d75ce096389
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
166779
cf-request-id
05e922f6c1000005d0c6b86000000001
x-request-id
v-8d44ae96-130c-11eb-88af-d37e44404e5f
last-modified
Tue, 30 Jun 2020 21:43:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1505d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
wals-8.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/
131 KB
131 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-06/wals-8.jpg?itok=auB0L9yY
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e0e0881b09d994f010896c467a083568810fc3a8af8cae6950391d67139e23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
134066
cf-request-id
05e922f6c2000005d0dc8e4000000001
x-request-id
v-8d46008e-130c-11eb-9c45-3f6b618c68a0
last-modified
Tue, 30 Jun 2020 21:47:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1805d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
0GKsntHScfHSBj_x8HVRQXtdi_htMNwM0EN6cqtIPuc.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
4 KB
4 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/0GKsntHScfHSBj_x8HVRQXtdi_htMNwM0EN6cqtIPuc.jpg?h=b3d4a7b7&itok=QxEhcpkO
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c87f86df77914508df621718210116f7469b9b3232796c0c24385eb1556989
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
3835
cf-request-id
05e922f6c2000005d0c32f7000000001
x-request-id
v-dc9a5542-11a7-11eb-bd14-b7f938df3c53
last-modified
Tue, 28 Apr 2020 14:12:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Mon, 02 Nov 2020 01:10:22 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1905d0-FRA
x-cache-hits
2
Wvua9talD_r0DzR_MyqBFdXdvQFAK-In1zrx-cbEtac.jpg
rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/
3 KB
3 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_small_square_1_1/public/oembed_thumbnails/Wvua9talD_r0DzR_MyqBFdXdvQFAK-In1zrx-cbEtac.jpg?h=b3d4a7b7&itok=XCTnsUtg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e772c2a351b10ffb36a90e983cc8719f3e0f81d6b4930bea7c775ab04d59af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
3180
cf-request-id
05e922f6c2000005d0b9b5e000000001
x-request-id
v-ee773772-12ff-11eb-b5d1-43543f276589
last-modified
Thu, 03 Sep 2020 19:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 03 Nov 2020 18:13:19 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1a05d0-FRA
x-cache-hits
1
anthony.png
rrbertram.wearelegalshield.com/sites/default/files/styles/small_square_hq_1_1/public/image/2020-04/
147 KB
148 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/small_square_hq_1_1/public/image/2020-04/anthony.png?h=e699c218&itok=lrQ7Ja71
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a86a61184f4646c08365e35193ee12405580420685238e70af80432277a1e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
150793
cf-request-id
05e922f6c3000005d022ab9000000001
x-request-id
v-dca1a716-11a7-11eb-b92b-9b0e2c551687
last-modified
Thu, 23 Apr 2020 19:45:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Mon, 02 Nov 2020 01:10:22 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1c05d0-FRA
x-cache-hits
2
YourOwnBoss.png
rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/
350 KB
350 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/styles/x_large/public/image/2020-03/YourOwnBoss.png?itok=5vRFEqHH
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8159460b139cf8670d4d8c74f80895086bd892ca4de7141452c37e38e61fed6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
358370
cf-request-id
05e922f6c3000005d0d92c2000000001
x-request-id
v-8d44e564-130c-11eb-8394-3f7541b86c80
last-modified
Tue, 30 Jun 2020 18:06:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e0a1d05d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
js_vBSNlynj6qX7e5X5m77lOUAsCT3mEuhmeZ_QMH9gPXY.js
rrbertram.wearelegalshield.com/sites/default/files/js/
516 KB
128 KB
Script
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/js/js_vBSNlynj6qX7e5X5m77lOUAsCT3mEuhmeZ_QMH9gPXY.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc148d9729e3eaa5fb7b95f99bbee539402c093de612e866799fd0307f603d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
130590
cf-request-id
05e922f5e6000005d0dc8ca000000001
x-request-id
v-edaf2c78-12ff-11eb-9366-6b905db254b3
last-modified
Thu, 08 Oct 2020 16:46:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
expires
Tue, 03 Nov 2020 18:13:17 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9cae4505d0-FRA
x-cache-hits
1
jquery.inputmask.bundle.min.js
cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@4.0.9/dist/min/
116 KB
28 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/RobinHerbots/Inputmask@4.0.9/dist/min/jquery.inputmask.bundle.min.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b8af6338a757717d51602afc0adb70f545075353c001948062afd6863fe2896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1095086
x-cache
MISS, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
28213
etag
W/"1ce80-9w3azvl2iMMrbDtCSEnQWGT+2m8"
x-served-by
cache-fra19121-FRA, cache-hhn4075-HHN
date
Tue, 20 Oct 2020 19:43:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js_vIaJPIQyJEHS7DDl9uWwbhECp-spWKuAAdkkKzxQfvs.js
rrbertram.wearelegalshield.com/sites/default/files/js/
6 KB
2 KB
Script
General
Full URL
https://rrbertram.wearelegalshield.com/sites/default/files/js/js_vIaJPIQyJEHS7DDl9uWwbhECp-spWKuAAdkkKzxQfvs.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc86893c84322441d2ec30e5f6e5b06e1102a7eb2958ab8001d9242b3c507efb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-ah-environment
prod
content-length
1930
cf-request-id
05e922f6bf000005d00a876000000001
x-request-id
v-ee0fbe4e-12ff-11eb-b922-47cd6e40e220
last-modified
Thu, 01 Oct 2020 14:04:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
expires
Tue, 03 Nov 2020 18:13:18 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9dfa0005d0-FRA
x-cache-hits
1
jquery-ui.min.js
code.jquery.com/ui/1.12.1/
248 KB
66 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
status
200
etag
W/"57d97c08-3dee4"
vary
Accept-Encoding
x-hw
1603223019.dop216.fr8.t,1603223019.cds273.fr8.hn,1603223019.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
tu
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
501 B
919 B
XHR
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tu?v=430
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df2b17615d633ad68332964c263d140420253b631a78c21dc765f0c7a9ad0eff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:38 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
etag
W/"1f5-V3uXRNNexlQlYxOHjA05fMtx5Tg"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
501
x-amz-cf-id
nsAlEqLFyE-il9pY9VJwZHcg8diQf34pKyZBhRadEt6p06JvRT5iAw==
expires
0
g
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
43 KB
19 KB
XHR
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=0&l=source
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b50df0b192f065032cd11136036986e908aed4dad79c4fee0766149f4d2d46f8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 15:40:37 GMT
content-encoding
gzip
server
nginx
age
14581
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=43200
x-amz-cf-pop
FRA6-C1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
sCzI9o65v1ntYVzErhkm6WGfakGasmmYolirzDNCVaGTIii7T8wAlg==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
g
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
43 KB
19 KB
XHR
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=3469&l=en
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f41428382d1c678c48082204d28e1e9792b069917bfe6d3b47018d3d1a8ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:38 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=2592000
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
PNdqEe2Xi4qwDdk2seA3j8g1i_GYO2yXT2GCkjRZOXkL9eO6BUZDGg==
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v11/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWKBXyIfDnIV7nBrXyw023e.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rrbertram.wearelegalshield.com
Referer
https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:16:56 GMT
server
sffe
age
116569
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35668
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:50 GMT
icon-phone.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
677 B
552 B
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-phone.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1722191791666b8cc53de2d2f476af336755e1a9c01b9b9766629ec43f33c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6cd000005d018a6a000000001
x-request-id
v-8d45aada-130c-11eb-8d4b-7f93a42c8a44
last-modified
Fri, 14 Aug 2020 14:35:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e1a4705d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
icon-email.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
854 B
525 B
