www.hbsslaw.com Open in urlscan Pro
2606:4700:10::6816:a81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/ii94IefCdE
Effective URL:
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-rev...
Submission: On May 07 via api (May 7th 2021, 2:05:01 pm UTC) from US

Summary HTTP 113 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 29 domains to perform 113 HTTP transactions. The main IP is 2606:4700:10::6816:a81, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hbsslaw.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2020. Valid for: a year.

This is the only time www.hbsslaw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
24	2606:4700:10:... 2606:4700:10::6816:a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	104.109.85.134 104.109.85.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.73.65 65.9.73.65	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.22 65.9.73.22	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.43.144.18 185.43.144.18	199766 (SOVEREIGN) (SOVEREIGN)
1	50.19.224.133 50.19.224.133	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6813:9059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.118.58 35.201.118.58	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.12.143 151.101.12.143	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
18	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:4e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f008:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f108:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	169.63.31.200 169.63.31.200	36351 (SOFTLAYER) (SOFTLAYER)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
113	33

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:10::6816:a81 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hbsslaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.65 (United States)

ASN16509 (AMAZON-02, US)

apps.form.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.22 (United States)

ASN16509 (AMAZON-02, US)

cdn.form.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.43.144.18 (London, United Kingdom)

ASN199766 (SOVEREIGN, GB)
PTR: www.sovereign-plc.co.uk

iptrack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dashboard.whoisvisiting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.224.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-224-133.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:9059 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.118.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.143 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:11::6817:860b (United States)

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:4e1 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f008:8:face:b00c:0:1 (Milan, Italy)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f108:83:face:b00c:0:25de (Milan, Italy)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.63.31.200 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c8.1f.3fa9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	hbsslaw.com www.hbsslaw.com	6 MB
18	jotfor.ms cdn.jotfor.ms	394 KB
11	termly.io app.termly.io	100 KB
8	jotform.com form.jotform.com www.jotform.com js.jotform.com events.jotform.com	30 KB
6	addthis.com s7.addthis.com api-public.addthis.com	192 KB
5	google-analytics.com www.google-analytics.com	38 KB
4	gstatic.com fonts.gstatic.com	70 KB
3	google.de www.google.de	234 B
3	google.com www.google.com	236 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
3	jotform.io widgets.jotform.io	2 KB
3	swiftypecdn.com s.swiftypecdn.com	148 KB
2	nr-data.net bam.nr-data.net	328 B
2	facebook.com www.facebook.com	176 B
2	facebook.net connect.facebook.net	96 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
2	form.io apps.form.io cdn.form.io	31 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	swiftype.com cc.swiftype.com	279 B
1	googleadservices.com www.googleadservices.com	14 KB
1	whoisvisiting.com dashboard.whoisvisiting.com	892 B
1	addthisedge.com v1.addthisedge.com	721 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	lltrck.com lltrck.com
1	iptrack.io iptrack.io	1 KB
1	moatads.com z.moatads.com	1 KB
1	unpkg.com unpkg.com	655 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	t.co t.co	589 B
113	29

	Domain	Requested by
24	www.hbsslaw.com	t.co www.hbsslaw.com
18	cdn.jotfor.ms	form.jotform.com cdn.jotfor.ms
11	app.termly.io	www.hbsslaw.com app.termly.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.hbsslaw.com form.jotform.com
4	fonts.gstatic.com	fonts.googleapis.com
3	api-public.addthis.com	s7.addthis.com
3	www.google.de	www.hbsslaw.com
3	www.google.com	www.hbsslaw.com
3	widgets.jotform.io	form.jotform.com
3	s.swiftypecdn.com	www.hbsslaw.com s.swiftypecdn.com
3	s7.addthis.com	www.hbsslaw.com s7.addthis.com
2	bam.nr-data.net	js-agent.newrelic.com
2	events.jotform.com	form.jotform.com
2	www.facebook.com	www.hbsslaw.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	t.co connect.facebook.net
2	js.jotform.com	form.jotform.com
2	cdnjs.cloudflare.com	form.jotform.com
2	www.jotform.com	form.jotform.com
2	form.jotform.com	www.hbsslaw.com
1	js-agent.newrelic.com	www.hbsslaw.com
1	cc.swiftype.com	www.hbsslaw.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	dashboard.whoisvisiting.com	www.hbsslaw.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googletagmanager.com	www.hbsslaw.com
1	lltrck.com	www.hbsslaw.com
1	iptrack.io	www.hbsslaw.com
1	z.moatads.com	s7.addthis.com
1	unpkg.com	www.hbsslaw.com
1	cdn.form.io	www.hbsslaw.com
1	apps.form.io	www.hbsslaw.com
1	fonts.googleapis.com	www.hbsslaw.com
1	t.co
113	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.justice.gov
www.latimes.com
www.reuters.com
www.hbsslaw.co.uk

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.form.io Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.iptrack.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-01` - `2021-10-31`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2020-09-23` - `2021-09-23`	a year	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2021-04-13` - `2022-05-14`	a year	crt.sh
*.jotform.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-17` - `2021-07-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.whoisvisiting.com RapidSSL RSA CA 2018	`2020-05-21` - `2021-08-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.swiftype.com DigiCert SHA2 Secure Server CA	`2020-06-25` - `2022-06-30`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Frame ID: 4BE75E0CCDFDAB6C0702B830F521AD38
Requests: 77 HTTP requests in this frame

Frame: https://form.jotform.com/211194771801150
Frame ID: 4D429E9BA140DFD5F02C9A56112B2BE0
Requests: 19 HTTP requests in this frame

Frame: https://form.jotform.com/62907196919167
Frame ID: 7A28732688F18BA5F365C93F210940B5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whistleblower News: $10M False Claim Act Settlement, Inside Hollywood's Ponzi Scheme, US SEC Reviewing Short-Selling, IRS Kraken Cryptocurrency Summons | Blog | Hagens BermanFacebookTwitterLinkedInEmailPrintPDFmyURLAddThisFacebookTwitterLinkedInEmailPrintPDFmyURLAddThisFacebookTwitterLinkedInEmailPrintPDFmyURLAddThis

Page URL History Show full URLs

https://t.co/ii94IefCdE Page URL
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-pon... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

113
Requests

100 %
HTTPS

61 %
IPv6

29
Domains

35
Subdomains

33
IPs

5
Countries

7471 kB
Transfer

18621 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hbsslaw

Search URL Search Domain Scan URL

URL: https://twitter.com/classactionlaw

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCt_qVrOsA8YeHKS8vxTSsZw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hagens-berman-sobol-shapiro-llp/

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-az/pr/neurosurgical-associates-ltd-and-dignity-health-dba-st-josephs-hospital-paid-10-million
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.latimes.com/california/00000179-3ef8-d786-a7ff-7efe550b0000-123
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/us-sec-chief-plans-scrutinize-short-sellers-rein-gamification-following-gamestop-2021-05-05/
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/court-authorizes-service-john-doe-summons-seeking-identities-us-taxpayers-who-have-used-1
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.hbsslaw.co.uk/
Title: UK Site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/ii94IefCdE Page URL
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ii94IefCdE Show response
t.co/ 678 B
589 B 205ms
147ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/ii94IefCdE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

f3d789973acef4842753351229f16dcd3eaf7ee375dec590dde14fb333447959

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /ii94IefCdE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 279
content-type: text/html; charset=utf-8
date: Fri, 07 May 2021 14:04:39 GMT
expires: Fri, 07 May 2021 14:09:39 GMT
server: tsa_f
set-cookie: muc=06b7380a-b34c-4ad3-a336-c52fa05d9d8e; Max-Age=63072000; Expires=Sun, 07 May 2023 14:04:39 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 64c462192731513e7c8b924650891452
x-response-time: 125
x-xss-protection: 0

GET
H2 200 Primary Request whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons Show response
www.hbsslaw.com/blog/ 58 KB
16 KB 926ms
861ms Document
text/html 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Requested by

Host: t.co
URL: https://t.co/ii94IefCdE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5384e234d7397621446a74c32fa5adbd1f961e6a37483d2357d5ba6a748129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.hbsslaw.com
:scheme: https
:path: /blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279; expires=Sun, 06-Jun-21 14:04:39 GMT; path=/; domain=.hbsslaw.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=1800, public
x-drupal-dynamic-cache: UNCACHEABLE
link: <https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons>; rel="canonical" <https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 06 May 2021 21:16:25 GMT
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
x-request-id: v-2a29017c-af3d-11eb-a4dd-8bd534f31d5f
x-ah-environment: prod
age: 0
via: varnish
x-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 09e8be1e7f00002c3ad9bb2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 64baffaa6f0c2c3a-FRA
content-encoding: gzip

