urlscan.io logo urlscan.io
SecurityTrails logo

legionclaims.com Open in urlscan Pro
107.180.24.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gardyloo.contact/
Effective URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-ma...
Submission: On June 08 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 61 HTTP transactions. The main IP is 107.180.24.236, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is legionclaims.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 11th 2022. Valid for: 3 months.
This is the only time legionclaims.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
gardyloo.contact
34    107.180.24.236 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-24-236.ip.secureserver.net
legionclaims.com
1    2607:f8b0:4006:806::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2600:9000:21da:2600:1a:3af:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
connect.podium.com
1    2607:f8b0:4006:80c::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
8    52.35.91.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-91-240.us-west-2.compute.amazonaws.com
mind-flayer.podium.com
4    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
t.paypal.com
1    2600:9000:21da:4800:1f:7c97:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.podium.com
Apex Domain
Subdomains		 Transfer
34 legionclaims.com
legionclaims.com
544 KB
15 podium.com
connect.podium.com — Cisco Umbrella Rank: 21624
mind-flayer.podium.com — Cisco Umbrella Rank: 23458
assets.podium.com — Cisco Umbrella Rank: 36190
312 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2260
t.paypal.com — Cisco Umbrella Rank: 3129
138 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1928
33 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
1 KB
1 gardyloo.contact
gardyloo.contact
328 B
61 7
Domain Requested by
34 legionclaims.com legionclaims.com
connect.podium.com
8 mind-flayer.podium.com connect.podium.com
6 www.paypal.com www.paypal.com
www.paypalobjects.com
connect.podium.com
6 connect.podium.com legionclaims.com
connect.podium.com
2 t.paypal.com legionclaims.com
2 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
1 assets.podium.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com legionclaims.com
1 gardyloo.contact 1 redirects
61 10

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.linkedin.com
www.foreverlogic.com
Subject Issuer Validity Valid
legionclaims.com
cPanel, Inc. Certification Authority		 2022-04-11 -
2022-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.podium.com
Amazon		 2021-07-23 -
2022-08-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh

This page contains 4 frames:

Primary Page: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Frame ID: 83933E3ACC00697A005FC39A40139EF6
Requests: 47 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: E9A38CC4F644D93C031C3032AA7DCCBA
Requests: 2 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 0F3CD36EC592CF30637AFB93FBF5B38A
Requests: 2 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: DDF750FC7A92C6A2BBC470A912F60815
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xactimate Training & Certification | Level 1 & 2 | Myrtle Beach, SC | 5 Day - Live Classroom Event | May 16th - 20th - Legion Claims Solutions

Page URL History Show full URLs

  1. http://gardyloo.contact/ HTTP 302
    https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-liv... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

61
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

10
Subdomains

8
IPs

1
Countries

1072 kB
Transfer

3258 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gardyloo.contact/ HTTP 302
    https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Redirect Chain
  • http://gardyloo.contact/
  • https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
73 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache / PHP/7.4.29
Resource Hash
bf11fa686f1e257fbca3cc6c5a5fd5459c929063d9e3ccd98d7b523edc37b351

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-length
13867
content-type
text/html; charset=UTF-8
date
Wed, 08 Jun 2022 18:06:27 GMT
link
<https://legionclaims.com/wp-json/>; rel="https://api.w.org/", <https://legionclaims.com/wp-json/wp/v2/product/544>; rel="alternate"; type="application/json", <https://legionclaims.com/?p=544>; rel=shortlink
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.29

