www.freshfields.com Open in urlscan Pro
2606:4700::6811:7109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.freshfields.com/en-gb/footer/
Submission: On June 25 via api (June 25th 2021, 9:11:21 pm UTC) from CH

Summary HTTP 55 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6811:7109, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.freshfields.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 10th 2020. Valid for: 2 years.

This is the only time www.freshfields.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700::68... 2606:4700::6811:7109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.204.98.112 143.204.98.112	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2	40.114.241.141 40.114.241.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
55	11

18 2606:4700::6811:7109 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.freshfields.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net

sdk.passle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.241.141 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	freshfields.com 1 redirects www.freshfields.com	908 KB
15	cloudflare.com cdnjs.cloudflare.com	90 KB
11	cookielaw.org cdn.cookielaw.org	262 KB
2	visualstudio.com dc.services.visualstudio.com	236 B
2	gstatic.com fonts.gstatic.com	38 KB
2	jquery.com code.jquery.com	96 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
1	passle.net sdk.passle.net	1 KB
1	googleapis.com fonts.googleapis.com	671 B
0	episerver.net Failed dl.episerver.net Failed
55	11

	Domain	Requested by
18	www.freshfields.com	1 redirects www.freshfields.com
15	cdnjs.cloudflare.com	www.freshfields.com code.jquery.com
11	cdn.cookielaw.org	www.freshfields.com cdn.cookielaw.org az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	fonts.gstatic.com	fonts.googleapis.com
2	code.jquery.com	www.freshfields.com
1	az416426.vo.msecnd.net	www.freshfields.com
1	www.googletagmanager.com	www.freshfields.com
1	sdk.passle.net	www.freshfields.com
1	fonts.googleapis.com	www.freshfields.com
0	dl.episerver.net Failed	www.freshfields.com
55	11

This site contains links to these domains. Also see Links.

Domain
www.circularnyc.org
austria.freshfieldscareers.com
belgium.freshfieldscareers.com
france.freshfieldscareers.com
germany.freshfieldscareers.com
italy.freshfieldscareers.com
netherlands.freshfieldscareers.com
russia.freshfieldscareers.com
spain.freshfieldscareers.com
www.freshfields.hk
www.freshfields.de
www.freshfields.jp
www.freshfields.us
twitter.com
www.linkedin.com
www.xing.com
onetrust.com

Subject Issuer	Validity	Valid
www.freshfields.com GlobalSign RSA OV SSL CA 2018	`2020-03-10` - `2022-03-13`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.passle.net Amazon	`2020-09-11` - `2021-10-13`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2021-04-21` - `2022-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.freshfields.com/en-gb/footer/
Frame ID: C552620A9B52D36A69312BE88F5952EC
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.freshfields.com/en-gb/footer HTTP 301
https://www.freshfields.com/en-gb/footer/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

55
Requests

96 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

1469 kB
Transfer

4534 kB
Size

10
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.circularnyc.org/?utm_source=o-homepage%20global&utm_medium=di&utm_campaign=2020Sep-nycc
Title: New York Circular City Initiative report

Search URL Search Domain Scan URL

URL: https://austria.freshfieldscareers.com/
Title: Austria

Search URL Search Domain Scan URL

URL: https://belgium.freshfieldscareers.com/
Title: Belgium

Search URL Search Domain Scan URL

URL: https://france.freshfieldscareers.com/
Title: France

Search URL Search Domain Scan URL

URL: https://germany.freshfieldscareers.com/
Title: Germany

Search URL Search Domain Scan URL

URL: https://italy.freshfieldscareers.com/
Title: Italy

Search URL Search Domain Scan URL

URL: https://netherlands.freshfieldscareers.com/
Title: Netherlands

Search URL Search Domain Scan URL

URL: https://russia.freshfieldscareers.com/
Title: Russia

Search URL Search Domain Scan URL

URL: https://spain.freshfieldscareers.com/
Title: Spain

Search URL Search Domain Scan URL

URL: https://www.freshfields.hk/
Title: Chinese | 汉语/漢語

Search URL Search Domain Scan URL

URL: https://www.freshfields.de/
Title: German | Deutsch

Search URL Search Domain Scan URL

URL: https://www.freshfields.jp/
Title: Japanese | 日本語

Search URL Search Domain Scan URL

URL: https://www.freshfields.us/
Title: US English

Search URL Search Domain Scan URL

URL: http://twitter.com/Freshfields
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/freshfields
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.xing.com/companies/freshfieldsbruckhausderingerllp
Title: Xing

Search URL Search Domain Scan URL

URL: https://www.freshfields.us/page-not-found/
Title: US English

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.freshfields.com/en-gb/footer HTTP 301
https://www.freshfields.com/en-gb/footer/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.freshfields.com/en-gb/footer/
Redirect Chain

https://www.freshfields.com/en-gb/footer
https://www.freshfields.com/en-gb/footer/

135 KB
18 KB

743ms
742ms

Document
text/html

2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

508975803dd9679b085d4cd69f02d3d8aaebf51d1f17f99e876ba78a29d4b436

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.freshfields.com
:scheme: https
:path: /en-gb/footer/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; expires=Fri, 03-Sep-2021 07:51:02 GMT; path=/; secure; HttpOnly ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; path=/; secure; HttpOnly; SameSite=Lax EPi_NumberOfVisits=1,2021-06-25T21:11:02; expires=Sat, 25-Jun-2022 21:11:02 GMT; path=/; secure; HttpOnly
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
access-control-expose-headers: Request-Context
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 0ae69c191000001456dbab0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66512fa1bc191456-FRA
content-encoding: gzip