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
1 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@300;400;600;700;800&family=Oswald:wght@300;400;500;600;700&display=swap

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f9999f3d4183415bbb986c0e58b70017384b48e6b0dcb7ccbc1d215002e3b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:04:40 GMT
server: ESF
date: Fri, 07 May 2021 14:04:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 14:04:40 GMT

GET
H2 200 google_tag.script.js Show response
www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/ 348 B
526 B 46ms
43ms Script
application/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16921f2294f01407a6abf25c7ee6cc53809dee4845e147081f0a635ecf41aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3894
x-cache: HIT
x-cache-hits: 54
x-ah-environment: prod
vary: Accept-Encoding
content-length: 283
cf-request-id: 09e8be220000002c3aab993000000001
x-request-id: v-1d383bc0-a2e7-11eb-94a6-d7c44d35f617
last-modified: Wed, 21 Apr 2021 21:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffafff8b2c3a-FRA
expires: Wed, 19 May 2021 21:26:50 GMT

GET
H2 200 css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css
www.hbsslaw.com/sites/default/files/css/ 145 KB
26 KB 63ms
60ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee8c48760597171c0801694c970aba742d3ba1fbb5a0215ab0da631e772d583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 680146
x-cache: HIT
x-cache-hits: 31
x-ah-environment: prod
vary: Accept-Encoding
content-length: 26323
cf-request-id: 09e8be21fd00002c3aab992000000001
x-request-id: v-84734266-a748-11eb-b325-4ba2453fced0
last-modified: Wed, 21 Apr 2021 21:18:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffafff842c3a-FRA
expires: Tue, 11 May 2021 11:05:46 GMT

GET
H2 200 css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
www.hbsslaw.com/sites/default/files/css/ 4 MB
145 KB 54ms
51ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

549f8e7bfc250bc9c79034b4ce4ad860e70bc8edc6eb5281f79d6189f6f29c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7834
x-cache: HIT
x-cache-hits: 171
x-ah-environment: prod
vary: Accept-Encoding
content-length: 147871
cf-request-id: 09e8be220300002c3a40979000000001
x-request-id: v-ad1a9876-9c45-11eb-929c-33af94059ed0
last-modified: Tue, 30 Mar 2021 21:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffafff892c3a-FRA
expires: Tue, 11 May 2021 17:46:53 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 83ms
26ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 07 May 2021 14:04:40 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 formio-full.min.css
apps.form.io/hagensberman/view/ 15 KB
15 KB 157ms
49ms Stylesheet
text/css 65.9.73.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.form.io/hagensberman/view/formio-full.min.css
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84302a4f6522169b946e88e5c0548533f8bb7d9c5b9d76ab87192571a77405a9

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 21:18:15 GMT
via: 1.1 a06d82f018833bef3e7f2e9fd230e5ee.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 20:55:57 GMT
server: AmazonS3
age: 60386
etag: "d4d9be825fe1cd6dc4afc9f9c671b32b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: AMS1-C1
content-length: 15347
x-amz-cf-id: FzZApQAoEZK0DHQ51cYYU5-WjBqHVakyHMPQKvDEXLVa4wbL9nK2EA==

GET
H2 200 flatpickr.min.css
cdn.form.io/flatpickr/ 16 KB
16 KB 288ms
97ms Stylesheet
text/css 65.9.73.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.form.io/flatpickr/flatpickr.min.css
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 23:58:26 GMT
via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
last-modified: Mon, 03 May 2021 23:40:57 GMT
server: AmazonS3
age: 50775
etag: "6e17f044632a398d3ee196a1ef289b27"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: AMS1-C1
content-length: 16081
x-amz-cf-id: AtOIB-4qfiEl_U6Fbo_0eLOoWoT1sx_mqKIdmUqUIiDi7mjN7RFsVw==

GET
H2 200 formio.full.js Show response
unpkg.com/formiojs@4.9.24/dist/ 4 MB
655 KB 61ms
61ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/formiojs@4.9.24/dist/formio.full.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3287389dbe681975c1266c77ab0d39476855742c683ee57f7b78c39352b5f3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1218297
fly-request-id: 01F3Z8EGMSJZX3EKZTA5BJ6JJY
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09e8be21fc0000c290e432e000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"46e87e-MQLgs0WP4+AlxbB+S9+93Op0BiM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64baffaffaf9c290-FRA

GET
H2 200 logo.svg
www.hbsslaw.com/sites/all/themes/law/ 6 KB
2 KB 62ms
40ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcef3b9770287ff1b935dd9c3b0c42513aa9bafd43197e315ecd8a2c6657060c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/all/themes/law/logo.svg
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 179
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be267d00002c3af1330000000001
x-request-id: v-471b4380-a759-11eb-b5af-6f3e1c03acb6
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb72b762c3a-FRA
expires: Tue, 11 May 2021 13:05:45 GMT

GET
H2 200 Whistle_0.jpeg
www.hbsslaw.com/sites/default/files/2021-02/ 5 MB
5 MB 986ms
965ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/2021-02/Whistle_0.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d18426eac41a1eee3a3a5b04d62e6160172d2f94e1d9237fbe6e7098584e9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-02/Whistle_0.jpeg
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-cache-hits: 4
x-ah-environment: prod
vary: Accept-Encoding
content-length: 5086579
cf-request-id: 09e8be268000002c3a3ca97000000001
x-request-id: v-c1bcc68c-ad8e-11eb-80c0-73ff85baacd7
last-modified: Thu, 25 Feb 2021 17:00:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb72b7b2c3a-FRA
expires: Wed, 19 May 2021 10:43:41 GMT

GET
H2 200 100-most-influential-lawyers-in-america.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 23 KB
24 KB 43ms
22ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/100-most-influential-lawyers-in-america.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0202e3eb351a553c0a62ec12b357425f66494259fea5e3f5aee204b6321f5d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/100-most-influential-lawyers-in-america.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 141
x-ah-environment: prod
vary: Accept-Encoding
content-length: 23879
cf-request-id: 09e8be267d00002c3a30b94000000001
x-request-id: v-48689788-9c4b-11eb-9665-632251ecf232
last-modified: Tue, 26 May 2020 14:05:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb72b7c2c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 500-leading-lawyers-in-america.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 26 KB
26 KB 50ms
29ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/500-leading-lawyers-in-america.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a485f2ef59b9c933fed06c3440b12ee98b50f7e42065064a586da8232cff19f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/500-leading-lawyers-in-america.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 169
x-ah-environment: prod
vary: Accept-Encoding
content-length: 26793
cf-request-id: 09e8be267d00002c3aaf06a000000001
x-request-id: v-12947e08-9c53-11eb-85c2-7b367373e9c1
last-modified: Tue, 26 May 2020 14:07:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb72b7e2c3a-FRA
expires: Tue, 11 May 2021 12:40:51 GMT

GET
H2 200 titans-of-the-plaintiffs-bar.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 11 KB
11 KB 62ms
41ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/titans-of-the-plaintiffs-bar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a75c450e483b341b83ace34bd3cf3663d96d1fe54aa435eabe7e3c29b4aa2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/titans-of-the-plaintiffs-bar.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 158
x-ah-environment: prod
vary: Accept-Encoding
content-length: 11457
cf-request-id: 09e8be267d00002c3af90c5000000001
x-request-id: v-e4722bf8-9c5f-11eb-8351-a3fca6deb1a0
last-modified: Tue, 26 May 2020 14:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb72b812c3a-FRA
expires: Tue, 11 May 2021 15:48:16 GMT

GET
H2 200 elite-trial-lawyers.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 21 KB
21 KB 28ms
27ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/elite-trial-lawyers.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7dd11934e86e14b0c123680875ce066e6daa4d16a0bfb28c1aa95e08a983f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/elite-trial-lawyers.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 158
x-ah-environment: prod
vary: Accept-Encoding
content-length: 21016
cf-request-id: 09e8be269300002c3a23911000000001
x-request-id: v-eb3bfafe-9c7d-11eb-bdcd-f320938a55dc
last-modified: Tue, 26 May 2020 13:59:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb75bdf2c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 trailblazers.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 16 KB
16 KB 42ms
42ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/trailblazers.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683565ce7a9bce8dab8f70b9ea025f589c6948edc6ee3ca8ccf7271ca6922c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/trailblazers.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 179
x-ah-environment: prod
vary: Accept-Encoding
content-length: 16083
cf-request-id: 09e8be269b00002c3aee391000000001
x-request-id: v-933d6988-9c36-11eb-ad84-13aaecd61aab
last-modified: Tue, 26 May 2020 14:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb75bfe2c3a-FRA
expires: Tue, 11 May 2021 12:41:00 GMT

