www.ballardspahr.com Open in urlscan Pro
104.18.37.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardsp...
Effective URL:
https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnis...
Submission: On July 29 via api (July 29th 2022, 1:13:27 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 11 domains to perform 45 HTTP transactions. The main IP is 104.18.37.98, located in and belongs to CLOUDFLARENET, US. The main domain is www.ballardspahr.com. The Cisco Umbrella rank of the primary domain is 255874.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 16th 2022. Valid for: a year.

This is the only time www.ballardspahr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	166.78.94.1 166.78.94.1	19994 (RACKSPACE) (RACKSPACE)
1 1	184.106.20.187 184.106.20.187	19994 (RACKSPACE) (RACKSPACE)
15	104.18.37.98 104.18.37.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
7	204.16.246.214 204.16.246.214	20326 (TERASWITCH) (TERASWITCH)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.7.27 108.138.7.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	34.255.240.59 34.255.240.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	204.16.246.221 204.16.246.221	20326 (TERASWITCH) (TERASWITCH)
1 1	204.16.246.216 204.16.246.216	20326 (TERASWITCH) (TERASWITCH)
1	2600:9000:223... 2600:9000:223e:3600:7:ea59:6a00:93a1	16509 (AMAZON-02) (AMAZON-02)
45	16

2 166.78.94.1 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

response.ballardspahr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.106.20.187 (Mauldin, United States) 1 redirects

ASN19994 (RACKSPACE, US)
PTR: mta02.vx-email.com

ballardspahr.vuturevx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.37.98 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ballardspahr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 204.16.246.214 (Pittsburgh, United States)

ASN20326 (TERASWITCH, US)

play.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-27.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.240.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.16.246.221 (Pittsburgh, United States)

ASN20326 (TERASWITCH, US)

html5-player.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.16.246.216 (Pittsburgh, United States) 1 redirects

ASN20326 (TERASWITCH, US)

assets.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:3600:7:ea59:6a00:93a1 (United States)

ASN16509 (AMAZON-02, US)

ssl-static.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ballardspahr.com 2 redirects response.ballardspahr.com www.ballardspahr.com — Cisco Umbrella Rank: 255874	294 KB
10	libsyn.com play.libsyn.com — Cisco Umbrella Rank: 174595 Failed html5-player.libsyn.com — Cisco Umbrella Rank: 48818 assets.libsyn.com — Cisco Umbrella Rank: 51346 ssl-static.libsyn.com — Cisco Umbrella Rank: 36081	2 MB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 572 p.typekit.net — Cisco Umbrella Rank: 688	264 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1519	68 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	133 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117	443 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	vuturevx.com 1 redirects ballardspahr.vuturevx.com	316 B
0	hotjar.io Failed vc.hotjar.io Failed
45	11

	Domain	Requested by
15	www.ballardspahr.com	www.ballardspahr.com
7	play.libsyn.com	www.ballardspahr.com play.libsyn.com
7	use.typekit.net	www.ballardspahr.com use.typekit.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.ballardspahr.com www.googletagmanager.com
2	response.ballardspahr.com	2 redirects
1	ssl-static.libsyn.com
1	assets.libsyn.com	1 redirects
1	html5-player.libsyn.com	play.libsyn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	play.libsyn.com
1	static.hotjar.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	ballardspahr.vuturevx.com	1 redirects
0	vc.hotjar.io Failed	script.hotjar.com
45	19

This site contains links to these domains. Also see Links.

Domain
1npdf11.onenorth.com
podcasts.apple.com
podcasts.google.com
open.spotify.com
response.ballardspahr.com
www.facebook.com
www.linkedin.com
twitter.com
ballardspahr.sharepoint.com
alumni.ballardspahr.com
login.firmex.com

Subject Issuer	Validity	Valid
ballardspahr.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-16` - `2023-03-23`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.libsyn.com Sectigo ECC Organization Validation Secure Server CA	`2022-06-01` - `2023-07-02`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
Frame ID: 24E08E9423EB3455D310E98F330CFE7F
Requests: 32 HTTP requests in this frame

Frame: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Frame ID: 785DC49BD50DA7BF02F45F34F188AAAF
Requests: 1 HTTP requests in this frame

Frame: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Frame ID: BF97D908694E8A4B40B276F66FE10966
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: EC2C2B909EE8EC982EAFEF5848A8EC5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Takeaways for Banks from the CFPB’s Recent Consent Order on Garnishment Orders | Blogs | Insights | Ballard Spahr