Redirect headers

date: Fri, 25 Jun 2021 21:11:02 GMT
content-type: text/html; charset=UTF-8
content-length: 164
location: https://www.freshfields.com/en-gb/footer/
set-cookie: TiPMix=72.5175103510346; path=/; HttpOnly; Domain=www.freshfields.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=www.freshfields.com; Max-Age=3600; Secure ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec;Path=/;HttpOnly;Secure;Domain=www.freshfields.com ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.freshfields.com
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
cf-request-id: 0ae69c188f00001456d42c2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66512fa0ea501456-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
671 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 19:39:59 GMT
server: ESF
date: Fri, 25 Jun 2021 21:11:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Jun 2021 21:11:03 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/ 15 KB
2 KB 15ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/css/select2.min.css

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1385852
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1624
cf-request-id: 0ae69c1c1c00003240110aa000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CScgtn8hGQ8W%2F%2FpCO%2Bzl1i6BGE%2FJ4IOi7HnNZrdlN7jxpexxvhDjHoMSizeBVJOVjXZVmyOTTfRmyc8BB%2Bcsg4GiLvMRplRSMO%2F0fnngEASTYdqhnN4qLaE1m6oJ1k6NSXSRbR80%2BSRyLAcumA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa69e033240-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 jquery.mCustomScrollbar.min.css
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/ 42 KB
4 KB 22ms
19ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.css

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3716226
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3359
cf-request-id: 0ae69c1c1c00003240cd8e8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-a757"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lA7oeyCJ1JaK3Bi3RR1LcvV0CBv9xUtpqMKB3u92a1e2CLd8X%2F%2FJZQdHKS9ZAKY5bjjz9u16%2FoS8r4PsRNsDOwkPMPZkraqTWSkzBAfcBYDIKyO%2FVqpOxdQzP7q8srXg0BaQOssbQZLoOn468A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa69e073240-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 16ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 679725
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3980
cf-request-id: 0ae69c1c1c00003240018c3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cGzrW5wpkpdwZ05LHuwfSnGRTsNeGCjeOUYxa%2F6NzZM5RbLIOaYeLtYs2JwjhDMub8kEbGdAel%2FBUnltU9JaQappvj3t%2Fk1LvYxP7Zv%2Ba%2BxPyLXHEKDNLBGQaiGhoKKBafEq%2F4qbpSuqeqeikA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa69e093240-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 jquery-3.0.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 25ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.0.0.min.js
Requested by: Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2016 18:32:50 GMT
server: nginx
etag: W/"5759b652-15145"
vary: Accept-Encoding
x-hw: 1624655463.dop134.fr8.t,1624655463.cds267.fr8.hc,1624655463.cds283.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29995

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 31ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1624655463.dop134.fr8.t,1624655463.cds267.fr8.hc,1624655463.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/ 7 KB
2 KB 15ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/3.1.8/imagesloaded.pkgd.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 787021
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2101
cf-request-id: 0ae69c1c1d00003240ad0db000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-1b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DrTccvLHQvX%2BNsXsYyI68HZgDWPyKzPscBwZk%2BuKDfuSzWLeUNRMbHsxTp5M2pmHUneef%2FeP1Bvl3u7F2LUntJtYbzUUVlW3Ac2WQ%2BjcUsfx1mktGcdG%2BOc4Nupn7CsAiZCBIvCI8Q0HgxlrIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa69e0a3240-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H/1.1 200
OK jquery.passle.js Show response
sdk.passle.net/ 1 KB
1 KB 185ms
98ms Script
application/javascript 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.passle.net/jquery.passle.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-112.fra50.r.cloudfront.net

Software

Resource Hash

c7a996e339a1d62664f8b294df6d31fa435ecec62bbaa8168ffe9f424ebd587e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 21:11:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Jun 2021 13:24:28 GMT
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"0e786cc569d71:0"
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Vary: Accept-Encoding
X-Amz-Cf-Id: 8ruWHKEr-accdJBfTivQq8ray7oS_0p79F0OzavUIdYj1kd5iuqVaA==
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

GET
H2 200 bootstrapcss.css
www.freshfields.com/bundles/ 117 KB
29 KB 42ms
40ms Stylesheet
text/css 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshfields.com/bundles/bootstrapcss.css?v=72E7DeJpgbSuoDvVJZ0bcQ8kObR51x11I0LF8LlKhaE1

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63497a3603515ce8bdf0476eb7a5b33862c5b1075a5c136a9e6b380d679a5ca3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/bootstrapcss.css?v=72E7DeJpgbSuoDvVJZ0bcQ8kObR51x11I0LF8LlKhaE1
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3926789
vary: User-Agent,Accept-Encoding
content-length: 27502
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 May 2021 10:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=27609211
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1c1d000014561a149000000001
accept-ranges: bytes
cf-ray: 66512fa69df91456-FRA
expires: Wed, 11 May 2022 10:24:34 GMT

GET
H2 200 appcss.css
www.freshfields.com/bundles/ 753 KB
89 KB 31ms
30ms Stylesheet
text/css 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf033977370d1e067f28b1bf79ed92205cfcb57c36b209a397f9f559b062c4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 717107
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Jun 2021 13:59:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=30818893
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1c1d000014563082c000000001
cf-ray: 66512fa69dfb1456-FRA
expires: Fri, 17 Jun 2022 13:59:16 GMT

GET
H2 200 css.css
www.freshfields.com/bundles/ 72 KB
24 KB 32ms
31ms Stylesheet
text/css 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshfields.com/bundles/css.css?v=H62fncepEgVbetr-Rpooyb6YM8teRygEfKsSkZth4n41

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3e1fbdc2576825abf84d0df658417e2ba9b4eb6f9ef7c1ad96072fa39409ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/css.css?v=H62fncepEgVbetr-Rpooyb6YM8teRygEfKsSkZth4n41
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3926789
vary: User-Agent,Accept-Encoding
content-length: 21574
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 May 2021 10:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=27609211
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1c1e00001456f680d000000001
accept-ranges: bytes
cf-ray: 66512fa69dfe1456-FRA
expires: Wed, 11 May 2022 10:24:34 GMT