GET
H2 200 plaintiffs-hot-list.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 17 KB
17 KB 38ms
24ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/plaintiffs-hot-list.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61df852b3a88cd42ae75991239f54c87cbb7e57f96b5973abe8068b409803fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/plaintiffs-hot-list.png
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 180
x-ah-environment: prod
vary: Accept-Encoding
content-length: 17079
cf-request-id: 09e8be26b500002c3a419ae000000001
x-request-id: v-12970218-9c53-11eb-a8d1-77806106e842
last-modified: Tue, 26 May 2020 14:00:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb78c6c2c3a-FRA
expires: Tue, 11 May 2021 13:53:05 GMT

GET
H2 200 uk-flag-30.jpg
www.hbsslaw.com/sites/default/files/graphics/ 1 KB
2 KB 25ms
23ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/graphics/uk-flag-30.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2909d4f73e40d0a57c97bc900cf5c1b135abea34872dd860a6707705cb442b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/graphics/uk-flag-30.jpg
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
last-modified: Mon, 21 Sep 2020 02:37:31 GMT
x-cache-hits: 168
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 1460
cf-request-id: 09e8be26b500002c3a3ca9e000000001
x-request-id: v-933cc960-9c36-11eb-9787-eba2820fdbdd
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb78c702c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 email-decode.min.js Show response
www.hbsslaw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
823 B 11ms
10ms Script
application/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
etag: W/"608bc887-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 64baffb3a9c02c3a-FRA
vary: Accept-Encoding
cf-request-id: 09e8be244b00002c3ad3bad000000001
expires: Sun, 09 May 2021 14:04:40 GMT

GET
H2 200 js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js Show response
www.hbsslaw.com/sites/default/files/js/ 1 MB
289 KB 29ms
29ms Script
text/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/js/js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d66d6164a77d7b507bfa1362be533f4506c894f17ac309c4ff251b88b052492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7834
x-cache: HIT
x-cache-hits: 136
x-ah-environment: prod
vary: Accept-Encoding
content-length: 295712
cf-request-id: 09e8be244b00002c3ab7931000000001
x-request-id: v-931a1622-9c36-11eb-9d10-1bc91c20952a
last-modified: Tue, 30 Mar 2021 21:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb3a9c12c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css
www.hbsslaw.com/sites/default/files/css/ 4 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d01aacb9837a1b4cfb80ea22424285a630747175a3309675447bd0da616ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7835
x-cache: HIT
x-cache-hits: 135
x-ah-environment: prod
vary: Accept-Encoding
content-length: 1081
cf-request-id: 09e8be272500002c3ad9877000000001
x-request-id: v-933b58dc-9c36-11eb-b7ea-5f2fcba1b506
last-modified: Wed, 24 Mar 2021 04:45:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb83e352c3a-FRA
expires: Tue, 11 May 2021 12:41:24 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 103ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51660
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 wiv.js Show response
iptrack.io/api/v1/ 2 KB
1 KB 177ms
18ms Script
text/javascript 185.43.144.18
SOVEREIGN

General

Check archive.org

Show headers Download Go to

Full URL: https://iptrack.io/api/v1/wiv.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.43.144.18 London, United Kingdom, ASN199766 (SOVEREIGN, GB),
Reverse DNS: www.sovereign-plc.co.uk
Software: Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash: 60892bdfb246e60441d0e15ea35c220ad27de1cbfdb57f6f6efa931c5ed1046e

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET, ARR/3.0, ASP.NET
content-length: 1240
vary: Accept-Encoding
content-type: text/javascript

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 331ms
93ms Script
text/html 50.19.224.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.224.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-224-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.min.js Show response
app.termly.io/ 41 KB
16 KB 152ms
13ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed4d34b5d65315493af1084d5e41925b678c46e8d51ba37ff69fc1f232472fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3249
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-a38f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8be26f30000537323150000000001
cf-ray: 64baffb7e95c5373-FRA

GET
H2 200 211194771801150 Show response
form.jotform.com/ Frame 4D42 58 KB
10 KB 197ms
112ms Document
text/html 35.201.118.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/211194771801150
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2 /
Resource Hash: 84af298a88498d364cdbbf8d1ad819ecdaaf03a131c9148760ee4997599394e7

Request headers

:method: GET
:authority: form.jotform.com
:scheme: https
:path: /211194771801150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hbsslaw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hbsslaw.com/

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2
vary: Accept-Encoding
date: Fri, 07 May 2021 14:04:41 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 facebook.svg
www.hbsslaw.com/sites/all/themes/law/images/ 1 KB
714 B 25ms
23ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/facebook.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c623cb4efad1539745030ae09338a4933de102c0fdb3794fb7945b62206577bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/facebook.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7833
x-cache: HIT
x-cache-hits: 226
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be26b500002c3a281b9000000001
x-request-id: v-3625b102-9c35-11eb-9367-c7d4cd96df0b
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb78c712c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 twitter.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/twitter.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a0e806e84b38c432b4d3849972f62b585a1a729b446b070ba0e57c0e819600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/twitter.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7833
x-cache: HIT
x-cache-hits: 305
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be26c500002c3a1d971000000001
x-request-id: v-69aa0f44-a759-11eb-a9de-634229b7270b
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb7ac982c3a-FRA
expires: Tue, 11 May 2021 13:06:43 GMT

GET
H2 200 youtube.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
1004 B 69ms
19ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/youtube.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd2f280c8d3474c71c57445945a40009013ff9e4e3081fcfe4b03fde7011a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/youtube.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7833
x-cache: HIT
x-cache-hits: 199
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be270700002c3a1a15d000000001
x-request-id: v-1248ee92-9c5e-11eb-97e1-afa86a5a8cb2
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb80db92c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 linkedin.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
949 B 77ms
28ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/linkedin.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9478fbc901b65171eb9f640768880e86928545cc44dc8f4ca672a85e612e69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/linkedin.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106584
x-cache: HIT
x-cache-hits: 249
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be270700002c3afe3eb000000001
x-request-id: v-f1321d56-a73d-11eb-b303-eff48ed0eba9
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb80dbc2c3a-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 search.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
1 KB 84ms
35ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/search.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e5cf9ed950c66e71444d25b87a9efe55970bd13f13a1cf99208dbee0ffb500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/search.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7833
x-cache: HIT
x-cache-hits: 253
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be270700002c3afb957000000001
x-request-id: v-99d9256c-a757-11eb-b6f0-470928fcc5dd
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb80dbf2c3a-FRA
expires: Tue, 11 May 2021 12:53:45 GMT

GET
H2 200 close.svg
www.hbsslaw.com/sites/all/themes/law/images/ 1 KB
693 B 64ms
35ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/close.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f0d3c8a81b972403831aa33843c4dffb5f95ac4078c2cce1328d8c11665498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
:path: /sites/all/themes/law/images/close.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106584
x-cache: HIT
x-cache-hits: 209
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be270d00002c3a40a1c000000001
x-request-id: v-d1d38004-a755-11eb-bff4-0b00491245b2
last-modified: Sat, 03 Oct 2020 04:18:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffb80dc62c3a-FRA
expires: Tue, 11 May 2021 12:40:59 GMT

GET
H2 200 BLOG-HERO.jpg
www.hbsslaw.com/sites/default/files/2020-05/ 61 KB
61 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/2020-05/BLOG-HERO.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fa0404437de19a0c6e3e649e87a7916f95a5d2c9e143efcfb075d2710d7428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2020-05/BLOG-HERO.jpg
pragma: no-cache
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:41 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54458
x-cache: HIT
last-modified: Tue, 26 May 2020 13:22:14 GMT
x-cache-hits: 28
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 62507
cf-request-id: 09e8be271c00002c3ace0c5000000001
x-request-id: v-9c7a9888-ab2a-11eb-975a-83a446a7e38f
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64baffb82e192c3a-FRA
expires: Sun, 16 May 2021 09:41:46 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@300;400;600;700;800&family=Oswald:wght@300;400;500;600;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 230429
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 04 May 2022 22:04:12 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 446463
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 303244
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 04 May 2022 01:50:37 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:17:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 308819
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Wed, 04 May 2022 00:17:42 GMT