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-email.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6892852050fc37b773197d04b9ad2239c0d0b89a9ffbe686a27dca8d85db24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6cd000005d0d92c4000000001
x-request-id
v-8d459b6c-130c-11eb-bce0-6393135f1bc7
last-modified
Fri, 14 Aug 2020 14:35:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e1a4a05d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
119316362-1491992795.903000.jpg
api.legalshield.com/v2/public/associates/avatar/
3 KB
3 KB
Image
General
Full URL
https://api.legalshield.com/v2/public/associates/avatar/119316362-1491992795.903000.jpg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
12.28.84.176 Ada, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
91f3cb69726109d125891ae3ed9ab527a5d6297d1ef1f8925d13bc3bb3eac954

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 20 Oct 2020 19:43:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/jpeg;charset=utf-8
cart-icon.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
690 B
634 B
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/cart-icon.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6cd000005d00b3bd000000001
x-request-id
v-8d46908a-130c-11eb-9544-5b658d2fe1e7
last-modified
Mon, 21 Sep 2020 21:10:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e1a4d05d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
e63463b2803b2638498a6ef941e55eb0.png
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/
9 KB
9 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/e63463b2803b2638498a6ef941e55eb0.png
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969c928204c41a6f90104df6bd2bfbe169b3b030c75bcaecd36bf257d00bae48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-length
9420
cf-request-id
05e922f6ce000005d0ac110000000001
x-request-id
v-8d48292c-130c-11eb-b912-8b0cadc1dd03
last-modified
Wed, 01 Jul 2020 16:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e1a4f05d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
dot-pattern.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
23 KB
4 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/dot-pattern.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
1
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6ce000005d0b30e7000000001
x-request-id
v-ee76222e-12ff-11eb-bc68-7b873271b789
last-modified
Wed, 01 Jul 2020 16:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e1a5405d0-FRA
expires
Tue, 03 Nov 2020 18:13:19 GMT
required.svg
rrbertram.wearelegalshield.com/core/misc/icons/ee0000/
513 B
506 B
Image
General
Full URL
https://rrbertram.wearelegalshield.com/core/misc/icons/ee0000/required.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_BJjgwbOMUFaFpPZJHukhKWfujJkim0lh_R7aSA97k2A.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
1
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6d1000005d00f3bf000000001
x-request-id
v-ee766f7c-12ff-11eb-a8a8-d32654972d87
last-modified
Wed, 01 Jul 2020 16:46:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e1a5c05d0-FRA
expires
Tue, 03 Nov 2020 18:13:19 GMT
truncated
/
179 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
icon-call-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
4 KB
2 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-call-mobile.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bba78dc0d69d9d4204001830a7a225e0d3d6e120453bc00b63c8b4e5a0615a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
1
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6d6000005d0ea2cf000000001
x-request-id
v-ee76d282-12ff-11eb-a130-8f38a326029e
last-modified
Wed, 01 Jul 2020 16:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e2a6e05d0-FRA
expires
Tue, 03 Nov 2020 18:13:19 GMT
icon-message-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
8 KB
3 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-message-mobile.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff6a2c54a93f9da7e4e45b12072c1dcab4b6a55b97fef3e306c4a639d9b0a0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6d6000005d0e9151000000001
x-request-id
v-8d48f546-130c-11eb-9cee-77d18bdfa02c
last-modified
Wed, 01 Jul 2020 16:46:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e2a7305d0-FRA
expires
Tue, 03 Nov 2020 19:43:39 GMT
icon-team-mobile.svg
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/
6 KB
3 KB
Image
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/images/svg/icon-team-mobile.svg