GET
H2 200 jquery.waitforimages.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.waitforimages/1.5.0/ 1 KB
963 B 21ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.waitforimages/1.5.0/jquery.waitforimages.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1eac1d01c2bc33725911f934e1a2d5f92008964a454bd856fd662094a219dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 415338
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 596
cf-request-id: 0ae69c1c1d00003240eb95d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-4d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Au8lxMuzEmwxuVDrIDGD8FJ4DcmxM08a%2FrzQbyCSLv683QO8OVP2xN1euim8sEB06VgOMqKUEiFrjonDnxu%2BX54nDPy%2BRTcgwCknIEwCHSiqkclwExTz2vlHkwzsvKniACJx3%2FxjmqNGyVkC9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa69e0c3240-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 334ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e51cc8fa0f52b2b6153113a2bfb1d39b01709057d3cccff2bd5603fd828513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9CH7M63ILfh8MB6VTJcGFA==
age: 340
vary: Accept-Encoding
content-length: 5811
cf-request-id: 0ae69c1d5d0000074671a21000000001
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 12:22:23 GMT
server: cloudflare
etag: 0x8D9370AB87C9CD8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c6a89cf4-401e-0133-0a3c-69c79e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512fa89b980746-FRA

GET
H2 200 nycc_555x252px.jpg
www.freshfields.com/4a6820/globalassets/home/news-rss/ 18 KB
18 KB 35ms
33ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/4a6820/globalassets/home/news-rss/nycc_555x252px.jpg

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c93c22313666f94ee0bc6819fbd02b0cbd0c8ae97cdeaed803ca18750c79ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /4a6820/globalassets/home/news-rss/nycc_555x252px.jpg
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1371131
cf-polished: qual=85, origFmt=jpeg, origSize=101798
content-disposition: inline; filename="nycc_555x252px.webp"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 10 Jul 2021 00:18:52 GMT
last-modified: Wed, 16 Sep 2020 14:44:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1D68C37EA89D600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=1220869
cf-request-id: 0ae69c1d7400001456dbb0d000000001
cf-ray: 66512fa8bb081456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 08362_bs_mbd_coxs-bazar-case-study-image_555x252.png
www.freshfields.com/4a1fee/globalassets/what-we-do/case-studies/coxs-bazar/ 248 KB
248 KB 35ms
33ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/4a1fee/globalassets/what-we-do/case-studies/coxs-bazar/08362_bs_mbd_coxs-bazar-case-study-image_555x252.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edec83126419ceb3c85f3a0f26fe684ab3350794bdcc0b327da57deae1f01889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /4a1fee/globalassets/what-we-do/case-studies/coxs-bazar/08362_bs_mbd_coxs-bazar-case-study-image_555x252.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4529
cf-polished: origFmt=png, origSize=302522
content-disposition: inline; filename="08362_bs_mbd_coxs-bazar-case-study-image_555x252.webp"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sun, 25 Jul 2021 19:55:34 GMT
last-modified: Mon, 27 Jul 2020 08:47:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1D663F282B2CE00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=2587471
cf-request-id: 0ae69c1d7400001456ab8af000000001
cf-ray: 66512fa8bb091456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 fi_monitor_q1_hero_555x252px.jpg
www.freshfields.com/496a1d/globalassets/our-thinking/campaigns/fi-monitor-21/ 32 KB
32 KB 35ms
33ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/496a1d/globalassets/our-thinking/campaigns/fi-monitor-21/fi_monitor_q1_hero_555x252px.jpg

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2b4f526372503f02ffe853aa3e4d86102574fa7aabb6e913c7e4fedd4185bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /496a1d/globalassets/our-thinking/campaigns/fi-monitor-21/fi_monitor_q1_hero_555x252px.jpg
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 793414
cf-polished: qual=85, origFmt=jpeg, origSize=218580
content-disposition: inline; filename="fi_monitor_q1_hero_555x252px.webp"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Fri, 16 Jul 2021 16:47:29 GMT
last-modified: Fri, 09 Apr 2021 08:23:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1D72D19A405E100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=1798586
cf-request-id: 0ae69c1d7400001456f6830000000001
cf-ray: 66512fa8bb0b1456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100-years.png
www.freshfields.com/4a00d5/globalassets/our-thinking/campaigns/100-years/ 196 KB
197 KB 30ms
29ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/4a00d5/globalassets/our-thinking/campaigns/100-years/100-years.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f8e6e6d086b7701c4d5080541a50c3e941645cff588ade55b8dfb385c703d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /4a00d5/globalassets/our-thinking/campaigns/100-years/100-years.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1323984
cf-polished: origFmt=png, origSize=304565
content-disposition: inline; filename="100-years.webp"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 10 Jul 2021 13:24:39 GMT
last-modified: Tue, 12 Mar 2019 14:06:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1D4D8DCC2037C00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=1268016
cf-request-id: 0ae69c1d7400001456e494f000000001
cf-ray: 66512fa8bb0d1456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
53 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5C7ZM7H

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

438c7896f8ff9d95c1bdbcb9af3abab96bc8c60995f2c530b94e9d22049fb15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54652
x-xss-protection: 0
expires: Fri, 25 Jun 2021 21:11:03 GMT