Page URL History Show full URLs

http://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3... HTTP 301
https://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3... HTTP 302
https://ballardspahr.vuturevx.com/edit/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=ht... HTTP 302
https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Con... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

45
Requests

93 %
HTTPS

44 %
IPv6

11
Domains

19
Subdomains

16
IPs

5
Countries

2647 kB
Transfer

3798 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://1npdf11.onenorth.com/pdfrenderer.svc/v1/abcpdf11/GetRenderedPdfByUrl/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders.pdf?url=https://www.ballardspahr.com/pdf/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/consumer-finance-monitor/id1434573399?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cHM6Ly9jb25zdW1lcmZpbmFuY2Vtb25pdG9yLmxpYnN5bi5jb20vcnNz?sa=X&ved=0CAYQrrcFahcKEwj47ovz8o7tAhUAAAAAHQAAAAAQAQ

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/7EZu6Bez0NE5JSc2LV2AOo?si=ubP1pIOzQYqozDtG21Z1qA&nd=1

Search URL Search Domain Scan URL

URL: https://response.ballardspahr.com/5/6651/landing-pages/subscribe.asp
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BallardSpahrLLP/about/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ballard-spahr-llp

Search URL Search Domain Scan URL

URL: https://twitter.com/BallardSpahrLLP

Search URL Search Domain Scan URL

URL: https://ballardspahr.sharepoint.com/sites/ClientConnect
Title: Ballard360

Search URL Search Domain Scan URL

URL: https://ballardspahr.sharepoint.com/sites/bin/firm/office-locations/Pages/Emergency-Response-Portal.aspx
Title: Access Portal

Search URL Search Domain Scan URL

URL: https://alumni.ballardspahr.com/default.aspx
Title: Alumni

Search URL Search Domain Scan URL

URL: https://login.firmex.com/
Title: Client Portal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders HTTP 301
https://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders HTTP 302
https://ballardspahr.vuturevx.com/edit/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders HTTP 302
https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://assets.libsyn.com/content/132855549 HTTP 302
https://ssl-static.libsyn.com/p/assets/a/4/8/8/a4882c712e4ec032a04421dee9605cbd/CFM-Pod-20220728-hifgtpirpb.png

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders Show response
www.ballardspahr.com/Insights/Blogs/2022/07/
Redirect Chain

http://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for-Banks...
https://response.ballardspahr.com/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for-Bank...
https://ballardspahr.vuturevx.com/edit/email_handler.aspx?sid=ee68d58a-cf3e-44cd-81aa-1e34926f1ba8&redirect=https%3a%2f%2fwww.ballardspahr.com%2fInsights%2fBlogs%2f2022%2f07%2fPodcast-Takeaways-for...
https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2...

101 KB
22 KB

1322ms
529ms

Document
text/html

104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29a218ecce6e30a66b8d4982204bf54805b4edcfb292c9c5bee929224f72683

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 73261c83a953694c-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 13:13:21 GMT
etag: W/"195ae-AcamYSOb8QtOYtrdTO3F9+ZJp84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains;
vary: Accept-Encoding
x-a: PCDBSP
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-p: PH1iA3
x-s: 01
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-length: 331
content-type: text/html; charset=utf-8
date: Fri, 29 Jul 2022 13:13:19 GMT
expires: -1
location: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
pragma: no-cache
strict-transport-security: max-age=157680000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1;mode=block

GET
H2 200 vgo5pjr.css
use.typekit.net/ 10 KB
1 KB 164ms
136ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vgo5pjr.css

Requested by

Host: www.ballardspahr.com
URL: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8b566f2e6814fde1d166a58a433485cf06b6eb5e349c9150dba8155e14a54755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 29 Jul 2022 13:13:21 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1193

GET
H2 200 121a1f9.js Show response
www.ballardspahr.com/dist/ 2 KB
1 KB 35ms
27ms Script
application/javascript 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/121a1f9.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92452275c06e2c7a7198bf9a2e731987c27520529b0cae0ebd544ac00ea891bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 364782
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA3
x-frame-options: SAMEORIGIN
etag: W/"977-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c871d70694c-FRA

GET
H2 200 dd330c4.js Show response
www.ballardspahr.com/dist/ 186 KB
65 KB 50ms
42ms Script
application/javascript 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/dd330c4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12bc7b0dc9251671067d02c92686de91a2cdf0fc242e969fd53ac27ed762e771

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356773
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA1
x-frame-options: SAMEORIGIN
etag: W/"2e977-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c871d72694c-FRA