Redirect headers

Content-Length
330
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Jun 2022 18:06:27 GMT
Location
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Server
ghs
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
style.min.css
legionclaims.com/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:48:57 GMT
server
Apache
etag
"26000f0-15b26-5dfcd1d5d91b4-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
10903
wc-blocks-vendors-style.css
legionclaims.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.1
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:26:34 GMT
server
Apache
etag
"2760daa-1345-5dc7fe7fb229b-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1111
wc-blocks-style.css
legionclaims.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 		207 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.1
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
a16126f4cfb8aa52abb2c0b12e588c84708da95e2426e16477dd8f42b61b96f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:26:35 GMT
server
Apache
etag
"2760e1d-33d77-5dc7fe80878b2-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
20314
avia-merged-styles-14fd0e93d73af311f4b16f4631197257---6217cd8cc6889.css
legionclaims.com/wp-content/uploads/dynamic_avia/ 		487 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/uploads/dynamic_avia/avia-merged-styles-14fd0e93d73af311f4b16f4631197257---6217cd8cc6889.css
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
1710af53ef0a3039d3e2c46878bb01f456c7986acf6a1c9120fa0980b8bb1fff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 18:25:16 GMT
server
Apache
etag
"26c2331-79cb6-5d8c7b4320e1a-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
71430
jquery.min.js
legionclaims.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 05 Jan 2022 14:40:11 GMT
server
Apache
etag
"25c2bbb-15db1-5d4d6bb23b54b-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30311
jquery-migrate.min.js
legionclaims.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 05 Jan 2022 14:40:09 GMT
server
Apache
etag
"25c2bb3-2bd8-5d4d6bb0bbc8b-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3998
logo-300x75.png
legionclaims.com/wp-content/uploads/2022/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legionclaims.com/wp-content/uploads/2022/01/logo-300x75.png
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
c4b9fc9c377a47825f714674fc9ce366fda9c3da2b2c8df980e01e25235b5a82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
last-modified
Wed, 05 Jan 2022 16:32:43 GMT
server
Apache
accept-ranges
bytes
etag
"26c0005-21d1-5d4d84d981756"
content-length
8657
content-type
image/png
Live-Classroom-600x395.jpg
legionclaims.com/wp-content/uploads/2022/03/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legionclaims.com/wp-content/uploads/2022/03/Live-Classroom-600x395.jpg
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
3393d31a76629a035be258bca69e221fcb8b05f2119cbd373c6d35966f3b73ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
last-modified
Fri, 04 Mar 2022 21:23:32 GMT
server
Apache
accept-ranges
bytes
etag
"26c2973-1152b-5d96b207226c6"
content-length
70955
content-type
image/jpeg
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 16:46:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 08 Jun 2022 18:06:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Jun 2022 18:06:28 GMT
wp-emoji-release.min.js
legionclaims.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:48:55 GMT
server
Apache
etag
"25a16f5-48b9-5dfcd1d379ae2-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4614
Live-Classroom-300x300.jpg
legionclaims.com/wp-content/uploads/2022/03/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legionclaims.com/wp-content/uploads/2022/03/Live-Classroom-300x300.jpg
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
a0a60e8c494afdfa991a1da23caaca1344306a45b643f6f033a9ba818064dd72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
last-modified
Fri, 04 Mar 2022 21:23:32 GMT
server
Apache
accept-ranges
bytes
etag
"26c2972-b2c3-5d96b20704e1d"
content-length
45763
content-type
image/jpeg
jquery-ui.css
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/jquery-ui.css?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
d6ce2ab031cc4a7994ff8cde22a8a9d0b94f5ac0281c210ae4f5d5b518f0bd97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760d07-569f-5dc7ff3d585f4-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3783
jquery-ui-timepicker-addon.css
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/ 		2 KB
509 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/jquery-ui-timepicker-addon.css?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
f32096f6c0a9d6575963569930dad65338c52a2aca6ac6555de7abd188e2c27e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760d06-7b6-5dc7ff3d55714-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
451
spectrum.css
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/spectrum.css?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
c7e4663d553dfc3824ac066b8d63bcba91ea8ef1993a7dba6c36cac98ed728cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"276257d-3a49-5dc7ff3d5e79c-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3757
wcff-client.css
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/css/wcff-client.css?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
e4545784dddbbc427d64f230d0f1bd4caf69f0b640a04528efbc26af178cf329

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"276257e-162e-5dc7ff3d61295-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1424
jquery.blockUI.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:05 GMT
server
Apache
etag
"28024f0-253d-5dc7fe9d9e621-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3248
add-to-cart.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:04 GMT
server
Apache
etag
"28024a8-bdd-5dc7fe9bda799-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
974
single-product.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
c799cc52f81045dc282c29f1f879d9f889e9789d9c35ce569aa3e5e3e7323834