GET
H2 200 logo-fbd-neg.png
www.freshfields.com/static/assets/img/ 2 KB
5 KB 21ms
20ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/logo-fbd-neg.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04781047def3fef698d6e0bda3ed2292de4883515d17190daf427e361a62d4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/logo-fbd-neg.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 791539
cf-polished: origFmt=png, origSize=3917
content-disposition: inline; filename="logo-fbd-neg.webp"
strict-transport-security: max-age=31536000
content-length: 2064
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Tue, 08 Jun 2021 10:16:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d750000145630846000000001
accept-ranges: bytes
cf-ray: 66512fa8bb101456-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ 36 KB
9 KB 24ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4413144
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8722
cf-request-id: 0ae69c1ce000004ab05c268000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-90b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ey4zF9RwwaEweTw4iMH0XyU1c9guVRTdeE0tQGZVOIIp6aWK28MurKwjhEfANsqlJO05qzXGBwKqrjTCyZtP%2BX3Ez%2BjVT7jN0GR8wn8UIu%2BMCv%2BBcaikTt619qbALKiiOiEoD5JHBpUw918kPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa7cb884ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 41 KB
10 KB 17ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 680329
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9033
cf-request-id: 0ae69c1cf100004ab093884000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a3e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8rJ%2BK8j6slRM9n5D26240LSzGE%2BjHwidOAvc7t2LTe5wwP6e1uCH4vQIrIK0LXimMxym8va1o0AItwHIatG6Pu6shsTAu5jOEOD2y1kxgX5sekI62PK9f1JXuU1BCN%2FQMDKGc5%2Bwzmoj7758Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa7ebb34ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/ 65 KB
16 KB 19ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1122284
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15671
cf-request-id: 0ae69c1d0600004ab090182000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10468"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NF%2FZIgEwvR12FDhjcRmGm9cFBbmMKfvVxbfP84DnwOiJTA5BHKWcVDViyBo7dcMt2Bq2Og2hHcKk6vs%2BiGtKsVUJ5pQPS42cl%2BO8iK0O%2BwHeBlvkOvfj%2B%2B5c9cIwfF2Qrv1uWILZczM1IngZMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa80c084ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 typeahead.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/typeahead.js/0.11.1/ 39 KB
11 KB 21ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/typeahead.js/0.11.1/typeahead.bundle.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 687814
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10270
cf-request-id: 0ae69c1d2100004ab082288000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-9b45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E%2Ba5SvnKkrIpveNdxLR2E7wyUAxyZb7rlMzhBkJRdW03G7zADj1lwz1sje8XYH3swt73kv%2FM3rN1Rupc9ioOIyS63K6lpFqUzrVewVcrnG%2BmzC54SH1wZyBbL3OzCz20UsZEYYpEOzAuDcluRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa83c754ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 jquery.mCustomScrollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/ 39 KB
11 KB 18ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/malihu-custom-scrollbar-plugin/3.1.5/jquery.mCustomScrollbar.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 661385
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10595
cf-request-id: 0ae69c1d3800004ab068012000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-9cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PNO0cOMh8ARqHxGYOBsDrm5aFAs1PaKpksXKyRXXa31ENf8OHeFoI8fk8saDMKB0yjmZLB6A5ifm5g2034bXRgpr%2B0syKBLdMo65QOecHj8awW0B96D%2BRYtGkHGcKX9nw%2FPa2hRQJHVq08bP0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa85ccf4ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 scrollreveal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/scrollReveal.js/3.3.2/ 9 KB
3 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/scrollReveal.js/3.3.2/scrollreveal.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5448be3227a5967a656bff3f3cf08bfa4f2cfbfbdbfae285a9daad43f7761d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5499664
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2768
cf-request-id: 0ae69c1d4c00004ab0769ca000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-235d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qcdaEqx5%2Bg30KOJ0c0AmVWBW%2Bq2chJGUeUygUmDgS1hpd%2FnKz54aROcQGsQm90GrzxvzgxXjrtIL8tcuqrjpI2JGCdNvd6KzKXXN4VgbZVrjQ8zKwOrk81Ff4nX357HwBPLzhIp0AUIxv5wRjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa87d274ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 masonry.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/masonry/4.2.2/ 24 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/masonry/4.2.2/masonry.pkgd.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8188301
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6601
cf-request-id: 0ae69c1d6300004ab06b003000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-5e27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2%2FE6WiC2S4wYQ62TP%2Bd3T%2FzDmWNZN6nCrLpa0PZThyP0zs%2BN7f6glefEbuJgHoZ6jJlz4NOx9qqbOBpQvUQSY42%2Fy1jPfAUrNJqTbjnqoO1ATNlQ5uzEoAfOWZJ218o3KG5JjZpg24pX5rQbxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa89d5c4ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H3-29 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8207768
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1120
cf-request-id: 0ae69c1d6d00004ab04e9a6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B5mxDeQ6zWLFFLbmaTBBha0AMgCLGOB6AmVS%2FPLWRWmGiiCV74sIo%2FsFdDk58%2Fgri1Ww64u5QmKbLsqYw%2F8MD0oyj75mzSKLfBU2d%2BxUNZ2uoi7fPop8YC0kOSj75tJ%2F8KEt8vkBjoAWjCHc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa8ad904ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 js.js Show response
www.freshfields.com/bundles/ 769 KB
219 KB 41ms
38ms Script
text/javascript 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.freshfields.com/bundles/js.js?v=6cWc6UEWAF-NpF7k5oiphkkbRMzdM_jdNAZB2CugEoU1

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13904503c3cc4ec14203dfb28ff7c8ab5c8a9072a895bffd7058b19d5d34931d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /bundles/js.js?v=6cWc6UEWAF-NpF7k5oiphkkbRMzdM_jdNAZB2CugEoU1
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.freshfields.com
referer: https://www.freshfields.com/en-gb/footer/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 717107
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Jun 2021 13:59:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public, max-age=30818893
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d73000014562b820000000001
cf-ray: 66512fa8bb041456-FRA
expires: Fri, 17 Jun 2022 13:59:16 GMT

GET
H3-29 200 picturefill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.2/ 12 KB
5 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.2/picturefill.min.js

