urlscan.io logo urlscan.io
SecurityTrails logo

www.prepaidlegal.site Open in urlscan Pro
2606:4700:3030::ac43:932e  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.prepaidlegal.site/
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3030::ac43:932e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prepaidlegal.site.
TLS certificate: Issued by WE1 on October 27th 2024. Valid for: 3 months.
This is the only time www.prepaidlegal.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
19 172.253.122.156 15169 (GOOGLE)
1 2600:9000:27d... 16509 (AMAZON-02)
2 64.233.180.155 15169 (GOOGLE)
1 142.250.31.155 15169 (GOOGLE)
1 172.67.147.46 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.167.105 15169 (GOOGLE)
29 9
1    2606:4700:3030::ac43:932e (United States)

ASN13335 (CLOUDFLARENET, US)
www.prepaidlegal.site
19    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
pagead2.googlesyndication.com
1    2600:9000:27d1:9000:12:548e:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.newamericanfunding.com
2    64.233.180.155 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f155.1e100.net
googleads.g.doubleclick.net
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
ep1.adtrafficquality.google
1    172.67.147.46 (United States)

ASN13335 (CLOUDFLARENET, US)
www.prepaidlegal.site
2    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.251.167.105 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1 MB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 prepaidlegal.site
www.prepaidlegal.site
6 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 newamericanfunding.com
assets.newamericanfunding.com — Cisco Umbrella Rank: 717641
114 KB
29 6
Domain Requested by
19 pagead2.googlesyndication.com www.prepaidlegal.site
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.prepaidlegal.site
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 assets.newamericanfunding.com www.prepaidlegal.site
29 7

This site contains links to these domains. Also see Links.

Domain
prepaidlegal.site
Subject Issuer Validity Valid
prepaidlegal.site
WE1		 2024-10-27 -
2025-01-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
assets.newamericanfunding.com
Amazon RSA 2048 M02		 2024-10-09 -
2025-11-08		 a year crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.prepaidlegal.site/
Frame ID: 760D27FA5B57E95114B6BB75A00B9D5C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: F470B1F2FA2F5F513013796AF0254D5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8259834393564454&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733232225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fwww.prepaidlegal.site%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733232224908&bpp=8&bdt=420&idt=590&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7814045767701&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C42532524%2C95347444%2C31089116%2C95345967%2C95347756&oid=2&pvsid=4492565712839540&tmod=1121405413&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=629
Frame ID: 3E5CB7870D70FF31775A856ED2E1F62D
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 18737997D057A9A93BBB2AA09DA31466
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A477B12AF80D6709A461AC970227B512
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Instant approval. Pre-approved loans from... prepaidlegal.site