GET
H2 200 62907196919167 Show response
form.jotform.com/ Frame 7A28 30 KB
6 KB 123ms
123ms Document
text/html 35.201.118.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/62907196919167
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2 /
Resource Hash: 828f3770e29f965612ea39410bc9f76107c0ee1fea6472893941d2afe84a11b1

Request headers

:method: GET
:authority: form.jotform.com
:scheme: https
:path: /62907196919167
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hbsslaw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hbsslaw.com/

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2
vary: Accept-Encoding
date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK st.js Show response
s.swiftypecdn.com/install/v2/ 415 KB
110 KB 89ms
37ms Script
text/javascript 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d5d204d662ae2f90464bee6d1e1d645169851dfab39948b23a18da5a8584585

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:04:42 GMT
Content-Encoding: gzip
Age: 299
X-Cache: HIT
Connection: keep-alive
Content-Length: 112086
X-Served-By: cache-fra19149-FRA
Access-Control-Allow-Origin: *
X-Timer: S1620396282.270836,VS0,VE0
ETag: "5fb57a29-1b5d6"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=300, public, max-age=300, public
Accept-Ranges: bytes
X-Cache-Hits: 19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
38 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

330908eb91c97754c77225b90ff2c88b045132307c537a8c94ace0033159307b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38462
x-xss-protection: 0
last-modified: Fri, 07 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 May 2021 14:04:42 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e47494d5792b5b4/ 2 KB
721 B 883ms
858ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e47494d5792b5b4/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-85-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8426a5b2572b374f61df0fcfe38c7a57ee0ed672d68be9a47434f434af872b9b

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
content-encoding: gzip
etag: 1685711743--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=54, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 545

GET
H3-29 200 379.embed.min.js Show response
app.termly.io/ 155 KB
47 KB 142ms
66ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/379.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ad0389f416cbef5a0417c7123a02a66482fd042491e765bf0c00aff099df6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3236
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-26bd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8be2a4e00009704f3206000000001
cf-ray: 64baffbd3e4b9704-FRA

GET
H3-29 200 644.embed.min.js Show response
app.termly.io/ 161 KB
33 KB 132ms
56ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/644.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84a304dc1078de8464ae8dcc657310754618d4df3a51ec2de038c0f209c29de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3236
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-28512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8be2a4e0000970410a49000000001
cf-ray: 64baffbd3e4a9704-FRA

GET
H2 200 who.ashx
dashboard.whoisvisiting.com/ 631 B
892 B 118ms
29ms Image
image/jpg 185.43.144.18
SOVEREIGN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashboard.whoisvisiting.com/who.ashx?Type=Hit&Data=1600|1200|https%3A%2F%2Ft.co%2F|5690634ca5654a84ab271c78a2a27412|https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons|Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.43.144.18 London, United Kingdom, ASN199766 (SOVEREIGN, GB),
Reverse DNS: www.sovereign-plc.co.uk
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:41 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 631
expires: -1

GET
H2 200 formCss.css
cdn.jotfor.ms/static/ Frame 4D42 66 KB
15 KB 245ms
195ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/formCss.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a4f0000d6f162a44000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-1070a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=laS46zC2jeg6J7KA4%2BzA%2F7TfSXvM%2F9ety4KT720Zwfjsq4ZhFBezvuTNDOulXAgI1mDrdQp5MSUo58hiQ7nuHomaNAzDqKVcR83wRBgxDCYX8VtGtHQBCDiR"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd4b15d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nova.css
cdn.jotfor.ms/css/styles/ Frame 4D42 31 KB
6 KB 197ms
147ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a500000d6f1d03b9000000001
last-modified: Mon, 22 Mar 2021 06:51:34 GMT
server: cloudflare
etag: W/"60583e76-7cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=El37vB3Fjmtg4dvM6xhu%2BNKeG9H%2FMTWGkNaNgIOU%2FtixuVhVLjY0OKDISAGfJweQdWs86WsDyEuWuqbVDWHMVEn9fBPruuif8mWnNkUdGHIaiD9Ikm2CNdz6"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd4b18d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ Frame 4D42 13 KB
3 KB 182ms
133ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?themeRevisionID=59fb4852cf3bfe589c6c6f21
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9e007b97c4a9244efb5159e59341907269eca4a4e0071eeac001f271c6c00a

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
cf-request-id: 09e8be2a500000d6f11a34b000000001
pragma: no-cache
last-modified: Thu, 02 Nov 2017 16:31:14 GMT
server: cloudflare
etag: W/"bc25fa0db8eacbae384c894de4d31e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tVAxg79o1L%2Fd033z7P9JTcxEdAMmlcTR7jYvx6URJL6DBAF0gUqS%2BpMyEk6SO4ULYXupMRiRMvJ2FsjwPUaKsrN2z7o8csx17AeNcjz8dlwtV8mESNQ3CaoZ"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 64baffbd4b1dd6f1-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_feature.css
cdn.jotfor.ms/css/styles/payment/ Frame 4D42 36 KB
6 KB 219ms
170ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/payment/payment_feature.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a510000d6f1930c7000000001
last-modified: Wed, 05 May 2021 12:54:28 GMT
server: cloudflare
etag: W/"60929584-8efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BwLRIbIuOSqTmTRV1ajuGyMrq%2FEW9DrbJEbsgyFw3NtZygH1jIjfUUg%2BZ4tb2XCKMuz8Jgi4Y4d3MO0EAsh667ACk85jb30LkbR2cz5b0V1KblxPpAxNovuW"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd4b20d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-submit-button-simple_blue.css
www.jotform.com/themes/css/buttons/ Frame 4D42 2 KB
1 KB 188ms
139ms Stylesheet
text/css 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/themes/css/buttons/form-submit-button-simple_blue.css
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815b4d0911bf35897ca426c27905c5dd1cc0d5e7757a0095ad4a9206e44e7aa6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2a5000004e07b7b96000000001
last-modified: Mon, 15 Jun 2020 10:31:25 GMT
server: cloudflare
etag: W/"5ee74dfd-8ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64baffbd4f474e07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.min.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 4D42 3 KB
2 KB 24ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/211194771801150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1278091
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1365
cf-request-id: 09e8be2a2300004ec766048000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yaiFDBtKxW4Kl2%2Bgrg7YZXAHJNENyA0TPYb8OrKo%2FZBsN2vWidRkFILlhNYBiMRpbpzuDdg5wy%2BWrP9W09b6p28T4cKVuHbjjQcHbGP%2BhxcAkItVsqPfS%2BRZLHvQfAW8Ww%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64baffbd0f6c4ec7-FRA
expires: Wed, 27 Apr 2022 14:04:42 GMT

GET
H2 200 prototype.forms.js Show response
cdn.jotfor.ms/static/ Frame 4D42 126 KB
32 KB 76ms
27ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/prototype.forms.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3949345
content-encoding: br
cf-request-id: 09e8be2a510000d6f1bf324000000001
last-modified: Mon, 22 Mar 2021 18:53:31 GMT
server: cloudflare
etag: W/"6058e7ab-1f8b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M5jIodZ0LIIl16EoLKYuBrCfzL%2B%2BAvs2Oaiwhb3cZKbpWa3FUTqvuA4oANsLNfJv8P9e4OChPFDEKqJ33ps9JuP60PBTXf4WYf2CAwgYf1ELStzbrG8%2FNsFJ"}],"max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 64baffbd4b23d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn.jotfor.ms/static/ Frame 4D42 508 KB
126 KB 197ms
149ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/jotform.forms.js?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a520000d6f15a3de000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-7f1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7YReO7TuwthwQd4L3xibdPsvzLSwinZhrtLZWJ%2BYrl29PYHje2vRTTIxWcdq37kuT7G9vi389KXdMPO9hVMLhQ2JiJz%2BBS8v6VAYBZQxCGX3bRjXNxLBizu"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64baffbd4b24d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postMessage.js Show response
js.jotform.com/vendor/ Frame 4D42 6 KB
2 KB 219ms
171ms Script
application/x-javascript 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/vendor/postMessage.js?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2a5000004a9e558ff000000001
x-static: 1
last-modified: Fri, 03 May 2019 10:43:50 GMT
server: cloudflare
etag: W/"5ccc1b66-16bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64baffbd4c624a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WidgetsServer.js Show response
js.jotform.com/ Frame 4D42 30 KB
10 KB 210ms
162ms Script
application/x-javascript 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/WidgetsServer.js?v=1620145059364
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de45a20fdccbf0c273572cac4ff78ac5b8727cf90ce4d58333b33c6d62895de