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:03 GMT
server
Apache
etag
"28024a2-18d8-5dc7fe9bd0b59-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1714
js.cookie.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:05 GMT
server
Apache
etag
"28024d1-72a-5dc7fe9d4b216-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
900
woocommerce.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:04 GMT
server
Apache
etag
"28024b7-85b-5dc7fe9bf16ca-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
679
cart-fragments.min.js
legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:04 GMT
server
Apache
etag
"28024b3-b7a-5dc7fe9bec8aa-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
935
button.js
legionclaims.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/ 		178 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=1.7.1
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
422dd5b16fbf6d9e1c6e6b671cf3f242c3abc19700eb0d08a45e8363532d7b8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:27:20 GMT
server
Apache
etag
"2762484-2c926-5dc7feab9a00b-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
43957
core.min.js
legionclaims.com/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:48:55 GMT
server
Apache
etag
"2600220-50eb-5dfcd1d3b09cb-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6646
datepicker.min.js
legionclaims.com/wp-includes/js/jquery/ui/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 25 May 2022 02:48:55 GMT
server
Apache
etag
"2600223-8f87-5dfcd1d3b82e3-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10520
jquery-ui-i18n.min.js
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/jquery-ui-i18n.min.js?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
0a0551a52e2be30b1992da4142ffe9b3918525e1c5cac4c9340e1267fa5e84d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760ce4-db78-5dc7ff3d4592c-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
12112
jquery-ui-timepicker-addon.min.js
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/jquery-ui-timepicker-addon.min.js?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
671840401199ba202404ba746f8994827c2e6e1eb808895f15f6461db2399cd0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760ce2-a076-5dc7ff3d3f39b-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
10403
spectrum.js
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/ 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/spectrum.js?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
9047b230bcb624dcf50430c60ba068e8f8ece27f89f82b18001e0fc4f23c70e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760ce3-134b2-5dc7ff3d4227c-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
17476
wcff-client.js
legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/plugins/wc-fields-factory/assets/js/wcff-client.js?ver=6.0
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
04eb11e3a6e9ef497df368315a44202444566cbc0868c2aa79b8e95af174f710

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 13 Apr 2022 02:29:53 GMT
server
Apache
etag
"2760ce1-6ca5-5dc7ff3d3c8a3-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6626
avia-footer-scripts-a43fc1a5f77dde55c129280aff8459bd---6217cd8d133f6.js
legionclaims.com/wp-content/uploads/dynamic_avia/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/uploads/dynamic_avia/avia-footer-scripts-a43fc1a5f77dde55c129280aff8459bd---6217cd8d133f6.js
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
151ba15a4d9514d7a87f5df2d41428d2b4dff3153f20a72be4effa9ae87127c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 18:25:17 GMT
server
Apache
etag
"26c233b-21c38-5d8c7b435ee4b-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
37977
widget.js
connect.podium.com/ 		585 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/widget.js
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25f57a066741aee75a57d5129aab50905e840138113e902d437d7c5b2f4fa5e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:36:14 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 20:45:50 GMT
server
AmazonS3
age
1815
etag
"02418e5a36e5667a9c5003a6c582ac10"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C1
content-length
174762
x-amz-cf-id
Du658iYKM2sZqRtFhLa2Jcp_IB7JDvOTAPyfqH3nHcc9SLMhaMyBfQ==
entypo-fontello.woff2
legionclaims.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff2
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e