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7190dcf67a74e9ac7445367159edbd70707ce9b70d53654058c0effba95126a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
2
x-ah-environment
prod
content-encoding
gzip
cf-request-id
05e922f6d7000005d0f21bc000000001
x-request-id
v-e47480a8-11a7-11eb-8984-4fe8f609220e
last-modified
Wed, 01 Jul 2020 16:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
cf-ray
5e553a9e2a7505d0-FRA
expires
Mon, 02 Nov 2020 01:10:35 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v10/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v10/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9005681ed03419ecf95af5ee9d20956942181bfc47bd28caa4dbea97173fe1db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rrbertram.wearelegalshield.com
Referer
https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 21:01:50 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 00:05:01 GMT
server
sffe
age
81709
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20060
x-xss-protection
0
expires
Tue, 19 Oct 2021 21:01:50 GMT
icomoon.woff
rrbertram.wearelegalshield.com/themes/custom/themekit/dist/fonts/icomoon/fonts/
7 KB
7 KB
Font
General
Full URL
https://rrbertram.wearelegalshield.com/themes/custom/themekit/dist/fonts/icomoon/fonts/icomoon.woff
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1b70c6e9c7eff0765a7356fbf94838f6425f7cf07d159b7102dea9906964f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://rrbertram.wearelegalshield.com
Referer
https://rrbertram.wearelegalshield.com/sites/default/files/css/css_PI7YPManee677nMY5qTy9XJB29MezJBPIWnUnDLr3BA.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
status
200
x-cache-hits
2
x-ah-environment
prod
content-length
6700
cf-request-id
05e922f6d9000005d01c1b2000000001
x-request-id
v-025a8a04-11a8-11eb-a8ce-b36a49d8737a
last-modified
Wed, 01 Jul 2020 16:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
5e553a9e2a7b05d0-FRA
expires
Mon, 02 Nov 2020 01:11:25 GMT
iJWEBXyIfDnIV7nEnX661E_c5Ig.woff2
fonts.gstatic.com/s/rubik/v11/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWEBXyIfDnIV7nEnX661E_c5Ig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://rrbertram.wearelegalshield.com
Referer
https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:25:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:17:17 GMT
server
sffe
age
116303
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34104
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:25:16 GMT
gtm.js
www.googletagmanager.com/
89 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/sites/default/files/google_tag/gtm_n2jv2jv/google_tag.script.js?qhw6kl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2307f791ef4a35ce53b6d35acad09355a3c7ec6b346815a9346bf56f433dad49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:39 GMT
content-encoding
br
vary
*
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33426
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
43 B
400 B
Image
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=source&c=2023754
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
CH2h-0I2PDooY5P9f6N6NWA4OaOjKWv7sHfzkk5I9Qoot1nMspnC4g==
expires
0
tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
43 B
401 B
Image
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=en&c=4284818
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
7OzyeDXytVQMNY7Hkt3LvDuEco0F0jet1N6m0SX3Tq__pH0nnydE9w==
expires
0
associate_plans
rrbertram.wearelegalshield.com/plan_details/get/
26 B
928 B
XHR
General
Full URL
https://rrbertram.wearelegalshield.com/plan_details/get/associate_plans?_=1603223019703
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3e5fbb5dd07198713297628388aff670094e92453da51e935824fa6f848a5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With
XMLHttpRequest
Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
vary
X-USER_REGION_OK,Accept-Encoding
content-length
44
cf-request-id
05e922fa04000005d0ce38f000000001
x-request-id
v-8dc5929a-130c-11eb-ab92-ab3bba6b4f65
x-ua-compatible
IE=edge
x-newrelic-app-data
PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7QVpSDDkHB0QDUQ5LZGhxXAtNE14NXwcWamsxCgJWd1UQAAtbQnoDCkQbDQUDFyNDEVcBUVlAV2MJWA9CQx9SSgYHUVZTFAMeV1JXAgMbS1UdFFYGB1FaA1UNUQ0MDFMCU1pDHQdSDhdTag==
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
via
varnish
x-generator
Drupal 8 (https://www.drupal.org)
x-xss-protection
1; mode=block
cache-control
no-cache, private, must-revalidate, no-cache, private
accept-ranges
bytes
cf-ray