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 812880
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4631
cf-request-id: 0ae69c1d7300004ab0769cd000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f8b-2e1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BcZ%2BQYKMBhDAdV6ozq7AUTF9Sn7jKyNL7R5QfgGp%2F%2FDxzJ49uDxizwjbv%2FepnPLDiBxGdlO2t3i%2BNs5j%2BjyVbPh53Zq8QA20h9ri%2F83jI7izzJ8qHSHEwwu8PDxImKXvpfFFi3wLfpb37WZ7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa8bda94ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET
H2 200 6e79b691-ed88-4d00-a766-2c67d919fe71.json Show response
cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/ 3 KB
2 KB 33ms
19ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6e79b691-ed88-4d00-a766-2c67d919fe71.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4baa8fb13c3eb8a26461cbd9ff5d64adb4c2c2794857ffbef4a37cd4a6e0cd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PsE7vIrFYtD5iyoT+tbTRw==
age: 5335
vary: Accept-Encoding
content-length: 1260
cf-request-id: 0ae69c1d7e00004e61be843000000001
x-ms-lease-status: unlocked
last-modified: Fri, 11 Jun 2021 09:46:45 GMT
server: cloudflare
etag: 0x8D92CBDD32D5D1B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3a2c4997-101e-0102-7cab-5e9c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512fa8ce894e61-FRA

GET
H2 200 x-sprite.png
www.freshfields.com/static/assets/img/header/ 148 B
3 KB 48ms
47ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/header/x-sprite.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

913d1003ace9bb46c6f84b3ec2cf973a92a2c1b730adc83bc067496b4329b677

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/header/x-sprite.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 687523
cf-polished: origFmt=png, origSize=1155
content-disposition: inline; filename="x-sprite.webp"
strict-transport-security: max-age=31536000
content-length: 148
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Fri, 11 Jun 2021 16:24:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d7d00001456fc287000000001
accept-ranges: bytes
cf-ray: 66512fa8cb3d1456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 logo-fbd-header.png
www.freshfields.com/static/assets/img/header/ 3 KB
6 KB 34ms
34ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/header/logo-fbd-header.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90931e5368d1e3697ea8ad7a984c6c2ee62ab8b5db73ff2203d391f71ef917c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/header/logo-fbd-header.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 792876
cf-polished: origFmt=png, origSize=6423
content-disposition: inline; filename="logo-fbd-header.webp"
strict-transport-security: max-age=31536000
content-length: 3080
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Tue, 08 Jun 2021 10:16:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d7e0000145635a9c000000001
accept-ranges: bytes
cf-ray: 66512fa8cb3f1456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Search-icon-menu--sprite.png
www.freshfields.com/static/assets/img/header/ 272 B
3 KB 33ms
32ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/header/Search-icon-menu--sprite.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

035094cfb1e5f8002fa568add21e7a95f18cd17bb23c51baf16eddb670e37c22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/header/Search-icon-menu--sprite.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 792875
cf-polished: origFmt=png, origSize=1343
content-disposition: inline; filename="Search-icon-menu--sprite.webp"
strict-transport-security: max-age=31536000
content-length: 272
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Tue, 08 Jun 2021 10:16:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d7e00001456331db000000001
accept-ranges: bytes
cf-ray: 66512fa8cb421456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 icon-language-spr.png
www.freshfields.com/static/assets/img/modules/ 724 B
3 KB 33ms
32ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/modules/icon-language-spr.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e1653eaa390c3c993637f324cfd1c7593bdb89cac7beb9fda1984e1ae83796

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/modules/icon-language-spr.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 792368
cf-polished: origFmt=png, origSize=4277
content-disposition: inline; filename="icon-language-spr.webp"
strict-transport-security: max-age=31536000
content-length: 724
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Tue, 08 Jun 2021 10:16:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d7e0000145609061000000001
accept-ranges: bytes
cf-ray: 66512fa8cb431456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Search-icon-menu-ds.png
www.freshfields.com/Static/assets/img/header/ 598 B
3 KB 28ms
27ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/Static/assets/img/header/Search-icon-menu-ds.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74919e9a7f0fa5c1f15956eb311d0ee503614ed65014fb6a6a68472810e7f40a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /Static/assets/img/header/Search-icon-menu-ds.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 804572
cf-polished: origFmt=png, origSize=2773
content-disposition: inline; filename="Search-icon-menu-ds.webp"
strict-transport-security: max-age=31536000
content-length: 598
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Tue, 08 Jun 2021 10:16:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1d7f00001456e78b1000000001
accept-ranges: bytes
cf-ray: 66512fa8cb481456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.freshfields.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 21:16:19 GMT
x-content-type-options: nosniff
age: 258884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 21:16:19 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.freshfields.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 13:07:53 GMT
x-content-type-options: nosniff
age: 201790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 13:07:53 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 34ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1480
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2c200b78-b01e-0022-6003-6a2d6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 25 Jun 2021 21:41:03 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 24ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 7353864
vary: Accept-Encoding
content-length: 85065
cf-request-id: 0ae69c1deb00000746d802d000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:28 GMT
server: cloudflare
etag: 0x8D8F2581A370641
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be1a1759-401e-017c-7124-270386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512fa97da70746-FRA
expires: Sat, 03 Jul 2021 21:11:03 GMT

GET
H2 200 footer-follow-sprite.png
www.freshfields.com/static/assets/img/modules/ 3 KB
6 KB 36ms
34ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/modules/footer-follow-sprite.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1ffa6ac2f650489c87d95735c466e06e9516b1cbee2bf07e7a9254b652b3319