Request headers

Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Origin
https://legionclaims.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
last-modified
Wed, 05 Jan 2022 14:46:15 GMT
server
Apache
etag
"262159f-9934-5d4d6d0d9ed61-br"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
content-length
39224
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://legionclaims.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:32:38 GMT
x-content-type-options
nosniff
age
599630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 19:32:38 GMT
Residential-Light-Commercial-Scoping-logo_final-300x300.jpg
legionclaims.com/wp-content/uploads/2022/04/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legionclaims.com/wp-content/uploads/2022/04/Residential-Light-Commercial-Scoping-logo_final-300x300.jpg
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
abc30459b256fdd232dc3bb72a8eed06822ff0afe74beef860badf877328986b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
last-modified
Wed, 06 Apr 2022 00:11:28 GMT
server
Apache
accept-ranges
bytes
etag
"26c058c-bf3f-5dbf133f65f5b"
content-length
48959
content-type
image/jpeg
Virtual-Instructor-Led-Training-1-300x300.png
legionclaims.com/wp-content/uploads/2022/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legionclaims.com/wp-content/uploads/2022/03/Virtual-Instructor-Led-Training-1-300x300.png
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache /
Resource Hash
d6b28ecc3c00665e49bc043616cecee947520fbc83dc7516bf558750ac0d99bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
last-modified
Fri, 04 Mar 2022 19:03:05 GMT
server
Apache
accept-ranges
bytes
etag
"26c2944-4133-5d9692a1fe386"
content-length
16691
content-type
image/png
js
www.paypal.com/sdk/ 		426 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AXItbz9VV8fKqgUvO2lSASDyep497Mw9OGqD4QAbyIdQD1oNuLqjU8NoB2Ytsb3HoT__U1QVPydlo1IE&currency=USD&integration-date=2021-09-17&components=buttons,messages&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
Requested by
Host:
URL: webpack-internal:///210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b922670c83ca93075f549c44fa9af5527c8833538922c8480b60a59ded96e824
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-aL8o/uVcFnpFLzr+3b+KD6nlVPip+qx5IAC/1XsJb3Ks0AUd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aL8o/uVcFnpFLzr+3b+KD6nlVPip+qx5IAC/1XsJb3Ks0AUd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-aL8o/uVcFnpFLzr+3b+KD6nlVPip+qx5IAC/1XsJb3Ks0AUd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aL8o/uVcFnpFLzr+3b+KD6nlVPip+qx5IAC/1XsJb3Ks0AUd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
315
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f687066fb2414
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
129271
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200076-IAD, cache-ewr18164-EWR
x-timer
S1654711589.977258,VS0,VE3
x-frame-options
SAMEORIGIN
date
Wed, 08 Jun 2022 18:06:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"1f8f7-fCqDEcQ1ov1VoHdLC8yQsRrcbSk"
accept-ranges
bytes
x-cache-hits
1, 1
/
legionclaims.com/ 		276 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache / PHP/7.4.29
Resource Hash
bc2fdb7a1237de6e8cb80b9a3eb10c10c74fe9bf91ba4291f1836348b661a6c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
Apache
x-powered-by
PHP/7.4.29
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://legionclaims.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
155
expires
Wed, 11 Jan 1984 05:00:00 GMT
graphql
mind-flayer.podium.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://legionclaims.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
date
Wed, 08 Jun 2022 18:06:28 GMT
server
Cowboy
vary
origin
x-request-id
Fva3bGOBM0RP5nlfNlpC
graphql
mind-flayer.podium.com// 		61 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
726601f55a0406989566af2c2b1e5f74ea87c901593ebb12c8d0e9fe1d32b114