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

29
Requests

97 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

9
IPs

1
Countries

1221 kB
Transfer

3403 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.prepaidlegal.site/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prepaidlegal.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:932e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee94466034b5bb1bff5c1b9b16654ad96841225b28f1fff3d2027487267d35e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec3df77fa9c21c7-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 13:23:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jn46WJEuWMDsfCEdAz7zneIuGVU1kra%2FjeqrTeS41qoxVnwVS20Vq7KJhr%2FbDWqqh30t02y2c3Py2YsCyQxt4LkjqG65HyTj0RHAWisnIIpSK9CmMgHTZTdSP4hT8SrAAj%2BJa%2F1jDyQe1xFGyw94Tw5d%2F6E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=31375&min_rtt=30944&rtt_var=5304&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3944&recv_bytes=2292&delivery_rate=125342&cwnd=254&unsent_bytes=0&cid=2f2869d94ec36d52&ts=386&x=0"
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8259834393564454
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
e76628e856bdb64dc5aef2ab4b6a57c11dfa67c82c6ef725f90ee54c77dd79a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
17705311867192543984
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53318
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1077294764878126
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
3dc05549140a274cceb65997fb90c731c4ec88cfb2920a3a2f590043d0987b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
10180023796838052054
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53318
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6951803154856964
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
712dd19d4d0adac0885da1dbb160a99ba9c93049d7f13d96360dddf0ce33f0de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
11387608109838337115
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53318
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4453022744219903
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
af4104d8617cf6346b9296b4451b922b202405162c7c1fde0d041fbae07da4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
5619386975023798726
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53318
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9335998131201203
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
3f6ef8d57da6097976d71a558d749ad6cc993ba5605f5fd8d63af9380310691a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
9326443141681911863
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7503998300948903
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
d6a4042e927d8852d872e6e20ea4b4e48bd5ca6313a70f48ad88f9d96d0c0ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
18426555831091288061
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53319
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8149417507656475
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
cd774b1fb17ac300d3b3525b2e4bd4bd4054d8da4a5963c5270bb4c8d908e4b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
2300537671192460221
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53304
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1818706808955302
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1b68a99debac41bdc5c0cf5125c076698e7ab03fddc01caecfa3c6dd48228fc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
6584646096667398266
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53319
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1186159937786684
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
fdcccb352db7e872098004fe113a331b2f8dc9f24bfe821ab4f64acd88920db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
17869320078415859018
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1648991198522009
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1fb7ae3b5da24a7b9c8558966b2296541f83fa289ceb4c33867a50b56d8447a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
6789992501103658380
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4054754593373641
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
58c79991106e081aa807e74ea3c3d1805cfa27ee3a3afc5dedf365e6e017cd76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
3974159444258565235
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5516924106891393
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
c6c85f13a0fa4b4d1b8148a5c457eb7be7a33a7be41c50c12d5a677283aeb37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
11188628647065624172
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53321
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7596226271240225
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
252002b8cf68d1ffc67f91e45288e2453bd97cc6b0f7ded4f41589c3bc385310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
9997512523611311351
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53304
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8358568150207971
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
ba0aa6a387ced9173fe4002af563c45a81aef27d4b33f26c26752036fd850b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
9448367558643479773
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53307
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1350728971255481
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
815f3bf72be39e3ee32eecedee7714696ac8d71d6e42e996ed41831f558d5ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
10388320145852722361
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8277877388207446
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
9ef675e44eda7f54cf7d51738484e771bc14a40283f8f8b6f71a7501cfc3858a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
5645302217316315720
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53304
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6635403951593394
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
104152c537ec8aed5a9e374f111dc975e40770ebb6deaf7afe89c301f5a74571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
9465054669836674536
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53311
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6811366057759848
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
04a5c152895cf7a7a561e176a9dad0ccea1bbe2258fce9f24779bcb99b491f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.prepaidlegal.site
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
7575504938553604114
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53305
x-xss-protection
0
server
cafe
how-to-get-pre-approved-for-a-home-loan-og.jpg
assets.newamericanfunding.com/media/4322/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.newamericanfunding.com/media/4322/how-to-get-pre-approved-for-a-home-loan-og.jpg
Requested by
Host: www.prepaidlegal.site
URL: https://www.prepaidlegal.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27d1:9000:12:548e:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
492d52c4b233c3ed1ecb7392dc6ac5cc682ece3043d86aa646340b2c4a6c16ea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.prepaidlegal.site/