GET
H2 200 2b7f0b3.js Show response
www.ballardspahr.com/dist/ 110 KB
34 KB 40ms
33ms Script
application/javascript 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/2b7f0b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e8695feaf5b93332377faa01261f67992e4d58450f88e6c18af61c5cd6f7da9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 347493
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA1
x-frame-options: SAMEORIGIN
etag: W/"1b936-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c871d75694c-FRA

GET
H2 200 b856425.js Show response
www.ballardspahr.com/dist/ 473 KB
79 KB 42ms
35ms Script
application/javascript 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/b856425.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df79e18e206511d9bc54363a93e931b0bf92d216f9661e1305a9f30756de3e4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 347493
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA3
x-frame-options: SAMEORIGIN
etag: W/"76236-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c871d77694c-FRA

GET
H2 200 889dcd7.js Show response
www.ballardspahr.com/dist/ 3 KB
1 KB 33ms
26ms Script
application/javascript 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/889dcd7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d501e259e5f86f32cba5c232ace7548d12d29924d255e6f51369b67b419de1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 135925
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA3
x-frame-options: SAMEORIGIN
etag: W/"b4d-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c871d79694c-FRA

GET
H2 200 logo.svg
www.ballardspahr.com/-/jssmedia/Images/Logos/ 7 KB
3 KB 25ms
25ms Image
image/svg+xml 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Images/Logos/logo.svg?iar=0&rev=d176f02d66c041c5bb3bbc3f139fd587&hash=36D0E6DE03BD3D9AB99F5531C5236C2D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b33e2840a6513924c38eeb44b4462ba33b9b57b25dfa9cf555fd976292eab7ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 364782
cf-ray: 73261c876dcf694c-FRA
x-a: PCDBSP
content-disposition: inline; filename="logo.svg"
last-modified: Sun, 07 Mar 2021 12:32:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-s: 01
x-p: PH1iA2

GET
H2 200 listen-on-apple-podcasts-36h.png
www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/ 6 KB
6 KB 290ms
289ms Image
image/png 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/listen-on-apple-podcasts-36h.png?h=36&w=148&rev=f42a26dccbb04180a64bfb015152f195&hash=8DFBE0F0809CE71FBD83488896486C71

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc3e6169c1bdfb1cb09cc83f5ac3e11316eb5447d60146ad72f14008542c2a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-a: PCDBSP
content-disposition: inline; filename="listen-on-apple-podcasts-36h.png"
content-length: 5915
last-modified: Tue, 02 Mar 2021 17:55:23 GMT
server: cloudflare
x-p: PH1iA2
x-frame-options: SAMEORIGIN
etag: be77b2214b684542b30e15936cfb479f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73261c879dfb694c-FRA
x-s: 02

GET
H2 200 listen-on-google-podcasts-36h.png
www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/ 5 KB
5 KB 320ms
320ms Image
image/png 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/listen-on-google-podcasts-36h.png?rev=a2f77461cef94f389addaa4ebed9c1a7&hash=B3A95435D837B71DCAAA2437A42C44B0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53087b89238b4978474e654446c94bbfc27c0306dc3c8340962fe63043848c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-a: PCDBSP
content-disposition: inline; filename="listen-on-google-podcasts-36h.png"
content-length: 4807
last-modified: Tue, 02 Mar 2021 17:56:45 GMT
server: cloudflare
x-p: PH1iA3
x-frame-options: SAMEORIGIN
etag: 4925e2ce39f749799de54b9f00d05372
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73261c881eaa694c-FRA
x-s: 01

GET
H2 200 listen-on-spotify.png
www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/ 2 KB
3 KB 302ms
299ms Image
image/png 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Images/Insights-Secondary-Featured/Podcast-Subscribe-Badges/listen-on-spotify.png?rev=55d8b7d746224c9d9b530f1701658e82&hash=DB89C9DCC5D04D333D0B8FBEEF95080A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45886809b8fc0fd3fdc360452e96700d204e256458274c0fc9677b066597c97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
x-a: PCDBSP
content-disposition: inline; filename="listen-on-spotify.png"
content-length: 2423
last-modified: Tue, 02 Mar 2021 17:57:49 GMT
server: cloudflare
x-p: PH1iA1
x-frame-options: SAMEORIGIN
etag: faa7ca7cf7ed4a7d9354ff63dfab22cd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73261c886f15694c-FRA
x-s: 02

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 42ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vgo5pjr&ht=tk&f=139.140.173.174.175.176.5474.5475.25136.25137.6829.6830.18011.18012&a=28654070&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/vgo5pjr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:21 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
62 KB 56ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MV3HNPL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef094f63e2dc2ddcf60beaac46d45ea6c402e6a29cabe7665d9ddd6d411c4f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63317
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Jul 2022 13:13:22 GMT