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/modules/footer-follow-sprite.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 678732
cf-polished: origFmt=png, origSize=6204
content-disposition: inline; filename="footer-follow-sprite.webp"
strict-transport-security: max-age=31536000
content-length: 3292
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:03 GMT
last-modified: Fri, 11 Jun 2021 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1df100001456d7293000000001
accept-ranges: bytes
cf-ray: 66512fa98ccc1456-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.0.0.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 324755
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1046
cf-request-id: 0ae69c1e1000004ab0c01b2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WLq8%2Fh5fab7yOd1QLQWOHupOiekjRyj33Fl1RyTV3wagxIMzRKg%2FC7AVqSIejcBEMD6SpKWKce6bx1qKaAyh6c0t6HV2I%2BPJhnnRkrzk1%2F%2FDWSWItBzedkP%2B4HH0lm28E755ecE5j7%2FQPvB%2FgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66512fa9bfcd4ab0-FRA
expires: Wed, 15 Jun 2022 21:11:03 GMT

GET find.js
dl.episerver.net/13.4.4.1/epi-util/ 0
0

GET
BLOB 200
OK 8d7c5bd9-5b4c-465d-82e6-0421160788cc
https://www.freshfields.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.freshfields.com/8d7c5bd9-5b4c-465d-82e6-0421160788cc
Requested by: Host: www.freshfields.com
URL: https://www.freshfields.com/en-gb/footer/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 select-box.png
www.freshfields.com/static/assets/img/home/ 146 B
3 KB 24ms
23ms Image
image/webp 2606:4700::6811:7109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.freshfields.com/static/assets/img/home/select-box.png

Requested by

Host: www.freshfields.com
URL: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:7109 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa7c03cd4934b49927a2b04afebca84c718979851d7448426e5226566540a58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /static/assets/img/home/select-box.png
pragma: no-cache
cookie: TiPMix=72.5175103510346; x-ms-routing-name=self; ARRAffinity=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; ARRAffinitySameSite=0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec; .ASPXANONYMOUS=EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2; ASP.NET_SessionId=nbidz34mc3rclyxmabduird0; EPi_NumberOfVisits=1,2021-06-25T21:11:02
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.freshfields.com
referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.freshfields.com/bundles/appcss.css?v=XGrCLn4uJ9OtSCte_sWAZMKQd92zlk9Ke4301cqvjW01
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 21:11:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3926679
cf-polished: origFmt=png, origSize=1162
content-disposition: inline; filename="select-box.webp"
strict-transport-security: max-age=31536000
content-length: 146
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ef408798-e12a-47ea-8234-90ebb537a9a2
referrer-policy: no-referrer-when-downgrade
expires: Sat, 25 Jun 2022 21:11:04 GMT
last-modified: Fri, 07 May 2021 12:01:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-expose-headers: Request-Context
cache-control: public, max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; magnetometer 'none'; microphone 'none'; payment 'none';
content-security-policy: default-src 'self' *.freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ *.vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com *.podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ *.services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' *.freshfields.com https://images.passle.net *.freshfields.us *.freshfields.de *.freshfields.hk *.freshfields.jp data: *.podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ *.linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src *.podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src *.freshfields.com *.freshfields.us *.freshfields.hk *.freshfields.jp *.freshfields.de *.podbean.com/;
cf-request-id: 0ae69c1e5c00001456f6849000000001
accept-ranges: bytes
cf-ray: 66512faa2e3f1456-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6bcef5cc-a117-4368-8d7a-2e6893025303/ 144 KB
26 KB 19ms
18ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6bcef5cc-a117-4368-8d7a-2e6893025303/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7072921312d2e066069ae2b0a850b78854fc31d0641352c2b4ad7430236e0b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: i11Pc6QocS3VjNlx22+Cfw==
age: 5335
vary: Accept-Encoding
content-length: 26250
cf-request-id: 0ae69c1e8400004e617f31c000000001
x-ms-lease-status: unlocked
last-modified: Fri, 11 Jun 2021 09:46:52 GMT
server: cloudflare
etag: 0x8D92CBDD761BFFB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2715b96e-601e-0149-7cab-5eadd3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faa6b284e61-FRA

GET
H2 200 6e79b691-ed88-4d00-a766-2c67d919fe71.json Show response
cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/ 3 KB
1 KB 15ms
14ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6e79b691-ed88-4d00-a766-2c67d919fe71.json

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4baa8fb13c3eb8a26461cbd9ff5d64adb4c2c2794857ffbef4a37cd4a6e0cd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PsE7vIrFYtD5iyoT+tbTRw==
age: 5336
vary: Accept-Encoding
content-length: 1260
cf-request-id: 0ae69c1e8700004e619c1d8000000001
x-ms-lease-status: unlocked
last-modified: Fri, 11 Jun 2021 09:46:45 GMT
server: cloudflare
etag: 0x8D92CBDD32D5D1B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3a2c4997-101e-0102-7cab-5e9c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faa7b324e61-FRA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 18ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 7353865
vary: Accept-Encoding
content-length: 85065
cf-request-id: 0ae69c1e9d00000746c22a4000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:28 GMT
server: cloudflare
etag: 0x8D8F2581A370641
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be1a1759-401e-017c-7124-270386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faa98e30746-FRA
expires: Sat, 03 Jul 2021 21:11:04 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 33ms
28ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 5764768
vary: Accept-Encoding
content-length: 2938
cf-request-id: 0ae69c1ecb00004e615e004000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:19 GMT
server: cloudflare
etag: 0x8D8F25814EBA7C9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 17199818-401e-005a-0b98-35de67000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faadc5f4e61-FRA
expires: Sat, 03 Jul 2021 21:11:04 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 58 KB
14 KB 23ms
18ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42bdbdeb97cb56c13e38eb263e60d0f3c131c12a41d948133b5637baa1070a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uIOUQDzsfhrc2v0j31uJCw==
age: 5592315
vary: Accept-Encoding
content-length: 14303
cf-request-id: 0ae69c1ecc00004e619c1e2000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:21 GMT
server: cloudflare
etag: 0x8D8F25815ED1BCF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ec52df5e-f01e-002e-2529-375821000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faadc604e61-FRA
expires: Sat, 03 Jul 2021 21:11:04 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6bcef5cc-a117-4368-8d7a-2e6893025303/ 144 KB
26 KB 20ms
19ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6e79b691-ed88-4d00-a766-2c67d919fe71/6bcef5cc-a117-4368-8d7a-2e6893025303/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7072921312d2e066069ae2b0a850b78854fc31d0641352c2b4ad7430236e0b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: i11Pc6QocS3VjNlx22+Cfw==
age: 5335
vary: Accept-Encoding
content-length: 26250
cf-request-id: 0ae69c1ed600004e619d141000000001
x-ms-lease-status: unlocked
last-modified: Fri, 11 Jun 2021 09:46:52 GMT
server: cloudflare
etag: 0x8D92CBDD761BFFB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2715b96e-601e-0149-7cab-5eadd3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512faafca64e61-FRA