Request headers

Accept
application/json
Referer
https://legionclaims.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
61
x-request-id
Fva3bGi_6z1C4tWCpR6h
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=legionclaims.com&t=xo&v=5.0.317&source=payments_sdk&client_id=AXItbz9VV8fKqgUvO2lSASDyep497Mw9OGqD4QAbyIdQD1oNuLqjU8NoB2Ytsb3HoT__U1QVPydlo1IE&comp=buttons,messages&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AXItbz9VV8fKqgUvO2lSASDyep497Mw9OGqD4QAbyIdQD1oNuLqjU8NoB2Ytsb3HoT__U1QVPydlo1IE&currency=USD&integration-date=2021-09-17&components=buttons,messages&vault=false&commit=false&intent=capture&disable-funding=card&enable-funding=venmo,paylater
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cf6e3efe6e8bd8b5b89e3082159605a741de1de58860122675d3aac7bbf4095
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-W5dh5oPv5dT0HTW6vlFllkX05I50lzxaXCZdjYP3OfVH4Qhc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-W5dh5oPv5dT0HTW6vlFllkX05I50lzxaXCZdjYP3OfVH4Qhc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
82091
x-cache
HIT, HIT
paypal-debug-id
f852198839f68
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4765
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100104-IAD, cache-ewr18164-EWR
x-timer
S1654711589.031724,VS0,VE2
x-frame-options
SAMEORIGIN
date
Wed, 08 Jun 2022 18:06:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"355d-ZXUrEzWoUumj0bSKOOuYgDz4FyQ"
accept-ranges
bytes
x-cache-hits
1, 1
admin-ajax.php
legionclaims.com/wp-admin/ 		83 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://legionclaims.com/wp-admin/admin-ajax.php
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.24.236 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-24-236.ip.secureserver.net
Software
Apache / PHP/7.4.29
Resource Hash
5c88ad127ac592bad33f26aa64b4ed58f410891a9587689c1313a2d775b50639
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 08 Jun 2022 18:06:29 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
server
Apache
x-powered-by
PHP/7.4.29
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://legionclaims.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
vary
Accept-Encoding
content-length
71
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=legionclaims.com&t=xo&v=5.0.317&source=payments_sdk&client_id=AXItbz9VV8fKqgUvO2lSASDyep497Mw9OGqD4QAbyIdQD1oNuLqjU8NoB2Ytsb3HoT__U1QVPydlo1IE&comp=buttons,messages&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79B8) /
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 18:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
d54cca4485d83
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
16464
last-modified
Tue, 03 May 2022 17:28:29 GMT
server
ECAcc (nya/79B8)
etag
"6271663d-da91"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 08 Jun 2022 19:06:29 GMT
ts
t.paypal.com/ 		42 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3APBAXV89BNSJKW-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3APBAXV89BNSJKW-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5f6225b8-cd7a-4ebf-8263-6412c6a6069e&fltp=analytics&mrid=PBAXV89BNSJKW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Xactimate%20Training%20%26%20Certification%20%7C%20Level%201%20%26%202%20%7C%20Myrtle%20Beach%2C%20SC%20%7C%205%20Day%20-%20Live%20Classroom%20Event%20%7C%20May%2016th%20-%2020th%20-%20Legion%20Claims%20Solutions&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1654711589049&g=0&completeurl=https%3A%2F%2Flegionclaims.com%2Fproduct%2Fxactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th%2F
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7DA2) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 18:06:29 GMT
content-type
image/gif
server
ECAcc (daa/7DA2)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
7fc9dd21add9a
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=80
timing-allow-origin
*
content-length
42
expires
Wed, 08 Jun 2022 18:06:29 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame E9A3 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78F4) /
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://legionclaims.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Wed, 08 Jun 2022 18:06:29 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"6271663d-d994"
expires
Wed, 08 Jun 2022 19:06:29 GMT
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
13c2ee984ae62
server
ECAcc (nya/78F4)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3APBAXV89BNSJKW-1&page=muse%3Aoffer%3A%3A%3APBAXV89BNSJKW-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=5f6225b8-cd7a-4ebf-8263-6412c6a6069e&es=visitorInfoFlowStarted&mrid=PBAXV89BNSJKW&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Xactimate%20Training%20%26%20Certification%20%7C%20Level%201%20%26%202%20%7C%20Myrtle%20Beach%2C%20SC%20%7C%205%20Day%20-%20Live%20Classroom%20Event%20%7C%20May%2016th%20-%2020th%20-%20Legion%20Claims%20Solutions&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1654711589191&g=0&completeurl=https%3A%2F%2Flegionclaims.com%2Fproduct%2Fxactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th%2F
Requested by
Host: legionclaims.com
URL: https://legionclaims.com/product/xactimate-training-certification-level-1-2-myrtle-beach-sc-5-day-live-classroom-event-may-16th-20th/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D16) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Jun 2022 18:06:29 GMT
content-type
image/gif
server
ECAcc (daa/7D16)
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
70dd3edcc4a03
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=77
timing-allow-origin
*
content-length
42
expires
Wed, 08 Jun 2022 18:06:29 GMT
graphql
www.paypal.com/targeting/ Frame E9A3 		434 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
db3d5edaab403f3b71ea32d28a6c591a0e16b6e9839768a93c2e76e886f0d030
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-iKV6JMFmm/4fAHU6/oZtIV99Xy9vtXee/qkN6e3ADroj7xc/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-iKV6JMFmm/4fAHU6/oZtIV99Xy9vtXee/qkN6e3ADroj7xc/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
x-cache
MISS, MISS
paypal-debug-id
f464972c4cbd0
date
Wed, 08 Jun 2022 18:06:29 GMT
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000040-IAD, cache-ewr18164-EWR
x-timer
S1654711589.308932,VS0,VE152
x-frame-options
SAMEORIGIN
etag
W/W/"1b2-PNAvGnYMJ96hBjn/bL6Uk7qg+Vk"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
content-encoding
br
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 08 Jun 2022 18:06:29 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f464972e69e4b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-iad-kiad7000023-IAD, cache-ewr18181-EWR
x-timer
S1654711589.206923,VS0,VE97
logger
www.paypal.com/xoplatform/logger/api/ 		1014 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bca7bd3c17dea6d82b902e40707a1be2588af7bf74a2789df678f60fb16f2c88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://legionclaims.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type
application/json