GET
H2 200 90722393485fd128717391db609b1396.svg
www.ballardspahr.com/dist/ 19 KB
5 KB 29ms
27ms Other
image/svg+xml 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballardspahr.com/dist/90722393485fd128717391db609b1396.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d4495366a40f4701c2ad4091be7ee158be4bff31340e1d8d483f827aa83b05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2f07%2f28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95905
x-a: PCDBSP
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 21:31:10 GMT
server: cloudflare
x-p: PH1iA1
x-frame-options: SAMEORIGIN
etag: W/"4ddb-1819279e3ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=31536000
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' *.google.com *.gstatic.com *.googleapis.com *.jquery.com *.onenorth.com *.oniqa.com *.onistaged.com *.amazonaws.com *.googletagmanager.com *.google-analytics.com *.google.com *.doubleclick.net *.youtube.com *.youtube-nocookie.com *.vimeo.com *.visme.co *.typekit.net *.libsyn.com *.hotjar.com ; img-src * data:; font-src 'self' data: *.typekit.net;
x-s: 01
cf-ray: 73261c886f17694c-FRA

GET yes
play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/ Frame 785D 0
0

GET
H2 200 l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/ 33 KB
33 KB 28ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "79fea02668402fc378c129193093131a2db2577c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33576

GET
H2 200 l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/ 34 KB
34 KB 38ms
17ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "b5fef031a96fc670f9c3b1b64dd52243a29d7531"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34336

GET
H2 200 l
use.typekit.net/af/6e816b/00000000000000003b9b3064/27/ 33 KB
33 KB 46ms
25ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6e816b/00000000000000003b9b3064/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3f8d3c0b0f92db9629b4d13d41f1aa4c858cd12c4ccffd4b8d587dc72abd4a5b

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "8ae17cf0eecce59afa191d331a008a4661e1553d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33428

GET
H2 200 l
use.typekit.net/af/576d53/00000000000000003b9b3066/27/ 32 KB
33 KB 31ms
10ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/576d53/00000000000000003b9b3066/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 00f7898216fc98f62a6dec0077f7d46045d02a056e7f58675cb62b363a5d14dd

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "fa333b49edecc210478c16168adee736b2ad6c1f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33272

GET
H2 200 l
use.typekit.net/af/283000/00000000000000003b9ade41/27/ 95 KB
95 KB 46ms
26ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/283000/00000000000000003b9ade41/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 35ed3e1bef85954a329b135e54e42553098d8b0263a8f90478689e99eef124e7

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "e125e209e24af320ca41df076b6b44822cf43d13"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 96880

GET
H2 200 l
use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/ 34 KB
35 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c70f2/00000000000000003b9b3063/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vgo5pjr.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158

Request headers

Referer: https://use.typekit.net/vgo5pjr.css
Origin: https://www.ballardspahr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
server: nginx
etag: "d9c559430b0162ff50e16cf6dad5514fa963f9ff"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35100

GET
H2 200 yes Show response
play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/ Frame BF97 3 KB
3 KB 127ms
103ms Document
text/html 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Requested by: Host: www.ballardspahr.com
URL: https://www.ballardspahr.com/dist/dd330c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: 47e36421d89c353414f0990a24e16b200cf6dc1af9952421c796908f7eb4f584

Request headers

Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 2670
content-type: text/html; charset=UTF-8
date: Fri, 29 Jul 2022 13:13:22 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Apache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1RDL0S5471&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV3HNPL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

799c9befdf22ab9227d9609a99b7db297c286a61d648653b4a41e29ec58f7989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72386
x-xss-protection: 0
expires: Fri, 29 Jul 2022 13:13:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV3HNPL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 682
date: Fri, 29 Jul 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Jul 2022 15:02:00 GMT

GET
H2 200 hotjar-2156753.js Show response
static.hotjar.com/c/ 5 KB
2 KB 58ms
40ms Script
application/javascript 108.138.7.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2156753.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV3HNPL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-27.fra56.r.cloudfront.net

Software

Resource Hash

7993a0cbad1ae163a1688ac9d7f0969bef03821afb78d72385e1821dfd90cdc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P6
etag: W/b39e6bf35ef9207a27e680c30e193194
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: 2Z0zy6ajUOQmzYdvTgzosBlnfJLOm4Cm05kBtgs6vBMtoNtjqf5nEQ==
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)