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 397ms
397ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80eaffbaa0b51da00abe598cf9080bed1404a74e72318f0f477e7ac9937ac153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 1262D484-DC14-49E4-9299-69BCB6885DBD
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 25 Jun 2021 21:11:04 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ 0
0 258ms
34ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.freshfields.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 25 Jun 2021 21:11:03 GMT
content-length: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 18ms
18ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 5764768
vary: Accept-Encoding
content-length: 2938
cf-request-id: 0ae69c1fd200004e61c1a1c000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:19 GMT
server: cloudflare
etag: 0x8D8F25814EBA7C9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 17199818-401e-005a-0b98-35de67000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512fac890e4e61-FRA
expires: Sat, 03 Jul 2021 21:11:04 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 58 KB
14 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42bdbdeb97cb56c13e38eb263e60d0f3c131c12a41d948133b5637baa1070a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freshfields.com/en-gb/footer/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Jun 2021 21:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uIOUQDzsfhrc2v0j31uJCw==
age: 5592315
vary: Accept-Encoding
content-length: 14303
cf-request-id: 0ae69c1fd200004e61b8962000000001
x-ms-lease-status: unlocked
last-modified: Mon, 29 Mar 2021 02:12:21 GMT
server: cloudflare
etag: 0x8D8F25815ED1BCF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ec52df5e-f01e-002e-2529-375821000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66512fac89114e61-FRA
expires: Sat, 03 Jul 2021 21:11:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dl.episerver.net
URL: https://dl.episerver.net/13.4.4.1/epi-util/find.js

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freshfields.com/	1970-01-20 04:03:11	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Jun+25+2021+23%3A11%3A04+GMT%2B0200+(Central+European+Summer+Time)&version=6.16.0&isIABGlobal=false&hosts=&consentId=25e3d948-c674-46cb-b213-ea0a543ec2ea&interactionCount=0
www.freshfields.com/	1970-01-19 19:17:37	Name: ai_session Value: 0FBbV\|1624655464059.5\|1624655464059.5
www.freshfields.com/	1970-01-20 04:03:11	Name: EPi_NumberOfVisits Value: 1,2021-06-25T21:11:02
.www.freshfields.com/	1970-01-19 19:17:39	Name: x-ms-routing-name Value: self
www.freshfields.com/	1970-01-19 20:57:35	Name: .ASPXANONYMOUS Value: EradfG_RBAd74Cx-Oi77vZSZSM0d6KKjYJBdIJaTtAxyTebIfMqJS06vnO3fSrpdiyaoUXtL7ElT16DP-4zK4AgraZF1qUwO-7P6uGtvce631rlAX3HB8MnSP-Pytv44LP-blhXgPUg3T_SIl3k2bA2
www.freshfields.com/	1970-01-20 04:03:11	Name: ai_user Value: Y6t37\|2021-06-25T21:11:04.057Z
www.freshfields.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: nbidz34mc3rclyxmabduird0
.www.freshfields.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec
.www.freshfields.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 0d71a002e54907c09bfab941bcec4c887be1fbf09975fbff67ef63255c8883ec
.www.freshfields.com/	1970-01-19 19:17:39	Name: TiPMix Value: 72.5175103510346