5e553aa33a4e05d0-FRA
content-type
application/json
expires
Sun, 19 Nov 1978 05:00:00 GMT
current_domain
rrbertram.wearelegalshield.com/lang/get/
22 B
673 B
XHR
General
Full URL
https://rrbertram.wearelegalshield.com/lang/get/current_domain?_=1603223019704
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b8ec743f51bd8390fa1e019356508b0a5e0d4b4da4bf5defca336e0b9d1dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With
XMLHttpRequest
Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
vary
X-USER_REGION_OK,Accept-Encoding
content-length
48
cf-request-id
05e922fa21000005d0193d9000000001
x-request-id
v-8dc93cc4-130c-11eb-aeb4-97c3ffcd0320
x-ua-compatible
IE=edge
x-newrelic-app-data
PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7XVddBTo/IV8MTBBXVFhXQTllLVAPVCELWEMTCQ9UVkJJXwVSRXQTFkNTXRYiDA9RC1ZAFAgaAgNVCVEdUR1RVQ8FUkpOCR8SUgJVD1BVVgAGBwEAAgIGBUAUBFlUR1du
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
via
varnish
x-generator
Drupal 8 (https://www.drupal.org)
x-xss-protection
1; mode=block
cache-control
no-cache, private, must-revalidate, no-cache, private
accept-ranges
bytes
cf-ray
5e553aa36ae905d0-FRA
content-type
application/json
expires
Sun, 19 Nov 1978 05:00:00 GMT
cookie
rrbertram.wearelegalshield.com/geolocate/set/
214 B
718 B
XHR
General
Full URL
https://rrbertram.wearelegalshield.com/geolocate/set/cookie?_=1603223019705
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73daf99d7fa5a3f6364d3e43e641c4de4823e30027475814012bbaaced5da552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With
XMLHttpRequest
Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
vary
X-USER_REGION_OK,Accept-Encoding
content-length
148
cf-request-id
05e922fa32000005d0dd3e2000000001
x-request-id
v-8dc9304e-130c-11eb-a9dd-6fe0dddb6c4b
x-ua-compatible
IE=edge
x-newrelic-app-data
PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7VlNcDgkAA0QHZD57V1pGQQpVDVQTbz4jU1gNCQBZR1UnDgxDQ1gKCFREHlwVBhZzDVcJUV0WHgNLCVEBUQNOVBgEVlRWDh8dVU1ABgUOU1QABABRVwdQBFFdVxoUUlNfFlw8
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
via
varnish
x-generator
Drupal 8 (https://www.drupal.org)
x-xss-protection
1; mode=block
cache-control
no-cache, private, no-cache, private, must-revalidate, no-cache, private
accept-ranges
bytes
cf-ray
5e553aa38b2705d0-FRA
content-type
application/json
expires
Sun, 19 Nov 1978 05:00:00 GMT
js
www.googletagmanager.com/gtag/
129 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c866a928a7bf24210dd51d71baf64dea619c85ffb2606be21233dbb1ed976425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50689
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Oct 2020 19:43:40 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JV2JV&gtm_auth=RjJKXnQDP_aEAdiszTj-BA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
1671
date
Tue, 20 Oct 2020 19:15:49 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 20 Oct 2020 21:15:49 GMT
hotjar-1545105.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1545105.js?sv=6
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.73.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-104.fra2.r.cloudfront.net
Software
/
Resource Hash
26e5f82466e011766e9d73f7e0d0be20c80e0e4e1290cf651aa47dd5034e6ef3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/0069cf3b6056be295d116bb10d6fa08f
status
200
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
vary
Accept-Encoding
content-length
1553
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-id
B4eSDAI5jsRqjb3Gp43vvw1PIGmqpWlIKh73i9FYJ3ekIdHUl0qNAg==
ec.js
www.google-analytics.com/plugins/ua/
3 KB
2 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
662
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 20 Oct 2020 20:32:38 GMT
js
www.google-analytics.com/gtm/
100 KB
37 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W9DBLVT&t=gtm2&cid=1517110335.1603223020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bbddeac4c852f6487ba9189d426136f7a8010aab63930e2554fb2ffc0343356
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37389
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Oct 2020 19:43:40 GMT
collect
analytics.google.com/g/
0
401 B
Other
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-C8FXTVVG5Z&gtm=2oe9u1&_p=1957994938&sr=1600x1200&_gaz=1&ul=en-us&cid=1517110335.1603223020&_s=1&dl=https%3A%2F%2Frrbertram.wearelegalshield.com%2F&dr=&dt=We%20are%20LegalShield%20%7C%20We%20Are%20LegalShield&sid=1603223020&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://rrbertram.wearelegalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