GET
H2 200 insights-default_ph_GettyImages-531411057.jpg
www.ballardspahr.com/-/jssmedia/Images/page-headers/ 66 KB
67 KB 21ms
21ms Image
image/webp 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Images/page-headers/insights-default_ph_GettyImages-531411057.jpg?h=440&iar=0&w=1440&rev=70f632d023f9432086f16921ad2e8006&hash=572FE39388219F9A59B1035210D9E3B6&w=1440

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45029322b603d9feb120a1f762311d5a682fee421e7b06372f3826d0d0c303c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
cf-cache-status: HIT
age: 189987
cf-polished: qual=85, origFmt=jpeg, origSize=529872
x-a: PCDBSP
content-disposition: inline; filename="insights-default_ph_GettyImages-531411057.webp"
strict-transport-security: max-age=31536000; includeSubDomains;
content-length: 68052
last-modified: Fri, 05 Feb 2021 02:08:46 GMT
server: cloudflare
x-p: PH1iA3
x-frame-options: SAMEORIGIN
etag: 62495daf5cea499ab38a34de311475ac
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 73261c8a596f694c-FRA
x-s: 01
cf-bgj: imgq:85,h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
16ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1526080723&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ballardspahr.com%2FInsights%2FBlogs%2F2022%2F07%2FPodcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders%3Futm_source%3Dvuture%26utm_medium%3Demail%26utm_campaign%3D2022%252F07%252F28%2520nnn&ul=en-us&de=UTF-8&dt=Takeaways%20for%20Banks%20from%20the%20CFPB%E2%80%99s%20Recent%20Consent%20Order%20on%20Garnishment%20Orders%20%7C%20Blogs%20%7C%20Insights%20%7C%20Ballard%20Spahr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=693970549&gjid=997558929&cid=2100053085.1659100402&tid=UA-7781270-1&_gid=1306096897.1659100402&_r=1&gtm=2wg7r0MV3HNPL&z=2074720423

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ballardspahr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BF97 6 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Requested by

Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 12:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Jul 2022 13:13:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Jul 2022 13:13:22 GMT

GET
H2 200 2.f2146f9a.chunk.css
play.libsyn.com/static/css/ Frame BF97 57 KB
58 KB 207ms
206ms Stylesheet
text/css 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/static/css/2.f2146f9a.chunk.css
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: b8a6d06fadeb8189be49982ca4c8bef9f915fac6c81549006dd3b141e8de1222

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:22 GMT
server: Apache
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 58727
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 main.7ef761dd.chunk.css
play.libsyn.com/static/css/ Frame BF97 29 KB
29 KB 104ms
103ms Stylesheet
text/css 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/static/css/main.7ef761dd.chunk.css
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: a229653d0e01c575dd0a55b795f9ee1afc9faaed3c19cdeaf65680ce55b9eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:22 GMT
server: Apache
content-type: text/css
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 29472
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 2.8aaa0358.chunk.js Show response
play.libsyn.com/static/js/ Frame BF97 847 KB
848 KB 308ms
307ms Script
application/javascript 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/static/js/2.8aaa0358.chunk.js
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: aa3205545255799d0ee1301df46dabe118a8a8d281070737a4b6701861a6a26c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:22 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 867240
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 main.18af23c3.chunk.js Show response
play.libsyn.com/static/js/ Frame BF97 39 KB
39 KB 411ms
410ms Script
application/javascript 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/static/js/main.18af23c3.chunk.js
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: 0ee11b6f4454fd7a77c23b105fce670f90e68071bec30aea20cc2fce842f43a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:22 GMT
server: Apache
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 39650
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 modules.311bafb9406f6ba6bebc.js Show response
script.hotjar.com/ 246 KB
64 KB 27ms
10ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2156753.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 09:17:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14176
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64600
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 09:16:08 GMT
etag: "45663d5a8b5e0ae258fd8063655953c6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MGF65vsqrfuNUnMDZCXBtOfUPeZ9ACAQbBkhAm0GPDqr-FXHs0qzCA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7781270-1&cid=2100053085.1659100402&jid=693970549&gjid=997558929&_gid=1306096897.1659100402&_u=YEBAAEAAAAAAAC~&z=1278778812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Jul 2022 13:13:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.ballardspahr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame EC2C 2 KB
1 KB 26ms
7ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2156753.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-117.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1206075
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id: YC-gUU7qiuA5Sa53dVvid78G_Ns_-bLihVJk_A5UX8txi8Aaqv3HzA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 Podcast_Icon.svg
www.ballardspahr.com/-/jssmedia/Main/Icons/ 989 B
678 B 28ms
27ms Image
image/svg+xml 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Main/Icons/Podcast_Icon.svg?rev=c49086a0a4c44b208fc50f5b1e74a26c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95299839fb4430649ef706ca96264f97fafee3c701b0d649c6676fb82d7f4ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 60578
cf-ray: 73261c8b7ae4694c-FRA
x-a: PCDBSP
content-disposition: inline; filename="Podcast_Icon.svg"
last-modified: Tue, 05 Jan 2021 20:44:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-s: 02
x-p: PH1iA2