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2a5100004a9e5c14d000000001
x-static: 1
last-modified: Sun, 18 Apr 2021 18:17:58 GMT
server: cloudflare
etag: W/"607c77d6-781e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64baffbd4c694a9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/getReferrer/min/ Frame 4D42 898 B
1 KB 175ms
127ms Script
application/x-javascript 2606:4700:20::681a:4e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b61a86f5bf77e90dc8ed1697213fc409ba249ff7793614804c64adccf166105

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8be2a5100004e32d09d8000000001
x-static: 1
last-modified: Thu, 02 May 2019 12:29:42 GMT
server: cloudflare
etag: W/"5ccae2b6-382"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qTlzI00remF8HCHdKCLAammlc20U5Ffg4oZQTo3iDqXZ3do9yM6FCliEyYAj6l8kjlb2lp%2BQIM0c78IbBjDKJT%2B0lqnBiX220mqavpaqfPcBcdd6IIZUnjjyFh%2FKhvs%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64baffbd48d04e32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/getParentUrl/min/ Frame 4D42 1 KB
881 B 215ms
167ms Script
application/x-javascript 2606:4700:20::681a:4e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8be2a5d00004e32813b4000000001
x-static: 1
last-modified: Mon, 09 Nov 2020 08:34:18 GMT
server: cloudflare
etag: W/"5fa8ff0a-497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ls5LiAXtok8dRtXhcOCee2Cue8F5%2Bxip2L8H0kKuZhkTzMscULhjD9vr1sUDGX42NCNYa0Ta9Q2TkWdcp06D%2FGSunFmg5K2fPNDqCO1hMwRAIgBOH3%2B3ma90051jW0s%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64baffbd48d34e32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
widgets.jotform.io/googleanalytics/ Frame 4D42 194 B
424 B 196ms
149ms Script
application/x-javascript 2606:4700:20::681a:4e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/googleanalytics/scripts.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8be2a5100004e32d00fd000000001
x-static: 1
last-modified: Thu, 02 May 2019 12:29:42 GMT
server: cloudflare
etag: W/"5ccae2b6-c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xRTDD1AwzmIxv7xIt1SjNkPgLB6ATHGhyK88DkqTWFKYfebAg7aDd7oHFCl9h%2Fn3KILdhPua92atR6x5OhBnQ5CZPmalmzStxZdzjesIxIfHWVnCvor3tHw%2FfEyLPCU%3D"}],"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64baffbd48d44e32-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 printForm.css
cdn.jotfor.ms/css/ Frame 4D42 456 B
673 B 132ms
131ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/printForm.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2d670000d6f16a212000000001
last-modified: Thu, 16 May 2019 07:50:58 GMT
server: cloudflare
etag: W/"5cdd1662-1c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3gQigtBEzV6aFTaX2rqfcQzuldPwVIHxZBHborBn0e6coNJfd28Y15ndsetlTfTDmP4v5wCwOxETEiyGVr9dvav8Dqz7M6wOQXrbkuHGftjGDhj6UdeNOgek"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc23da8d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK XVSXgYsTzzyPUxL3M5An.json Show response
s.swiftypecdn.com/install/v2/config/ 19 KB
5 KB 401ms
345ms XHR
application/json 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/XVSXgYsTzzyPUxL3M5An.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22fbee4a9b5eb45c3849b5181c8323fe16e1e0606c8c962b0cadb9bb7bd33a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Swiftype-Backend-Region: dal
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding, Origin
Content-Length: 4085
X-XSS-Protection: 1; mode=block
X-Request-Id: 160d210973b9d66884b260a9ccdcc5b5
X-Swiftype-Backend-Datacenter: dal12
X-Runtime: 0.188312
Access-Control-Allow-Origin: *
Last-Modified: Mon, 02 Oct 2017 15:44:25 GMT
X-Swiftype-Backend-Node: app-website02b.dal12
X-Timer: S1620396283.511603,VS0,VE321
X-Frame-Options: SAMEORIGIN
Date: Fri, 07 May 2021 14:04:42 GMT
X-Served-By: cache-fra19127-FRA
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Via: 1.1 varnish
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Access-Control-Allow-Credentials: true
ETag: W/"026ceecc73fbc49f186f179739d4bcc9"
Accept-Ranges: bytes
X-Rack-Cache: pass
X-Cache-Hits: 0

GET
H2 200 formCss.css
cdn.jotfor.ms/static/ Frame 7A28 66 KB
15 KB 167ms
163ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/formCss.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a580000d6f19c018000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-1070a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UcjnArovL3HSdOXJqvaN53vCpvdZQlXIcMWRpWO%2FFr2BHNXAmBAQtJ4BlbZm2UFDegw28K5JRib1wNArKFqIqTOI7r8zVmetUX5dNQbFrybSQ1VPd3kthu33"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd5b31d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nova.css
cdn.jotfor.ms/css/styles/ Frame 7A28 31 KB
6 KB 184ms
180ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a580000d6f1acb85000000001
last-modified: Mon, 22 Mar 2021 06:51:34 GMT
server: cloudflare
etag: W/"60583e76-7cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EvGM4h0b6O0TfZBZ4bw8IDYNoIWoZhrBapq6QEqDY85cPWpohSGBB57%2FZvKX4j79JOgVfVgXAtIW4ckzscG0bggy0oWzRQBgyKonI%2FSafzhfYttM8XF3RukP"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd5b35d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ Frame 7A28 13 KB
3 KB 146ms
142ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
cf-request-id: 09e8be2a580000d6f14a3fe000000001
pragma: no-cache
last-modified: Thu, 24 Sep 2020 07:36:35 GMT
server: cloudflare
etag: W/"cbc5f2f3554f28da655f17836110d89a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=buaN3eekFh8FtVR%2FI0RRQfKpWK%2BL2hllAYNLsFgv6PTiX4j%2BTBCllpS1W4s6kNgPJ2yFEq7r5ZenA1y%2B6F0ff1KCAFzNrJprDLEfP9R8ZSzZ%2FAnLLeNv%2BKFR"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 64baffbd5b38d6f1-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_feature.css
cdn.jotfor.ms/css/styles/payment/ Frame 7A28 36 KB
6 KB 167ms
163ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/payment/payment_feature.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a590000d6f125938000000001
last-modified: Wed, 05 May 2021 12:54:28 GMT
server: cloudflare
etag: W/"60929584-8efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cE1cChAx0Q51QDVfZQOq%2Bxp%2B48TghZPdN%2B1N%2B8vmqBuUJRp8A4%2BvOlRLqrJ9U8n0F2CeeCMBgMVep%2BCQBPN%2FbeUf9KKcOUuV8%2BWWrRygCqKxum%2FmWXwHi20W"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffbd5b39d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-submit-button-simple_orange.css
www.jotform.com/themes/css/buttons/ Frame 7A28 2 KB
618 B 138ms
134ms Stylesheet
text/css 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/themes/css/buttons/form-submit-button-simple_orange.css
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ef139510911c487b640972a830e47cf6626be0322694e085cd8e547295eac0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2a5700004e0797bff000000001
last-modified: Mon, 15 Jun 2020 10:31:25 GMT
server: cloudflare
etag: W/"5ee74dfd-8a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64baffbd5f6d4e07-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 punycode.min.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 7A28 3 KB
2 KB 27ms
24ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/62907196919167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1278091
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1365
cf-request-id: 09e8be2a5900002c3e93aaf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FBZTbs36My7FvrOylO6nfYyG4BZ0tzHse1bxyGw56iDDtqrFCkUmYyPc9qi0smQyfYyRgt36lR7dfkmwQC1XubiwwJYaduFyHYJ9ju7hLHObiD%2FwFbhAk8HSJtp6h4BdCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64baffbd5f202c3e-FRA
expires: Wed, 27 Apr 2022 14:04:42 GMT