401 B
Other
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C8FXTVVG5Z&cid=1517110335.1603223020&gtm=2oe9u1&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C8FXTVVG5Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://rrbertram.wearelegalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
513 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C8FXTVVG5Z&cid=1517110335.1603223020&gtm=2oe9u1&aip=1&z=592772126
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
154 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1957994938&t=pageview&_s=1&dl=https%3A%2F%2Frrbertram.wearelegalshield.com%2F&ul=en-us&de=UTF-8&dt=We%20are%20LegalShield%20%7C%20We%20Are%20LegalShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=53187578&gjid=2129761468&cid=1517110335.1603223020&tid=UA-7450226-32&_gid=1935128717.1603223020&_r=1&gtm=2wg9u1N2JV2JV&z=965452703
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://rrbertram.wearelegalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
474 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&gjid=2129761468&_gid=1935128717.1603223020&_u=aGDAAEAKQAAAAC~&z=1240328040
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 20 Oct 2020 19:43:40 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://rrbertram.wearelegalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8892a865463d29e21514.js
script.hotjar.com/
361 KB
71 KB
Script
General
Full URL
https://script.hotjar.com/modules.8892a865463d29e21514.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1545105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.206.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-206-8.ham50.r.cloudfront.net
Software
/
Resource Hash
96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 11:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
28309
x-cache
Hit from cloudfront
status
200
content-length
72450
access-control-allow-origin
*
last-modified
Tue, 20 Oct 2020 11:48:03 GMT
etag
"bdab316b804b450b477b25a55b099ba6"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 750d61457617565702159ec33a988964.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JCtacIhUOof5UwLBdugsLJcRepqDsdQUk_tNS850E7pDyNSQ8oiEJA==
ga-audiences
www.google.com/ads/
42 B
289 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&_u=aGDAAEAKQAAAAC~&z=523768656
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
491 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-7450226-32&cid=1517110335.1603223020&jid=53187578&_u=aGDAAEAKQAAAAC~&z=523768656
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Oct 2020 19:43:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 91BA
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1545105.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-84.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rrbertram.wearelegalshield.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rrbertram.wearelegalshield.com/

Response headers

status
200
content-type
text/html
content-length
851
date
Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
AnTmcL6WuxX0JGPVkFmA-JTkJN9xFEQ6iR65EOI_6vlm4P2EVfZVDA==
age
1320055
nr-1184.min.js
js-agent.newrelic.com/
27 KB
11 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
gzip
x-amz-request-id
56EA6FC207045B4A
x-cache
HIT
status
200
content-length
10624
x-amz-id-2
uuJq8l4/GQY+JgvDjzOrYyBmMFeI+giKQUxO070uUoDDC3xFCWuCaTfbc4ynBcc3qgltYSdwh7A=
x-served-by
cache-fra19123-FRA
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1603223021.616345,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
22914
visit-data
in.hotjar.com/api/v2/client/sites/1545105/
178 B
321 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1545105/visit-data?sv=6
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.158.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-158-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 20 Oct 2020 19:43:40 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
c786e855e0
bam.nr-data.net/1/
57 B
146 B
Script
General
Full URL
https://bam.nr-data.net/1/c786e855e0?a=311551747&v=1184.ab39b52&to=ZQZUZUVWXkIHAUJaV1xMd1JDXl9fSSZERkhTD2pfWFNVbSUNWEdKXQ9aVEVrfl4CB2BaXUUgWV9DRV9dCgdEHgZEClNG&rst=5775&ck=0&ref=https://rrbertram.wearelegalshield.com/&ap=1911&be=3638&fe=5641&dc=4862&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1603223014900,%22n%22:0,%22f%22:3549,%22dn%22:3550,%22dne%22:3566,%22c%22:3566,%22s%22:3572,%22ce%22:3587,%22rq%22:3587,%22rp%22:3625,%22rpe%22:3641,%22dl%22:3629,%22di%22:4861,%22ds%22:4862,%22de%22:5183,%22dc%22:5640,%22l%22:5640,%22le%22:5641%7D,%22navigation%22:%7B%7D%7D&fp=4412&fcp=4412&at=SUFXEw1MTUw%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