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2156753/ 148 B
323 B 100ms
36ms XHR
application/json 34.255.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2156753/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca

Request headers

Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 29 Jul 2022 13:13:22 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET 2156753
vc.hotjar.io/sessions/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame BF97 44 KB
44 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://play.libsyn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 309778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 23:10:25 GMT

GET
H2 200 23886891 Show response
html5-player.libsyn.com/api/episode/id/ Frame BF97 2 KB
3 KB 359ms
112ms XHR
application/json 204.16.246.221
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://html5-player.libsyn.com/api/episode/id/23886891
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/static/js/2.8aaa0358.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.221 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: 457d80bd192466dd81e6464852ea4c58b0d2efdc6bea5abde7581f46ae025129

Request headers

Accept: application/json, text/plain, */*
Referer: https://play.libsyn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:23 GMT
server: Apache
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-libsyn-host: (null)
accept-ranges: bytes
content-length: 2166
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 google-podcast.svg Show response
play.libsyn.com/assets/ Frame BF97 2 KB
2 KB 104ms
104ms XHR
image/svg+xml 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/assets/google-podcast.svg
Requested by: Host: play.libsyn.com
URL: https://play.libsyn.com/static/js/2.8aaa0358.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: 3634952b513d12e3be909aeb52a1b40758f077bc9f8fa162039a0a5378233dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:23 GMT
last-modified: Wed, 30 Jun 2021 15:09:31 GMT
server: Apache
content-type: image/svg+xml
cache-control: max-age=0, no-store, no-cache, must-revalidate
accept-ranges: bytes
content-length: 2283
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 libsyn-logo--black.png
play.libsyn.com/assets/ Frame BF97 27 KB
27 KB 105ms
105ms Image
image/png 204.16.246.214
TERASWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://play.libsyn.com/assets/libsyn-logo--black.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software: Apache /
Resource Hash: ba8ec5a37a233e5156567df32cbd1d23d22d6318d29057469e9c88a8ea9e6302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jul 2022 13:13:23 GMT
server: Apache
content-type: image/png
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 27216
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2

200

CFM-Pod-20220728-hifgtpirpb.png
ssl-static.libsyn.com/p/assets/a/4/8/8/a4882c712e4ec032a04421dee9605cbd/ Frame BF97
Redirect Chain

https://assets.libsyn.com/content/132855549
https://ssl-static.libsyn.com/p/assets/a/4/8/8/a4882c712e4ec032a04421dee9605cbd/CFM-Pod-20220728-hifgtpirpb.png

814 KB
815 KB

77ms
10ms

Image
image/png

2600:9000:223e:3600:7:ea59:6a00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl-static.libsyn.com/p/assets/a/4/8/8/a4882c712e4ec032a04421dee9605cbd/CFM-Pod-20220728-hifgtpirpb.png
Protocol: H2
Server: 2600:9000:223e:3600:7:ea59:6a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: a99258590a40887e61dcb1aa61c219f300a33967fd141efee4ec39efa7fd52f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://play.libsyn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 13:31:39 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
last-modified: Thu, 28 Jul 2022 13:27:25 GMT
server: nginx/1.20.2
age: 85304
etag: "b1d9731b59d282b0b9a5c74e96c37cba"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-rgw-object-type: Normal
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 833612
x-amz-cf-id: 36oQkACIj4MSQtANwEu5ufhVOG2BFVzET-0Dkx1wFeXe9djbsvsWAw==

Redirect headers

location: https://ssl-static.libsyn.com/p/assets/a/4/8/8/a4882c712e4ec032a04421dee9605cbd/CFM-Pod-20220728-hifgtpirpb.png
date: Fri, 29 Jul 2022 13:13:23 GMT
x-libsyn-host: t2
access-control-allow-origin: *
content-length: 0
server: Apache
content-type: text/html; charset=UTF-8

GET
H2 200 Podcast_Icon.svg
www.ballardspahr.com/-/jssmedia/Main/Icons/ 989 B
549 B 27ms
27ms Image
image/svg+xml 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Main/Icons/Podcast_Icon.svg?rev=c49086a0a4c44b208fc50f5b1e74a26c