GET
H2 200 prototype.forms.js Show response
cdn.jotfor.ms/static/ Frame 7A28 126 KB
32 KB 29ms
27ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/prototype.forms.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3949345
content-encoding: br
cf-request-id: 09e8be2a590000d6f1930c8000000001
last-modified: Mon, 22 Mar 2021 18:53:31 GMT
server: cloudflare
etag: W/"6058e7ab-1f8b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8bK0XlrhMIL4bACqyQiQezRu6crlfrTgp2AjPQpmaR%2FkWURUv44RdDSM2pHwNuTXZ%2BCzlmKlgqFyPm8Sct2p4QZ6JgZxbukYrIVrahIjUVEx620GA4BxwsgE"}],"max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 64baffbd5b3ad6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn.jotfor.ms/static/ Frame 7A28 508 KB
126 KB 163ms
162ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/jotform.forms.js?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2a590000d6f1c8921000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-7f1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CqC%2Fi9uX086d%2FQckRXqQihELJwn4u9QRFQ962mfnGulEOHwDeZr8o1RUa83nyUUe0uAtPC1PZzvuGen9%2BD8gsgo4RFsJIunJNaDSfdoxWnXE1d2stEQnUSqp"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64baffbd5b3dd6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 printForm.css
cdn.jotfor.ms/css/ Frame 7A28 456 B
547 B 131ms
130ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/printForm.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2d6c0000d6f10ba98000000001
last-modified: Thu, 16 May 2019 07:50:58 GMT
server: cloudflare
etag: W/"5cdd1662-1c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r9fNLPtrMTio1gjYNykfHwLg%2BV%2BXMukVzLr08CxFwNLd1n1mLUHnwEsQgHdZShrJfd69LXYklbXhany%2FcKB6DrTT5lOqmJlr3XZU7o1PQX3u3%2FzRUUDhwAW%2F"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc24dbfd6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2086
date: Fri, 07 May 2021 13:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 15:29:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 100ms
38ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13939
x-xss-protection: 0
server: cafe
etag: 16751590114636182394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 May 2021 14:04:42 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 26ms
25ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/ii94IefCdE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: NLEANi51Arcz7wOeYaJL30MaGAp3ErnsknMrc+zStGLjpjTod+QICbuzo5KEbUzUTnkR6FnpIA4QU+M/PpUgCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 07 May 2021 14:04:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=123595033&gjid=410986306&_gid=1041667415.1620396283&_u=YGBAgAABAAAAAE~&z=1793894891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 May 2021 14:04:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1071040979&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=811616059&gjid=1983000578&cid=1749898811.1620396283&tid=UA-2307371-2&_gid=1041667415.1620396283&_r=1&gtm=2wg4s0MVR447J&z=1194992667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1071040979&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=123595033&gjid=410986306&cid=1749898811.1620396283&tid=UA-2307371-2&_gid=1041667415.1620396283&gtm=2wg4s0MVR447J&z=978739842

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 10:14:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13801
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1071040979&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=1749898811.1620396283&tid=UA-2307371-2&_gid=1041667415.1620396283&gtm=2wg4s0MVR447J&z=1282038190

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 10:14:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13801
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 120ms
27ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=123595033&_u=YGBAgAABAAAAAE~&z=1207832426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 123ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=123595033&_u=YGBAgAABAAAAAE~&z=1207832426

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 77ms
17ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=811616059&gjid=1983000578&_gid=1041667415.1620396283&_u=YGDAAEABAAAAAG~&z=976700920

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 May 2021 14:04:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 515415048606248 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 112ms
90ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515415048606248?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d775fdf09e5e69833bf0efd07cad8489bb287d64ff77ae1a6d684cbba907c0c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Tcl4Ot1vo1/gk7TyyElN3WWeuNpeUrtng1KnISZTIFXRmFhTtoULEsrOxUqSIcCiKBAfQ9AfXMZ0RWBlBVrGhA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 07 May 2021 14:04:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ab4d583d-82bd-4178-a4e5-4026a78e016d Show response
app.termly.io/api/v1/snippets/websites/ 3 KB
2 KB 653ms
652ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f66b6b2cfb9dbf8f7f809afea348897644ca3601b68b8e9efa3aba8387f980

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cf078976-1004-4bf4-a131-cbb4c43fe916
x-runtime: 0.003875
server: cloudflare
etag: W/"21f66b6b2cfb9dbf8f7f809afea34889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=10
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8be2c94000005f14fa3e000000001
cf-ray: 64baffc0ee4e05f1-FRA
access-control-expose-headers

GET
H3-29 200 ip Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ 120 B
859 B 214ms
213ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ip?random-uuid=33797aca-2a8a-1dd8-5cf5-06a307c9de7c

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: afaf58ac-eda1-40b4-a8b5-522ad1558d29
x-runtime: 0.002654
server: cloudflare
etag: W/"cf6d01ec98c7803b37e801273c65f676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=3600
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8be2c93000005f1098d7000000001
cf-ray: 64baffc0ee4a05f1-FRA
access-control-expose-headers

OPTIONS
H3-29 200 ab4d583d-82bd-4178-a4e5-4026a78e016d
app.termly.io/api/v1/snippets/websites/ Frame 0
0 286ms
263ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d

Protocol

H3-29

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8be2b8c000005f134873000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64baffbf4a3805f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3-29 200 ip
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ Frame 0
0 284ms
262ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ip?random-uuid=33797aca-2a8a-1dd8-5cf5-06a307c9de7c

Protocol

H3-29

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8be2b8f000005f12293a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64baffbf4a3c05f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 appointmentSlots.css
cdn.jotfor.ms/css/styles/ Frame 4D42 19 KB
5 KB 141ms
136ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/appointmentSlots.css?v=0.13
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2c7d0000d6f18d0f0000000001
last-modified: Tue, 30 Mar 2021 17:24:41 GMT
server: cloudflare
etag: W/"60635ed9-4dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2BzdgZ2GfUhu9UZii0I9oU44yBkGtltzmqFQP947Azu5Z3V2AgRlCILTC89QByWqL717AjIWw2is7NHqlSel5ID4FryBUw6v5SJhmH3n7orqoAaQYH%2Bhh430"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc0ca7ed6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ Frame 4D42 26 KB
4 KB 139ms
135ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/control_inline/control_inline.css?v=0.3
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2c7e0000d6f1729b1000000001
last-modified: Fri, 19 Mar 2021 07:01:04 GMT
server: cloudflare
etag: W/"60544c30-69e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=esFowtMAEfHKC%2FvPqOabws3YPgA6DwJT6MeXbQ969DCIBRGIREwwGQfgSlwtYXbuZQhJfLFFvdHGzcmtb2eAlM71Isq58vExtir94l5ykHRe2ZBTkgaSkZ%2Bm"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc0ca86d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 appointmentSlots.css
cdn.jotfor.ms/css/styles/ Frame 7A28 19 KB
5 KB 156ms
152ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/appointmentSlots.css?v=0.13
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2c930000d6f1df064000000001
last-modified: Tue, 30 Mar 2021 17:24:41 GMT
server: cloudflare
etag: W/"60635ed9-4dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s4Iu4m5gymRvySz8SgCPgG0vgThTfL0CoiwbcsZoHGYJymLHmr2VWa4y7u9OqjkCiRfNJ7raRN%2BoSyKZ7%2FDSQlU6WwOY%2FNYbkk8uN8BKtVCz7utzU4HKabst"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc0eab9d6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ Frame 7A28 26 KB
4 KB 143ms
141ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/control_inline/control_inline.css?v=0.3
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09e8be2c930000d6f1bf356000000001
last-modified: Fri, 19 Mar 2021 07:01:04 GMT
server: cloudflare
etag: W/"60544c30-69e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2JewhniLqnkPSvH3JEjv4RVZc1w0A3F7fKVLBKhc5fu3nJuwWR%2FKujLb%2Bd1Fxm7uFMaGxgXbyAP2iDG7KHCErXul2DAUN94%2B6cH3vJZCVp2T60V%2BuMwnM0hh"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64baffc0eabcd6f1-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
38ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=811616059&_u=YGDAAEABAAAAAG~&z=742945984

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
39ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=1749898811.1620396283&jid=811616059&_u=YGDAAEABAAAAAG~&z=742945984

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK new_embed-20cee04df5c6e7e2687598f076a0147d.css
s.swiftypecdn.com/assets/ 89 KB
34 KB 25ms
24ms Stylesheet
text/css 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-20cee04df5c6e7e2687598f076a0147d.css
Requested by: Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 291b8f746f5fb8ef8dff392fee9cfabc7921aec0335fc4e15cd2633aeb383db2