Response headers

etag
"229b35ccf30f979f2fbe39521630f1db"
x-amz-version-id
KoFiZUo_sgphualJ83.TZHVykhc3ERKb
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
i5lmSujYhQsvT6MYiA6PCLVbLUTzOKw1BHoP7DuUGQIikJMTTn_sMA==
date
Tue, 03 Dec 2024 13:23:45 GMT
content-type
image/jpeg
last-modified
Fri, 10 Jan 2020 17:26:51 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-security-policy
default-src 'self'; img-src 'self' 'unsafe-inline' naf-emails.s3.amazonaws.com s3.amazonaws.com; style-src 'self' 'unsafe-inline'
cache-control
max-age=0
referrer-policy
same-origin
via
1.1 fe187ea749e98273cf22180445286f22.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
116131
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD55-P8
server
AmazonS3
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6951803154856964
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f156.1e100.net
Software
cafe /
Resource Hash
1926fb151eff14a804c23a6bb9b400dcd576ed5052725cb21cd4052c422a62a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
br
etag
4908239681963831154
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Dec 2024 13:23:44 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147420
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame F470 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prepaidlegal.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
5861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 11:46:05 GMT
etag
17661348622971093804
expires
Tue, 17 Dec 2024 11:46:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8259834393564454&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733232225&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x810_l%7C140x810_r&format=0x0&url=https%3A%2F%2Fwww.prepaidlegal.site%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733232224908&bpp=8&bdt=420&idt=590&shv=r20241120&mjsv=m202411180101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7814045767701&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C42532524%2C95347444%2C31089116%2C95345967%2C95347756&oid=2&pvsid=4492565712839540&tmod=1121405413&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=629
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prepaidlegal.site/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 13:23:46 GMT
expires
Tue, 03 Dec 2024 13:23:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
6b69ae15eb47e7a350bdd9942ba75cf2a92f4b031c5cae9546c2910e8270c09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.prepaidlegal.site/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12978
date
Tue, 03 Dec 2024 13:23:46 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
www.prepaidlegal.site/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.prepaidlegal.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683e65a6fce0c911c4b1f07b15cc10346321a27c4c0d0a6bd6cdac15f89d8610

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.prepaidlegal.site/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"640d448b-57e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYZIw4Z3XFPDYqIJVilJCsMFiklkty5ZcvvJO6pZoLP1zAOkzPi3FZhf3ASC2pxnpSb4HJWZTBfnYg8ZQmf4grrgooqYekUfu%2BP4LUyBiEa3LVgjYHAzjZ%2B%2BOf09Gt17Hxm2UY00sxE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec3df85685f67b1-MIA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30350&min_rtt=29758&rtt_var=5248&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4226&recv_bytes=4503&delivery_rate=498&cwnd=12000&unsent_bytes=0&cid=2ee323281bca51cf&ts=1952&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 13:23:46 GMT
content-type
image/x-icon
last-modified
Sun, 12 Mar 2023 03:18:35 GMT
vary
Accept-Encoding
priority
u=1,i
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411180101/show_ads_impl_fy2021.js?bust=31089116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.prepaidlegal.site/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 13:23:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:23:46 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1873 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prepaidlegal.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 13:11:14 GMT
expires
Tue, 03 Dec 2024 14:01:14 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A477 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9dXBL7D2c3Ca_KYj0KN71Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.prepaidlegal.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9dXBL7D2c3Ca_KYj0KN71Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 13:23:46 GMT
expires
Tue, 03 Dec 2024 13:23:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=4492565712839540&bg=!OTqlOnXNAAaIaF9IqGg7ADQBe5WfODhqL0GHOs0rAZr0-arUKUKUE6W45DPsgwZE5FDKEgJpgXukrtK-O9aIso124v1nAgAAAGFSAAAABWgBB34ANhKdX8FXQQ3XXMY2wCaSHgerAcxrES6RUcoGXpJMxR8HGHAikLbf4Qwk9HtYaC_hAlxgQzIUHQoAJ0O6de_gdgIkg4A6ax3b6EVsKY65mGlDEQCofM9N4TwZmJ43fH2xMpkCpHDz_O7XBZsQtiKxnUISBox-Kn5jXsCwPIhXJRLByqTGgOeZlAQgNkWoMp8uh0NdjBVOdltoiS3Yfc4knVTcJcW-iGzXcGBRdG09Dd0jK4GX-DC83D9EZwby8z_LlrvEorpMvxchb8Dvm6Y77BGXy4J8zEmf1fCruol8DM4wmoMDZAJ0aggd9ylgQLJw7VrbelBVw26LPnt1K_K0Ix25bhtnnvmrMOlFI-ySEcGOKPO4sdQW-_vgtZ0aSioprg-gM6YdfG1elDPyp03jnJ8nEIuj7IVUOOpX6KQGgexQZi_wrvmCfeWVOaorUSTzOxizy4bSpd62vnhLU5-niE3OucLMCk5eoiJcUeOnrrF0PYJqvWY6HzzP7YXk-1UPezbVXK95aP1jzvUvgQyNrSdtIexM7qQ7JaaI6Dr2_i8vFtvvNqPwNxShoPSjTHx8OeNVINQH5_zfhEacOxrz_3oZJKi-pRMszmtRkyewJgMH1v_joFz_lz7Fg7SvVXicJkx4dElej2qo9H7spJUlP2xlgI1viaCjTZLYS1ziItKor25uHEXnqO3ZPWoMPZSUc7u44yEaLZkxYm42ovQ271nB_TX4pYOFP8-vaefDm3rlMSA1-YYjA-WlxkWbXKaa4x-wp0CNBiyRy7A1syi5BcLp1F_hiGQNILA6-gW2Jzbbj_-dHEzXKu68Desh7lrHnAUwA7XBen7XRsKTfTbfr_qmuLMQ3L1IGutcHU1HBNrQXNtIv7OeGOVrDROAVfhhzT-23W0rk_4JQofB_z2pzlZWewscKLecMyiNGJ4NJOBJE4RwEM3ICo4HKstEmnHEQJzxbS-8x9blllAJHiLXh4K1WgAbt9dGvloOZPFWNRP5a7-w7VP6Khq1mc5gWReveNbdmJZAmGM