Requested by

Host: www.ballardspahr.com
URL: https://www.ballardspahr.com/dist/2b7f0b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95299839fb4430649ef706ca96264f97fafee3c701b0d649c6676fb82d7f4ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 60580
cf-ray: 73261c96581b694c-FRA
x-a: PCDBSP
content-disposition: inline; filename="Podcast_Icon.svg"
last-modified: Tue, 05 Jan 2021 20:44:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-s: 02
x-p: PH1iA2

GET
H2 200 Podcast_Icon.svg
www.ballardspahr.com/-/jssmedia/Main/Icons/ 989 B
506 B 32ms
31ms Image
image/svg+xml 104.18.37.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ballardspahr.com/-/jssmedia/Main/Icons/Podcast_Icon.svg?rev=c49086a0a4c44b208fc50f5b1e74a26c

Requested by

Host: www.ballardspahr.com
URL: https://www.ballardspahr.com/dist/2b7f0b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95299839fb4430649ef706ca96264f97fafee3c701b0d649c6676fb82d7f4ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballardspahr.com/Insights/Blogs/2022/07/Podcast-Takeaways-for-Banks-from-the-CFPBs-Recent-Consent-Order-on-Garnishment-Orders?utm_source=vuture&utm_medium=email&utm_campaign=2022%2F07%2F28%20nnn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:13:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 60580
cf-ray: 73261c971921694c-FRA
x-a: PCDBSP
content-disposition: inline; filename="Podcast_Icon.svg"
last-modified: Tue, 05 Jan 2021 20:44:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-s: 02
x-p: PH1iA2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23886891/height/192/theme/modern/size/large/thumbnail/yes/custom-color/ffffff/time-start/00:00:00/playlist-height/200/direction/backward/hide-share/yes/download/yes

Domain: vc.hotjar.io
URL: https://vc.hotjar.io/sessions/2156753?s=0.25&r=0.11434949353766033