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:04:43 GMT
Content-Encoding: gzip
Age: 62331
X-Cache: HIT
X-Cache-Hits: 1475
Connection: keep-alive
Content-Length: 33977
X-Served-By: cache-fra19149-FRA
Access-Control-Allow-Origin: *
X-Timer: S1620396283.099520,VS0,VE0
ETag: "5d5f00b5-84b9"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Fri, 06 May 2022 20:45:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072104079/ 3 KB
1 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072104079/?random=1620396283226&cv=9&fst=1620396283226&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcf7e0782a08c1d9b868ea004d09fb95557407d0b2bf868ab6d80f2eb31b6eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 24ms
24ms Image
image/gif 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515415048606248&ev=PageView&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1620396283296&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620396283271.1593056885&it=1620396282621&coo=false&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 07 May 2021 14:04:43 GMT

GET
H2 204 /
events.jotform.com/form/62907196919167/ Frame 7A28 0
320 B 149ms
147ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/62907196919167/?ref=https%253A%252F%252Fwww.hbsslaw.com%252F&res=1600x1200&eventID=1620396283457_62907196919167_C4m1YV6&loc=undefined
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 07 May 2021 10:04:43 GMT
server: cloudflare
access-control-allow-headers: origin, content-type, accept
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 64baffc3a9a74e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2e4900004e07908b6000000001
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 28ms
27ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 07 May 2021 14:04:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 4D42 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/211194771801150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2087
date: Fri, 07 May 2021 13:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 15:29:56 GMT

GET
H2 204 /
events.jotform.com/form/211194771801150/ Frame 4D42 0
65 B 143ms
139ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/211194771801150/?ref=https%253A%252F%252Fwww.hbsslaw.com%252F&res=1600x1200&eventID=1620396283495_211194771801150_O2t91II&loc=undefined
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 07 May 2021 10:04:43 GMT
server: cloudflare
access-control-allow-headers: origin, content-type, accept
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 64baffc3ea504e07-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8be2e7200004e079e142000000001
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 415ms
132ms Image
image/gif 169.63.31.200
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=zsuMgixDyE-pE8gMn2NN&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&r=https%3A%2F%2Ft.co%2F
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 169.63.31.200 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: c8.1f.3fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:04:43 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 14:04:42 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1072104079/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072104079/?random=1620396283226&cv=9&fst=1620396000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&async=1&fmt=3&is_vtc=1&random=3874326758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1072104079/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072104079/?random=1620396283226&cv=9&fst=1620396000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&async=1&fmt=3&is_vtc=1&random=3874326758&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:04:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 76.f5e4c5ee6c10bf566157.js Show response
s7.addthis.com/static/ 576 B
609 B 45ms
44ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/76.f5e4c5ee6c10bf566157.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d4c129101af92fc044d9bc487a90fac991546374fccca5d60b38ba5fca37188f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-240"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 07 May 2021 14:04:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 369

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
362 B 179ms
176ms XHR
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:00:00 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:04:43 GMT
content-type: application/json
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
388 B 199ms
197ms Script
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&callback=_ate.cbs.rcb_clwh0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

4235848083b253172584f6d6775ba7e42442b90da111584f76c3253bf5c63b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:04:43 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:04:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
388 B 207ms
205ms Script
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&callback=_ate.cbs.rcb_d5fk0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

b7d69b2cf3c7714fbfff13b11167b17104be59fd611d96307ed79f2b87343b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:04:43 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:04:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

OPTIONS
H3-29 200 statistics
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ Frame 0
0 185ms
185ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/statistics

Protocol

H3-29

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8be2f49000005f1229ae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64baffc54a5905f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 201 statistics Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ 3 B
786 B 258ms
258ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:04:44 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b8b828d4-7804-4139-bd6d-a33c3c6018ca
x-runtime: 0.015773
server: cloudflare
etag: W/"43974ed74066b207c30ffd0fed514676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
vary: Origin
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8be3006000005f17c91b000000001
cf-ray: 64baffc66d5605f1-FRA
access-control-expose-headers

GET
H3-29 200 cookies Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/ 405 B
1009 B 15ms
15ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5affb9be9206aff468640e95193d6f6b71f37f81ade49b9567a911acadda449

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54479
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 738570ce-d743-415e-a49a-2ac1376f51ad
x-runtime: 0.007776
server: cloudflare
etag: W/"e5affb9be9206aff468640e95193d6f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=600
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8be3014000005f17c91c000000001
cf-ray: 64baffc68da305f1-FRA
access-control-expose-headers

OPTIONS
H3-29 200 cookies
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/ Frame 0
0 181ms
180ms Preflight 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/cookies

Protocol

H3-29

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:04:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8be2f60000005f13a308000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64baffc56ad105f1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 23ms
21ms Image
image/gif 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515415048606248&ev=Microdata&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1620396284009&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hbsslaw.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Flarge_focal_point%2Fpublic%2F2021-02%2FWhistle_0.jpeg%3Fh%3Dd07d10a6%26itok%3DraeUhkep%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620396283271.1593056885&it=1620396282621&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 07 May 2021 14:04:44 GMT

GET
H2 200 pdf.svg
www.hbsslaw.com/sites/all/themes/law/images/ 3 KB
2 KB 24ms
22ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/pdf.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17023a6fee71a9778853f6f21183d79e6e071591537027097c27ea0ebf9e57d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=dfe7f073a9f79e7c84291d8d70937ebd21620396279; __atuvc=1%7C18; __atuvs=609548f8624ea86a000; __atssc=twitter%3B1; _gcl_au=1.1.846595635.1620396282; _ga=GA1.2.1749898811.1620396283; _gid=GA1.2.1041667415.1620396283; _dc_gtm_UA-2307371-2=1; _gat_UA-2307371-2=1; _fbp=fb.1.1620396283271.1593056885
:path: /sites/all/themes/law/images/pdf.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:04:44 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3887
x-cache: HIT
x-cache-hits: 168
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8be308c00002c3ad390e000000001
x-request-id: v-c7c718b0-9c41-11eb-8a07-6738bafcaa05
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64baffc74faa2c3a-FRA
expires: Tue, 11 May 2021 13:54:13 GMT

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 26ms
26ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: H29RFTJ79DG6JJEF
x-cache: HIT
content-length: 11777
x-amz-id-2: t9OLrBwfRPNcrJSFz5NXiG0kvPcuxOgw0uG5vmVUMViXRFcO7BoA8LPOd0cGkm+YUr/ARsZdDEs=
x-served-by: cache-hhn4068-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1620396284.085227,VS0,VE0
date: Fri, 07 May 2021 14:04:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 21363

GET
H/1.1 200
OK 1a2a1c6990 Show response
bam.nr-data.net/1/ 57 B
146 B 108ms
108ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1a2a1c6990?a=420215063&v=1208.49599aa&to=YwdWYUBRWkJSB01bDFpNdVZGWVtfHBRYVQZrAVVWWlU%3D&rst=5193&ck=1&ref=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ap=20&be=988&fe=4728&dc=2856&perf=%7B%22timing%22:%7B%22of%22:1620396279348,%22n%22:0,%22f%22:3,%22dn%22:5,%22dne%22:18,%22c%22:18,%22s%22:23,%22ce%22:69,%22rq%22:69,%22rp%22:930,%22rpe%22:931,%22dl%22:937,%22di%22:2855,%22ds%22:2856,%22de%22:2961,%22dc%22:4728,%22l%22:4728,%22le%22:4729%7D,%22navigation%22:%7B%7D%7D&fp=2343&fcp=2343&at=T0BVFwhLSUw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK 1a2a1c6990 Show response
bam.nr-data.net/events/1/ 24 B
182 B 108ms
108ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/1a2a1c6990?a=420215063&v=1208.49599aa&to=YwdWYUBRWkJSB01bDFpNdVZGWVtfHBRYVQZrAVVWWlU%3D&rst=15193&ck=1&ref=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.hbsslaw.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hbsslaw.com/	1970-01-19 20:16:12	Name: _fbp Value: fb.1.1620396283271.1593056885
.hbsslaw.com/	1970-01-19 18:06:36	Name: _gat_UA-2307371-2 Value: 1
.hbsslaw.com/	1970-01-19 18:06:36	Name: _dc_gtm_UA-2307371-2 Value: 1
.hbsslaw.com/	1970-01-19 18:08:02	Name: _gid Value: GA1.2.1041667415.1620396283
.hbsslaw.com/	1970-01-20 11:37:48	Name: _ga Value: GA1.2.1749898811.1620396283
www.hbsslaw.com/	1970-01-20 03:36:50	Name: __atssc Value: twitter%3B1
.hbsslaw.com/	1970-01-19 20:16:12	Name: _gcl_au Value: 1.1.846595635.1620396282
www.hbsslaw.com/	1970-01-19 18:06:38	Name: __atuvs Value: 609548f8624ea86a000
www.hbsslaw.com/	1970-01-20 03:36:50	Name: __atuvc Value: 1%7C18
.hbsslaw.com/	1970-01-19 18:49:48	Name: __cfduid Value: dfe7f073a9f79e7c84291d8d70937ebd21620396279