get-licenses
rrbertram.wearelegalshield.com/lgs/
39 B
391 B
XHR
General
Full URL
https://rrbertram.wearelegalshield.com/lgs/get-licenses?_=1603223019706
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e235fd9b8be35e8a8d45b3a72acd4bdb34e9c97905b2c688adf16877c8e41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-NewRelic-ID
VQQDVl9XGwABVVRXBgYDUQ==
X-Requested-With
XMLHttpRequest
Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 19:43:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS
status
200
x-ah-environment
prod
vary
X-USER_REGION_OK,Accept-Encoding
content-length
57
cf-request-id
05e922fd48000005d0c33c7000000001
x-request-id
v-8e5394b4-130c-11eb-8dac-afe9b0bc54ed
x-ua-compatible
IE=edge
x-newrelic-app-data
PxQGU1JUAQcTV1BTAgQGUVAGFB9AMQYAZBBZDEtZV0ZaClc9HiBQFg1ZWT1JJ0pGQAUNPmtdUBU7UEVADQUKA0QHSz5ke1tcRxdWDV0EQT44dVYPNQZUX3MLDxZFXlsKAUMbDQUDFy5ZAV0MS11QYl8EVxITTQNMVAYHUVZPCB0DVFhUDx0aV0gTA1IDUlRaUQBcBwEMBAYABBtNVwBfEQFr
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
en
via
varnish
x-generator
Drupal 8 (https://www.drupal.org)
x-xss-protection
1; mode=block
cache-control
no-cache, private, must-revalidate, no-cache, private
accept-ranges
bytes
cf-ray
5e553aa869c305d0-FRA
content-type
application/json
expires
Sun, 19 Nov 1978 05:00:00 GMT
s
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
2 B
358 B
XHR
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/s
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Oct 2020 19:43:42 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
2
x-amz-cf-id
tECX-3g2ULm9FEOEVUZOBt3UbKBCNTEgOieOOg80JSAIY3c4ILI_VA==
s
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/
2 B
357 B
XHR
General
Full URL
https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/s
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Oct 2020 19:43:46 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
status
200
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
2
x-amz-cf-id
V2LmXz5eqAGUYAGoaYp3gQzJxezKAxAZcYfpHUGjcpEq1OYIt2LLiQ==
c786e855e0
bam.nr-data.net/events/1/
24 B
197 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/c786e855e0?a=311551747&v=1184.ab39b52&to=ZQZUZUVWXkIHAUJaV1xMd1JDXl9fSSZERkhTD2pfWFNVbSUNWEdKXQ9aVEVrfl4CB2BaXUUgWV9DRV9dCgdEHgZEClNG&rst=15771&ck=0&ref=https://rrbertram.wearelegalshield.com/
Requested by
Host: rrbertram.wearelegalshield.com
URL: https://rrbertram.wearelegalshield.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://rrbertram.wearelegalshield.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://rrbertram.wearelegalshield.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| NREUM object| newrelic function| __nr_require object| Localize object| Modernizr function| makeparam function| getGlobalBuilderStatusFull function| _toConsumableArray object| PlanSelectedManager function| hrefToObject object| ModalsPlanManager undefined| $ function| jQuery function| _ object| drupalSettings object| Drupal object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Inputmask object| dataLayer object| $lang_menu object| $list object| $select number| numberOfOptions object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| google_optimize object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

8 Cookies

Domain/Path Name / Value
.wearelegalshield.com/ Name: _hjTLDTest
Value: 1
.wearelegalshield.com/ Name: _ga
Value: GA1.2.1517110335.1603223020
.wearelegalshield.com/ Name: _ga_C8FXTVVG5Z
Value: GS1.1.1603223020.1.0.1603223020.60
rrbertram.wearelegalshield.com/ Name: _hjIncludedInPageviewSample
Value: 1
.wearelegalshield.com/ Name: _hjid
Value: cf1a4298-dbc8-4740-bc3c-7e19b8ccac85
.wearelegalshield.com/ Name: _gat_UA-7450226-32
Value: 1
.wearelegalshield.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.wearelegalshield.com/ Name: _gid
Value: GA1.2.1935128717.1603223020

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.legalshield.com
bam.nr-data.net
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
in.hotjar.com
js-agent.newrelic.com
legalshieldassociate.com
restoremytrust.com
rrbertram.wearelegalshield.com
script.hotjar.com