Response headers

date
Wed, 08 Jun 2022 18:06:29 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f4649729d73ad
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100159-IAD, cache-ewr18181-EWR
x-timer
S1654711589.425098,VS0,VE93
etag
W/W/"3f6-65cBrm98GHXMydvmV+MKPPLzZc8"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://legionclaims.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://legionclaims.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Wed, 08 Jun 2022 18:06:29 GMT
dc
ccg11-origin-www-1.paypal.com
paypal-debug-id
f464972bf8930
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kcgs7200045-IAD, cache-ewr18181-EWR
x-timer
S1654711589.329674,VS0,VE88
graphql
mind-flayer.podium.com// 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
6c41b159e1119403a8d235363c05f6125cd8c8781bcf44d5678a2331f9ce013c

Request headers

Accept
application/json
Referer
https://legionclaims.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 18:06:29 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2384
x-request-id
Fva3bHP4p6KD2ctEWP8j
graphql
mind-flayer.podium.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://legionclaims.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
date
Wed, 08 Jun 2022 18:06:28 GMT
server
Cowboy
vary
origin
x-request-id
Fva3bG63tx45r9t3ci8D
graphql
mind-flayer.podium.com// 		36 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept
application/json
Referer
https://legionclaims.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 18:06:28 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-request-id
Fva3bH-yqQEiAYJ0nM1B
graphql
mind-flayer.podium.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://legionclaims.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
date
Wed, 08 Jun 2022 18:06:28 GMT
server
Cowboy
vary
origin
x-request-id
Fva3bHprliLGmLJ8lZIi
styles.css
connect.podium.com/ Frame 0F3C 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
602955e26e84a601ff3a877e6f68ef91c201221e3f856aa407481c822b47a408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:45:54 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 20:45:50 GMT
server
AmazonS3
age
1236
etag
"020f95fbfea1ca0454c17db4fcf1d61f"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C1
content-length
9644
x-amz-cf-id
ZY8Zyzt3MJ4m0EdHv8XohayU8bgj9lSzYfkBoJiz0Scue584tQFefw==
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame 0F3C 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://legionclaims.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 20:47:52 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers
age
681518
x-cache
Hit from cloudfront
content-length
30548
last-modified
Tue, 31 May 2022 20:45:49 GMT
server
AmazonS3
etag
"c28f8beb02447597a13d138680f42e65"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
HQ1WaE3L5OO7cKVRf61ZO5x80W0JCIkecs92HzFfpXS4pGyXyCwg1Q==
graphql
mind-flayer.podium.com// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://legionclaims.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
access-control-allow-credentials
true
access-control-allow-headers
accept, content-type, authorization, socket-id, origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
date
Wed, 08 Jun 2022 18:06:30 GMT
server
Cowboy
vary
origin
x-request-id
Fva3bPPiCzlR3zxvrAIC
graphql
mind-flayer.podium.com// 		36 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mind-flayer.podium.com//graphql
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.91.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-91-240.us-west-2.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept
application/json
Referer
https://legionclaims.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 08 Jun 2022 18:06:31 GMT
server
Cowboy
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://legionclaims.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
36
x-request-id
Fva3bPlE0j6FCQh62SrD
styles.css
connect.podium.com/ Frame DDF7 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/styles.css
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
602955e26e84a601ff3a877e6f68ef91c201221e3f856aa407481c822b47a408