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.newamericanfunding.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google.com
www.prepaidlegal.site
ep1.adtrafficquality.google
142.250.31.155
142.251.167.105
172.253.122.156
172.67.147.46
2600:9000:27d1:9000:12:548e:a040:93a1
2606:4700:3030::ac43:932e
2607:f8b0:4004:c1b::84
64.233.180.155
04a5c152895cf7a7a561e176a9dad0ccea1bbe2258fce9f24779bcb99b491f29
104152c537ec8aed5a9e374f111dc975e40770ebb6deaf7afe89c301f5a74571
1926fb151eff14a804c23a6bb9b400dcd576ed5052725cb21cd4052c422a62a6
1b68a99debac41bdc5c0cf5125c076698e7ab03fddc01caecfa3c6dd48228fc0
1fb7ae3b5da24a7b9c8558966b2296541f83fa289ceb4c33867a50b56d8447a7
252002b8cf68d1ffc67f91e45288e2453bd97cc6b0f7ded4f41589c3bc385310
3dc05549140a274cceb65997fb90c731c4ec88cfb2920a3a2f590043d0987b48
3f6ef8d57da6097976d71a558d749ad6cc993ba5605f5fd8d63af9380310691a
492d52c4b233c3ed1ecb7392dc6ac5cc682ece3043d86aa646340b2c4a6c16ea
58c79991106e081aa807e74ea3c3d1805cfa27ee3a3afc5dedf365e6e017cd76
683e65a6fce0c911c4b1f07b15cc10346321a27c4c0d0a6bd6cdac15f89d8610
6b69ae15eb47e7a350bdd9942ba75cf2a92f4b031c5cae9546c2910e8270c09a
712dd19d4d0adac0885da1dbb160a99ba9c93049d7f13d96360dddf0ce33f0de
815f3bf72be39e3ee32eecedee7714696ac8d71d6e42e996ed41831f558d5ca4
9ef675e44eda7f54cf7d51738484e771bc14a40283f8f8b6f71a7501cfc3858a
af4104d8617cf6346b9296b4451b922b202405162c7c1fde0d041fbae07da4a2
ba0aa6a387ced9173fe4002af563c45a81aef27d4b33f26c26752036fd850b5c
c6c85f13a0fa4b4d1b8148a5c457eb7be7a33a7be41c50c12d5a677283aeb37a
cd774b1fb17ac300d3b3525b2e4bd4bd4054d8da4a5963c5270bb4c8d908e4b4
d6a4042e927d8852d872e6e20ea4b4e48bd5ca6313a70f48ad88f9d96d0c0ef5
dee94466034b5bb1bff5c1b9b16654ad96841225b28f1fff3d2027487267d35e
e76628e856bdb64dc5aef2ab4b6a57c11dfa67c82c6ef725f90ee54c77dd79a7
fdcccb352db7e872098004fe113a331b2f8dc9f24bfe821ab4f64acd88920db8
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99