sites.legalshield.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
w3.legalshield.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.legalshield.com
www.prepaidlegal.com
12.28.84.175
12.28.84.176
12.28.84.179
13.224.194.84
13.225.73.104
151.101.14.110
162.247.242.20
184.168.131.241
2001:4de0:ac19::1:b:1b
2600:9000:2057:4e00:d:d64b:9600:93a1
2606:4700::6812:1d65
2606:4700::6812:844
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2003
2a00:1450:400c:c03::9c
2a04:4e42:1b::621
52.49.158.250
54.192.206.8
66.96.149.17
0498e0c1b38c505685a4f6491ee9212967ee8c99229b4961fd1eda480f7b9360
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06d55b7a49c007a424dfcc3e4bc65e7577a54d9d5cada532d5b79be0cfa2f1c5
08e0e0881b09d994f010896c467a083568810fc3a8af8cae6950391d67139e23
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1107824fee57311554e87b7ebf3da2f518124457e2b0df8bfdd22870dfbb2548
113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2
1bbddeac4c852f6487ba9189d426136f7a8010aab63930e2554fb2ffc0343356
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
20e235fd9b8be35e8a8d45b3a72acd4bdb34e9c97905b2c688adf16877c8e41c
2307f791ef4a35ce53b6d35acad09355a3c7ec6b346815a9346bf56f433dad49
26e5f82466e011766e9d73f7e0d0be20c80e0e4e1290cf651aa47dd5034e6ef3
349f7ab3e261a12647bbeb0b771b08d987ed89592f845c3c6e59514958b4bdba
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
3b8af6338a757717d51602afc0adb70f545075353c001948062afd6863fe2896
3c8ed83cc6a779eebbee7318e6a4f2f57241dbd31ecc904f2169d49c32ebdc10
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51daf84a97e9a43a4ea86168486ea13f6642d4992800384967c68f2756145133
551d539116a008efcd0b7acecd4ac0d3b60e5614f9faa091b33f3793809d8bd4
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55b8ec743f51bd8390fa1e019356508b0a5e0d4b4da4bf5defca336e0b9d1dad
56c87f86df77914508df621718210116f7469b9b3232796c0c24385eb1556989
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
5d3e5fbb5dd07198713297628388aff670094e92453da51e935824fa6f848a5b
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62a86a61184f4646c08365e35193ee12405580420685238e70af80432277a1e7
6e87edd73d00a17a4e4198e8d80439ac82d4086c3afb678ff53da91f18895c9a
7190dcf67a74e9ac7445367159edbd70707ce9b70d53654058c0effba95126a9
73daf99d7fa5a3f6364d3e43e641c4de4823e30027475814012bbaaced5da552
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7de954a1c187f692ad51220848ad3f382be7ed438acfd76fb560c83373f4bcb1
8159460b139cf8670d4d8c74f80895086bd892ca4de7141452c37e38e61fed6e
81e772c2a351b10ffb36a90e983cc8719f3e0f81d6b4930bea7c775ab04d59af
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88bba78dc0d69d9d4204001830a7a225e0d3d6e120453bc00b63c8b4e5a0615a
8c1722191791666b8cc53de2d2f476af336755e1a9c01b9b9766629ec43f33c9
8e10287727b7d245ba6c9a5e415bd40474473d8d8b551b95a5b2ed3b9629e364
9005681ed03419ecf95af5ee9d20956942181bfc47bd28caa4dbea97173fe1db
91f3cb69726109d125891ae3ed9ab527a5d6297d1ef1f8925d13bc3bb3eac954
969c928204c41a6f90104df6bd2bfbe169b3b030c75bcaecd36bf257d00bae48
96b7353cfc0c512962840bc951b0e1009d3419defac1a37a7b1149e8ea3d43cc
9ff6a2c54a93f9da7e4e45b12072c1dcab4b6a55b97fef3e306c4a639d9b0a0b
afc1f7dd7b8200b3a78b545dae8008123fb7656784f8e6dda7f604bd168dbfca
b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2
b50df0b192f065032cd11136036986e908aed4dad79c4fee0766149f4d2d46f8
b7e63fc7a5bb6de4e434a6132379c3719ef08eca40e582f7399e342bf373012a
b88538a90496f327d7a27e72f6eb754b366459f404777cf928aa3eb1c2a20b49
bc148d9729e3eaa5fb7b95f99bbee539402c093de612e866799fd0307f603d76
bc86893c84322441d2ec30e5f6e5b06e1102a7eb2958ab8001d9242b3c507efb
c226d886ea166bf5ad691f6759369e13e28459ec2b0e02d4d4770fdb4a37cd9b
c866a928a7bf24210dd51d71baf64dea619c85ffb2606be21233dbb1ed976425
cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa
cd6892852050fc37b773197d04b9ad2239c0d0b89a9ffbe686a27dca8d85db24
d22e0dc6c76cf2a432f0e31b94b1f8ec5eded5e91cbc6c1e3709c0a17b8a25b3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2b17615d633ad68332964c263d140420253b631a78c21dc765f0c7a9ad0eff
e243ff29a2e0086bf4e06a7d7d41dd41b4fd66dc42a2ca4123657d75ce096389
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1b70c6e9c7eff0765a7356fbf94838f6425f7cf07d159b7102dea9906964f3
ec3081dae059d98ab44c7e1bcd0c387e7659ccebe8bf7bf1ab974d18635db1db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41428382d1c678c48082204d28e1e9792b069917bfe6d3b47018d3d1a8ffc8a
f7f02ce1b5ad76645828e1312e8cdd5b5fb8f52e8e1bc56b76e853e0456fab02