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: Iframe embed detected - cant access parent, waiting for postmessage
console-api	log	URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js(Line 1) Message: Iframe embed detected - cant access parent, waiting for postmessage
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	debug	URL: https://app.termly.io/644.embed.min.js(Line 1) Message: [Termly] Region %o has consent_mode set to %o global opt_out
console-api	log	URL: https://app.termly.io/644.embed.min.js(Line 1) Message: TERMLY_BANNER_RENDER_FINISH:0.994s
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	log	URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js(Line 1) Message: Parent URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-public.addthis.com
app.termly.io
apps.form.io
bam.nr-data.net
cc.swiftype.com
cdn.form.io
cdn.jotfor.ms
cdnjs.cloudflare.com
connect.facebook.net
dashboard.whoisvisiting.com
events.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
googleads.g.doubleclick.net
iptrack.io
js-agent.newrelic.com
js.jotform.com
lltrck.com
s.swiftypecdn.com
s7.addthis.com
stats.g.doubleclick.net
t.co
unpkg.com
v1.addthisedge.com
widgets.jotform.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hbsslaw.com
www.jotform.com
z.moatads.com
104.109.85.134
104.244.42.133
142.250.186.34
151.101.114.110
151.101.12.143
162.247.242.18
169.63.31.200
185.43.144.18
2.18.235.40
2606:4700:10::6816:a81
2606:4700:11::6817:860b
2606:4700:20::681a:4e1
2606:4700:20::681a:786
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:7caf
2606:4700::6813:9059
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9d
2a03:2880:f008:8:face:b00c:0:1
2a03:2880:f108:83:face:b00c:0:25de
35.201.118.58
50.19.224.133
65.9.73.22
65.9.73.65
0202e3eb351a553c0a62ec12b357425f66494259fea5e3f5aee204b6321f5d7d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f
13d01aacb9837a1b4cfb80ea22424285a630747175a3309675447bd0da616ddc
13ef139510911c487b640972a830e47cf6626be0322694e085cd8e547295eac0
17023a6fee71a9778853f6f21183d79e6e071591537027097c27ea0ebf9e57d0
1d5d204d662ae2f90464bee6d1e1d645169851dfab39948b23a18da5a8584585
1ed4d34b5d65315493af1084d5e41925b678c46e8d51ba37ff69fc1f232472fb
21f66b6b2cfb9dbf8f7f809afea348897644ca3601b68b8e9efa3aba8387f980
22fbee4a9b5eb45c3849b5181c8323fe16e1e0606c8c962b0cadb9bb7bd33a4a
2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
291b8f746f5fb8ef8dff392fee9cfabc7921aec0335fc4e15cd2633aeb383db2
2b61a86f5bf77e90dc8ed1697213fc409ba249ff7793614804c64adccf166105
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d66d6164a77d7b507bfa1362be533f4506c894f17ac309c4ff251b88b052492
2d775fdf09e5e69833bf0efd07cad8489bb287d64ff77ae1a6d684cbba907c0c
2f9999f3d4183415bbb986c0e58b70017384b48e6b0dcb7ccbc1d215002e3b63
3287389dbe681975c1266c77ab0d39476855742c683ee57f7b78c39352b5f3fd
330908eb91c97754c77225b90ff2c88b045132307c537a8c94ace0033159307b
36e5cf9ed950c66e71444d25b87a9efe55970bd13f13a1cf99208dbee0ffb500
3b7dd11934e86e14b0c123680875ce066e6daa4d16a0bfb28c1aa95e08a983f1
3d18426eac41a1eee3a3a5b04d62e6160172d2f94e1d9237fbe6e7098584e9e6
3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572
4235848083b253172584f6d6775ba7e42442b90da111584f76c3253bf5c63b20
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5
47f0d3c8a81b972403831aa33843c4dffb5f95ac4078c2cce1328d8c11665498
549f8e7bfc250bc9c79034b4ce4ad860e70bc8edc6eb5281f79d6189f6f29c3a
57a0e806e84b38c432b4d3849972f62b585a1a729b446b070ba0e57c0e819600
592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
60892bdfb246e60441d0e15ea35c220ad27de1cbfdb57f6f6efa931c5ed1046e
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61df852b3a88cd42ae75991239f54c87cbb7e57f96b5973abe8068b409803fc3
62a75c450e483b341b83ace34bd3cf3663d96d1fe54aa435eabe7e3c29b4aa2b
683565ce7a9bce8dab8f70b9ea025f589c6948edc6ee3ca8ccf7271ca6922c46
6c5384e234d7397621446a74c32fa5adbd1f961e6a37483d2357d5ba6a748129
7a9e007b97c4a9244efb5159e59341907269eca4a4e0071eeac001f271c6c00a
800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc
815b4d0911bf35897ca426c27905c5dd1cc0d5e7757a0095ad4a9206e44e7aa6
828f3770e29f965612ea39410bc9f76107c0ee1fea6472893941d2afe84a11b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8426a5b2572b374f61df0fcfe38c7a57ee0ed672d68be9a47434f434af872b9b
84302a4f6522169b946e88e5c0548533f8bb7d9c5b9d76ab87192571a77405a9
84af298a88498d364cdbbf8d1ad819ecdaaf03a131c9148760ee4997599394e7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
89fa0404437de19a0c6e3e649e87a7916f95a5d2c9e143efcfb075d2710d7428
8de45a20fdccbf0c273572cac4ff78ac5b8727cf90ce4d58333b33c6d62895de
8ee8c48760597171c0801694c970aba742d3ba1fbb5a0215ab0da631e772d583
9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d
a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095
a485f2ef59b9c933fed06c3440b12ee98b50f7e42065064a586da8232cff19f8
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7
b7d69b2cf3c7714fbfff13b11167b17104be59fd611d96307ed79f2b87343b87
b84a304dc1078de8464ae8dcc657310754618d4df3a51ec2de038c0f209c29de
b9478fbc901b65171eb9f640768880e86928545cc44dc8f4ca672a85e612e69c
b9ad0389f416cbef5a0417c7123a02a66482fd042491e765bf0c00aff099df6a
bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0
c16921f2294f01407a6abf25c7ee6cc53809dee4845e147081f0a635ecf41aca
c623cb4efad1539745030ae09338a4933de102c0fdb3794fb7945b62206577bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb
d4c129101af92fc044d9bc487a90fac991546374fccca5d60b38ba5fca37188f
dcef3b9770287ff1b935dd9c3b0c42513aa9bafd43197e315ecd8a2c6657060c
dcf7e0782a08c1d9b868ea004d09fb95557407d0b2bf868ab6d80f2eb31b6eb3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2909d4f73e40d0a57c97bc900cf5c1b135abea34872dd860a6707705cb442b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5affb9be9206aff468640e95193d6f6b71f37f81ade49b9567a911acadda449
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d789973acef4842753351229f16dcd3eaf7ee375dec590dde14fb333447959
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fcd2f280c8d3474c71c57445945a40009013ff9e4e3081fcfe4b03fde7011a10

www.hbsslaw.com Open in urlscan Pro 2606:4700:10::6816:a81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

100 %HTTPS

61 %IPv6

29 Domains

35 Subdomains

33 IPs

5 Countries

7471 kBTransfer

18621 kBSize

10 Cookies

9 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hbsslaw.com Open in urlscan Pro
2606:4700:10::6816:a81 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

100 %
HTTPS

61 %
IPv6

29
Domains

35
Subdomains

33
IPs

5
Countries

7471 kB
Transfer

18621 kB
Size

10
Cookies

113 HTTP transactions
0 data transactions