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 17:45:54 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 20:45:50 GMT
server
AmazonS3
age
1238
etag
"020f95fbfea1ca0454c17db4fcf1d61f"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 96b6c9282feceea8aa00c25902322bb6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C1
content-length
9644
x-amz-cf-id
aNW1wzBnjRX884_kJzS9jQDzrqljRoCIqZkRvgiTrpMvP94oVeYccQ==
defaultWebchatAvatar.png
assets.podium.com/images/ Frame DDF7 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.podium.com/images/defaultWebchatAvatar.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:4800:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db585eb5c801b8b204ecfe784e0e88909c9d7b786eda2da3a241626a0ddab3ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://legionclaims.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
jM1McgwshToFSgklAtoTVvNVAuBAF0yb
via
1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
last-modified
Fri, 13 Nov 2020 23:37:08 GMT
server
AmazonS3
age
30360
etag
"8895c7d45471a375920d103559b27722"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
date
Wed, 08 Jun 2022 09:40:38 GMT
x-amz-cf-pop
EWR53-C1
content-length
23003
x-amz-cf-id
cS0Z6CKCjrVEGv0othDBtufKaJnpLn-Szd0Zv_ZiQygGLHh7XZZO-g==
d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame DDF7 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://legionclaims.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 20:47:54 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers
age
681518
x-cache
Hit from cloudfront
content-length
34640
last-modified
Tue, 31 May 2022 20:45:49 GMT
server
AmazonS3
etag
"1d077eb2f892e7f968f043b40b6ae557"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
DH_By_d4T21lowmIfDCSyNf1YVGJt9XhsmTZmCezcGyNy93P2y458A==
434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame DDF7 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by
Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Referer
https://connect.podium.com/styles.css
Origin
https://legionclaims.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 20:47:52 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers
age
681520
x-cache
Hit from cloudfront
content-length
30548
last-modified
Tue, 31 May 2022 20:45:49 GMT
server
AmazonS3
etag
"c28f8beb02447597a13d138680f42e65"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
qcLTKfEsgYKohItIXM_vrKO3dDta8u2pfYnrOqgpWGFXSW-NjJM2_A==

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| wccpf_opt boolean| avia_is_mobile object| avia_framework_globals object| wc_add_to_cart_params object| wc_single_product_params function| Cookies object| woocommerce_params object| wc_cart_fragments_params object| PayPalCommerceGateway object| twemoji object| wp function| tinycolor function| avia_cart_dropdown_changed function| update_cart_dropdown object| avia_clicked_product function| track_ajax_add_to_cart function| first_load_amount function| product_add_to_cart_click function| cart_improvement_functions function| cart_dropdown_improvement function| Froogaloop function| Waypoint function| onYouTubeIframeAPIReady function| $f object| webpackChunkdemogorgon object| __SENTRY__ object| regeneratorRuntime boolean| podiumWebsiteWidgetLoaded object| PodiumWebChat object| __post_robot_11_0_0___uid_lhzrsuzbblzhumkceqnthfqofjkqtp object| paypal object| __zoid_10_1_0___uid_lhzrsuzbblzhumkceqnthfqofjkqtp object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