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://code.jquery.com/jquery-3.0.0.min.js(Line 2) Message: jQuery.Deferred exception: The element or ID supplied is not valid. (videojs) TypeError: The element or ID supplied is not valid. (videojs) at i (https://www.freshfields.com/bundles/js.js?v=6cWc6UEWAF-NpF7k5oiphkkbRMzdM_jdNAZB2CugEoU1:1:173091) at HTMLDocument.<anonymous> (https://www.freshfields.com/bundles/js.js?v=6cWc6UEWAF-NpF7k5oiphkkbRMzdM_jdNAZB2CugEoU1:1:766925) at j (https://code.jquery.com/jquery-3.0.0.min.js:2:29588) at k (https://code.jquery.com/jquery-3.0.0.min.js:2:29902) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .freshfields.com blob: freshfields.azurewebsites.net https://netdna.bootstrapcdn.com/; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.googletagmanager.com/ https://cdnjs.cloudflare.com https://cdn.cookielaw.org/ https://code.jquery.com/ https://sdk.passle.net/ https://clientsdk.passle.net/ .vo.msecnd.net https://maxcdn.bootstrapcdn.com/ https://www.google-analytics.com/ https://analytics.twitter.com/ https://secure.leadforensics.com/ https://snap.licdn.com/ https://static.ads-twitter.com/ https://connect.facebook.net/ https://cdn.tinymce.com https://public.flourish.studio/ https://cdn.flourish.rocks https://play.freshfields.com .podbean.com/ https://js.createsend1.com/javascript/copypastesubscribeformlogic.js https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js https://www.emailmeform.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/ https://dl.episerver.net/13.3.0/epi-util/find.js;style-src 'unsafe-inline' 'self' https://dl.episerver.net/ https://fonts.googleapis.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://cdn.tinymce.com/ https://netdna.bootstrapcdn.com/ https://cdn.materialdesignicons.com/ https://freshfields.amicuscrm.co.uk/ https://cdn.tiny.cloud/; font-src 'self' https://fonts.gstatic.com https://cdn.tinymce.com/ https://cdn.materialdesignicons.com https://netdna.bootstrapcdn.com/ data:;connect-src 'self' https://clientapi.passle.net/ https://clientsdk.passle.net/ https://cdn.cookielaw.org https://www.google-analytics.com/ .services.visualstudio.com https://stats.g.doubleclick.net/ https://privacyportal-eu.onetrust.com/ https://createsend.com//t/getsecuresubscribelink;img-src 'self' .freshfields.com https://images.passle.net .freshfields.us .freshfields.de .freshfields.hk .freshfields.jp data: .podbean.com https://www.google-analytics.com/ https://secure.adnxs.com/ http://code.jquery.com/ https://www.facebook.com/ https://t.co/ .linkedin.com/ https://cdnjs.cloudflare.com/ https://freshfields.amicuscrm.co.uk/ https://sp.tinymce.com/ https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://public.flourish.studio/resources/bosh.svg;worker-src 'self' blob:;frame-src .podbean.com/ https://public.flourish.studio/ https://flo.uri.sh/ https://play.buto.tv/ https://play.freshfields.com/ https://butoembed.twentythree.net/ https://archive-videos.freshfields.com/ https://www.google.com/ https://embed.buto.tv/ https://www.emailmeform.com/ https://www.youtube.com/ .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de http://ssl.freshfields.com/ https://youtu.be/ https://m.youtube.com/ https://www.facebook.com/;media-src .freshfields.com .freshfields.us .freshfields.hk .freshfields.jp .freshfields.de *.podbean.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.cookielaw.org
cdnjs.cloudflare.com
code.jquery.com
dc.services.visualstudio.com
dl.episerver.net
fonts.googleapis.com
fonts.gstatic.com
sdk.passle.net
www.freshfields.com
www.googletagmanager.com
dl.episerver.net
143.204.98.112
2001:4de0:ac18::1:a:1b
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:135e
2606:4700::6810:9540
2606:4700::6811:7109
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:831::200a
40.114.241.141
00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1
035094cfb1e5f8002fa568add21e7a95f18cd17bb23c51baf16eddb670e37c22
13904503c3cc4ec14203dfb28ff7c8ab5c8a9072a895bffd7058b19d5d34931d
1c2b4f526372503f02ffe853aa3e4d86102574fa7aabb6e913c7e4fedd4185bb
20e51cc8fa0f52b2b6153113a2bfb1d39b01709057d3cccff2bd5603fd828513
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26e1653eaa390c3c993637f324cfd1c7593bdb89cac7beb9fda1984e1ae83796
34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
3f8e6e6d086b7701c4d5080541a50c3e941645cff588ade55b8dfb385c703d17
42bdbdeb97cb56c13e38eb263e60d0f3c131c12a41d948133b5637baa1070a28
438c7896f8ff9d95c1bdbcb9af3abab96bc8c60995f2c530b94e9d22049fb15c
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d
4aa7c03cd4934b49927a2b04afebca84c718979851d7448426e5226566540a58
4baa8fb13c3eb8a26461cbd9ff5d64adb4c2c2794857ffbef4a37cd4a6e0cd81
508975803dd9679b085d4cd69f02d3d8aaebf51d1f17f99e876ba78a29d4b436
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5448be3227a5967a656bff3f3cf08bfa4f2cfbfbdbfae285a9daad43f7761d2a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
63497a3603515ce8bdf0476eb7a5b33862c5b1075a5c136a9e6b380d679a5ca3
6cf033977370d1e067f28b1bf79ed92205cfcb57c36b209a397f9f559b062c4d
7072921312d2e066069ae2b0a850b78854fc31d0641352c2b4ad7430236e0b24
74919e9a7f0fa5c1f15956eb311d0ee503614ed65014fb6a6a68472810e7f40a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7c93c22313666f94ee0bc6819fbd02b0cbd0c8ae97cdeaed803ca18750c79ee9
7d3e1fbdc2576825abf84d0df658417e2ba9b4eb6f9ef7c1ad96072fa39409ca
80eaffbaa0b51da00abe598cf9080bed1404a74e72318f0f477e7ac9937ac153
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
90931e5368d1e3697ea8ad7a984c6c2ee62ab8b5db73ff2203d391f71ef917c5
913d1003ace9bb46c6f84b3ec2cf973a92a2c1b730adc83bc067496b4329b677
a04781047def3fef698d6e0bda3ed2292de4883515d17190daf427e361a62d4f
a1eac1d01c2bc33725911f934e1a2d5f92008964a454bd856fd662094a219dcf
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c7a996e339a1d62664f8b294df6d31fa435ecec62bbaa8168ffe9f424ebd587e
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e1ffa6ac2f650489c87d95735c466e06e9516b1cbee2bf07e7a9254b652b3319
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
edec83126419ceb3c85f3a0f26fe684ab3350794bdcc0b327da57deae1f01889
fa659dfc6ebd4b8aad80fa304842c879502fefe16e2fcef55976a89605e7af04

www.freshfields.com Open in urlscan Pro 2606:4700::6811:7109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

80 %IPv6

11 Domains

11 Subdomains

11 IPs

3 Countries

1469 kBTransfer

4534 kBSize

10 Cookies

18 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.freshfields.com Open in urlscan Pro
2606:4700::6811:7109 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

1469 kB
Transfer

4534 kB
Size

10
Cookies

55 HTTP transactions
0 data transactions