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ballardspahr.com/	1970-01-20 22:22:52	Name: _ga Value: GA1.2.2100053085.1659100402
.ballardspahr.com/	1970-01-20 04:53:06	Name: _gid Value: GA1.2.1306096897.1659100402
.ballardspahr.com/	1970-01-20 04:51:40	Name: _gat_UA-7781270-1 Value: 1
.ballardspahr.com/	1970-01-20 13:37:16	Name: _hjSessionUser_2156753 Value: eyJpZCI6IjBhNzM3N2YxLTgxYWEtNTZiZC1iMjcxLTFkNWE0MzRkOWZhZCIsImNyZWF0ZWQiOjE2NTkxMDA0MDI0MjgsImV4aXN0aW5nIjpmYWxzZX0=
.ballardspahr.com/	1970-01-20 04:51:42	Name: _hjFirstSeen Value: 1
www.ballardspahr.com/	1970-01-20 04:51:40	Name: _hjIncludedInSessionSample Value: 0
.ballardspahr.com/	1970-01-20 04:51:42	Name: _hjSession_2156753 Value: eyJpZCI6IjNkYjNkZGJmLTEzNTUtNGQzOS05ZGRjLWM3ODg0ZDUwNmM1NiIsImNyZWF0ZWQiOjE2NTkxMDA0MDI0NzMsImluU2FtcGxlIjpmYWxzZX0=
www.ballardspahr.com/	1970-01-20 04:51:40	Name: _hjIncludedInPageviewSample Value: 1
.ballardspahr.com/	1970-01-20 04:51:42	Name: _hjAbsoluteSessionInProgress Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://script.hotjar.com/modules.311bafb9406f6ba6bebc.js(Line 1) Message: Refused to connect to 'https://vc.hotjar.io/sessions/2156753?s=0.25&r=0.11434949353766033' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com *.hotjar.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' .google.com .gstatic.com .googleapis.com .jquery.com .onenorth.com .oniqa.com .onistaged.com .amazonaws.com .googletagmanager.com .google-analytics.com .google.com .doubleclick.net .youtube.com .youtube-nocookie.com .vimeo.com .visme.co .typekit.net .libsyn.com .hotjar.com ; img-src data:; font-src 'self' data: *.typekit.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.libsyn.com
ballardspahr.vuturevx.com
fonts.googleapis.com
fonts.gstatic.com
html5-player.libsyn.com
in.hotjar.com
p.typekit.net
play.libsyn.com
response.ballardspahr.com
script.hotjar.com
ssl-static.libsyn.com
static.hotjar.com
stats.g.doubleclick.net
use.typekit.net
vars.hotjar.com
vc.hotjar.io
www.ballardspahr.com
www.google-analytics.com
www.googletagmanager.com
play.libsyn.com
vc.hotjar.io
104.18.37.98
108.138.7.27
166.78.94.1
18.66.139.117
184.106.20.187
204.16.246.214
204.16.246.216
204.16.246.221
2600:9000:223e:3600:7:ea59:6a00:93a1
2a00:1450:4001:803::2003
2a00:1450:4001:812::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::9c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
34.255.240.59
52.222.236.63
00f7898216fc98f62a6dec0077f7d46045d02a056e7f58675cb62b363a5d14dd
0ee11b6f4454fd7a77c23b105fce670f90e68071bec30aea20cc2fce842f43a2
11d4495366a40f4701c2ad4091be7ee158be4bff31340e1d8d483f827aa83b05
12bc7b0dc9251671067d02c92686de91a2cdf0fc242e969fd53ac27ed762e771
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
31685af3bbf1ff809935f70512ea48729eac2add3a47f604db26c43f2a253541
35ed3e1bef85954a329b135e54e42553098d8b0263a8f90478689e99eef124e7
3634952b513d12e3be909aeb52a1b40758f077bc9f8fa162039a0a5378233dbd
3f8d3c0b0f92db9629b4d13d41f1aa4c858cd12c4ccffd4b8d587dc72abd4a5b
457d80bd192466dd81e6464852ea4c58b0d2efdc6bea5abde7581f46ae025129
45886809b8fc0fd3fdc360452e96700d204e256458274c0fc9677b066597c97b
47e36421d89c353414f0990a24e16b200cf6dc1af9952421c796908f7eb4f584
4e8d47f2d51e5c15ed54e8237f827005d675eec474216e7931e534c78ff30158
53087b89238b4978474e654446c94bbfc27c0306dc3c8340962fe63043848c90
60fe579c50202903eec3a1898b8eafc6df528307b7e40052c0f800e718a7129f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd840095807404d43062ce2afdf5e14b5d1c9262dbd7d726372861b0cfbfedb
748d10bb5c649bc6d2913f5a4f3d25564ad2cd92b988791ed23a3a3144896718
7993a0cbad1ae163a1688ac9d7f0969bef03821afb78d72385e1821dfd90cdc0
799c9befdf22ab9227d9609a99b7db297c286a61d648653b4a41e29ec58f7989
7d501e259e5f86f32cba5c232ace7548d12d29924d255e6f51369b67b419de1a
7e8695feaf5b93332377faa01261f67992e4d58450f88e6c18af61c5cd6f7da9
8b566f2e6814fde1d166a58a433485cf06b6eb5e349c9150dba8155e14a54755
92452275c06e2c7a7198bf9a2e731987c27520529b0cae0ebd544ac00ea891bf
95299839fb4430649ef706ca96264f97fafee3c701b0d649c6676fb82d7f4ff6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a229653d0e01c575dd0a55b795f9ee1afc9faaed3c19cdeaf65680ce55b9eee3
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a99258590a40887e61dcb1aa61c219f300a33967fd141efee4ec39efa7fd52f9
aa3205545255799d0ee1301df46dabe118a8a8d281070737a4b6701861a6a26c
b33e2840a6513924c38eeb44b4462ba33b9b57b25dfa9cf555fd976292eab7ce
b8a6d06fadeb8189be49982ca4c8bef9f915fac6c81549006dd3b141e8de1222
ba8ec5a37a233e5156567df32cbd1d23d22d6318d29057469e9c88a8ea9e6302
c29a218ecce6e30a66b8d4982204bf54805b4edcfb292c9c5bee929224f72683
c45029322b603d9feb120a1f762311d5a682fee421e7b06372f3826d0d0c303c
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
dc3e6169c1bdfb1cb09cc83f5ac3e11316eb5447d60146ad72f14008542c2a69
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df79e18e206511d9bc54363a93e931b0bf92d216f9661e1305a9f30756de3e4e
ef094f63e2dc2ddcf60beaac46d45ea6c402e6a29cabe7665d9ddd6d411c4f89

www.ballardspahr.com Open in urlscan Pro 104.18.37.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

44 %IPv6

11 Domains

19 Subdomains

16 IPs

5 Countries

2647 kBTransfer

3798 kBSize

9 Cookies

12 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ballardspahr.com Open in urlscan Pro
104.18.37.98 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

44 %
IPv6

11
Domains

19
Subdomains

16
IPs

5
Countries

2647 kB
Transfer

3798 kB
Size

9
Cookies

45 HTTP transactions
0 data transactions