9 Cookies

Domain/Path Name / Value
.paypal.com/ Name: ts_c
Value: vr%3D447f19741810aa598c11ab19ffffffff%26vt%3D447f19741810aa598c11ab19fffffffe
.paypal.com/ Name: enforce_policy
Value: ccpa
.paypal.com/ Name: LANG
Value: en_US%3BUS
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY1NDcxMTU4OTQyMSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: targetingnodeweb
www.paypal.com/ Name: nsid
Value: s%3AIovev5p_iGVzqNfUkwatyGGDbCmYZviS.9pen5PmOPrSdRnJ1Xaa115gtH%2BLBTSdwzwm8b2MfEAM
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1749405989%26vteXpYrS%3D1654713389%26vr%3D447f19741810aa598c11ab19ffffffff%26vt%3D447f19741810aa598c11ab19fffffffe%26vtyp%3D
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.podium.com
connect.podium.com
fonts.googleapis.com
fonts.gstatic.com
gardyloo.contact
legionclaims.com
mind-flayer.podium.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
107.180.24.236
151.101.193.21
192.229.210.155
2001:4860:4802:32::15
2600:9000:21da:2600:1a:3af:f5c0:93a1
2600:9000:21da:4800:1f:7c97:a480:93a1
2607:f8b0:4006:806::200a
2607:f8b0:4006:80c::2003
52.35.91.240
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04eb11e3a6e9ef497df368315a44202444566cbc0868c2aa79b8e95af174f710
0a0551a52e2be30b1992da4142ffe9b3918525e1c5cac4c9340e1267fa5e84d4
0cf6e3efe6e8bd8b5b89e3082159605a741de1de58860122675d3aac7bbf4095
151ba15a4d9514d7a87f5df2d41428d2b4dff3153f20a72be4effa9ae87127c7
1710af53ef0a3039d3e2c46878bb01f456c7986acf6a1c9120fa0980b8bb1fff
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
25f57a066741aee75a57d5129aab50905e840138113e902d437d7c5b2f4fa5e8
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
3393d31a76629a035be258bca69e221fcb8b05f2119cbd373c6d35966f3b73ac
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
422dd5b16fbf6d9e1c6e6b671cf3f242c3abc19700eb0d08a45e8363532d7b8d
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c88ad127ac592bad33f26aa64b4ed58f410891a9587689c1313a2d775b50639
602955e26e84a601ff3a877e6f68ef91c201221e3f856aa407481c822b47a408
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
671840401199ba202404ba746f8994827c2e6e1eb808895f15f6461db2399cd0
6c41b159e1119403a8d235363c05f6125cd8c8781bcf44d5678a2331f9ce013c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
726601f55a0406989566af2c2b1e5f74ea87c901593ebb12c8d0e9fe1d32b114
7f260ff280b2e54e84e6f9c2790da49cc9abadc457b77d1df4dea121a8c8ab6e
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
9047b230bcb624dcf50430c60ba068e8f8ece27f89f82b18001e0fc4f23c70e3
a0a60e8c494afdfa991a1da23caaca1344306a45b643f6f033a9ba818064dd72
a16126f4cfb8aa52abb2c0b12e588c84708da95e2426e16477dd8f42b61b96f4
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
abc30459b256fdd232dc3bb72a8eed06822ff0afe74beef860badf877328986b
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
b922670c83ca93075f549c44fa9af5527c8833538922c8480b60a59ded96e824
bc2fdb7a1237de6e8cb80b9a3eb10c10c74fe9bf91ba4291f1836348b661a6c4
bca7bd3c17dea6d82b902e40707a1be2588af7bf74a2789df678f60fb16f2c88
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf11fa686f1e257fbca3cc6c5a5fd5459c929063d9e3ccd98d7b523edc37b351
c4b9fc9c377a47825f714674fc9ce366fda9c3da2b2c8df980e01e25235b5a82
c799cc52f81045dc282c29f1f879d9f889e9789d9c35ce569aa3e5e3e7323834
c7e4663d553dfc3824ac066b8d63bcba91ea8ef1993a7dba6c36cac98ed728cf
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d6b28ecc3c00665e49bc043616cecee947520fbc83dc7516bf558750ac0d99bb
d6ce2ab031cc4a7994ff8cde22a8a9d0b94f5ac0281c210ae4f5d5b518f0bd97
db3d5edaab403f3b71ea32d28a6c591a0e16b6e9839768a93c2e76e886f0d030
db585eb5c801b8b204ecfe784e0e88909c9d7b786eda2da3a241626a0ddab3ab
e03af8182fa6236495864237a24c1e3b2096839cd9d1d28121899afa8015dc1f
e4545784dddbbc427d64f230d0f1bd4caf69f0b640a04528efbc26af178cf329
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
f32096f6c0a9d6575963569930dad65338c52a2aca6ac6555de7abd188e2c27e