urlscan.io logo urlscan.io
SecurityTrails logo

nexiumlegalhelp.com Open in urlscan Pro
2606:4700:3034::681c:d37  Public Scan

Go To Rescan Add Verdict Report
URL: https://nexiumlegalhelp.com/
Submission: On May 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3034::681c:d37, located in United States and belongs to CLOUDFLARENET, US. The main domain is nexiumlegalhelp.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 2nd 2020. Valid for: 5 months.
This is the only time nexiumlegalhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3034::681c:d37 (United States)

ASN13335 (CLOUDFLARENET, US)
nexiumlegalhelp.com
3    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
3    2606:4700:20::681a:848 (United States)

ASN13335 (CLOUDFLARENET, US)
www.apex.live
3    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:20::681a:77e (United States)

ASN13335 (CLOUDFLARENET, US)
www.liveleads.us
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.235.153.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-153-63.compute-1.amazonaws.com
cdn.calltrk.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    23.210.249.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-13.deploy.static.akamaitechnologies.com
adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com
Domain Requested by
9 nexiumlegalhelp.com nexiumlegalhelp.com
4 fonts.gstatic.com ajax.googleapis.com
3 ajax.googleapis.com nexiumlegalhelp.com
www.apex.live
3 www.apex.live nexiumlegalhelp.com
www.liveleads.us
www.apex.live
3 stackpath.bootstrapcdn.com nexiumlegalhelp.com
2 adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com
2 www.facebook.com nexiumlegalhelp.com
2 connect.facebook.net nexiumlegalhelp.com
connect.facebook.net
2 www.google-analytics.com 1 redirects nexiumlegalhelp.com
2 use.fontawesome.com nexiumlegalhelp.com
1 stats.g.doubleclick.net nexiumlegalhelp.com
1 cdn.calltrk.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 player.vimeo.com nexiumlegalhelp.com
1 www.googletagmanager.com nexiumlegalhelp.com
1 www.liveleads.us nexiumlegalhelp.com
1 cdnjs.cloudflare.com nexiumlegalhelp.com
38 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-05-02 -
2020-10-09		 5 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-23 -
2021-04-24		 a year crt.sh
cdn.calltrk.com
Amazon		 2020-04-24 -
2021-05-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.ssl.cf2.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-02-18 -
2021-05-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nexiumlegalhelp.com/
Frame ID: 68D490A3F68F1346F801916E46BF6355
Requests: 38 HTTP requests in this frame

Frame: https://player.vimeo.com/video/241937644?api=1&player_id=vimeo-player-1
Frame ID: 018077F4C354F992883AEA8DC7EA966F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

17
Subdomains

18
IPs

5
Countries

1737 kB
Transfer

3490 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=588267952&t=pageview&_s=1&dl=https%3A%2F%2Fnexiumlegalhelp.com%2F&ul=en-us&de=UTF-8&dt=Nexium%20Litigation%20%3A%20Shunnarah&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEBAAEAB~&jid=1924469847&gjid=274899587&cid=253781000.1588426345&tid=UA-75603538-4&_gid=1947382765.1588426345&_r=1&gtm=2wg4m0KL8ZMKM&z=790714485 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75603538-4&cid=253781000.1588426345&jid=1924469847&_gid=1947382765.1588426345&gjid=274899587&_v=j81&z=790714485

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nexiumlegalhelp.com/ 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.21
Resource Hash
b502503828f41c6f0073d51dc9c55e2c634018e3f0f7475048c9972f66e3bf48

Request headers

:method
GET
:authority
nexiumlegalhelp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 02 May 2020 13:32:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfa33c46b0a1a456bc7fc310ab77ad3681588426342; expires=Mon, 01-Jun-20 13:32:22 GMT; path=/; domain=.nexiumlegalhelp.com; HttpOnly; SameSite=Lax messages=%7B%7D; expires=Fri, 01-Jan-2010 05:00:00 GMT; Max-Age=0; path=/; domain=.shunnarah.com
x-powered-by
PHP/7.1.21
cache-control
max-age=600, private, must-revalidate
expires
Mon, 01 Jun 2020 13:32:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58d21b9f69a4648b-FRA
content-encoding
br
cf-request-id
02772f979f0000648be2a04200000001
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nexiumlegalhelp.com/
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 02 May 2020 13:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21089
app.min.css
nexiumlegalhelp.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nexiumlegalhelp.com/css/app.min.css
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ac2513a3e998897d8579b00ccfe6461c84b4b24389df6e7c95f508f1869b62

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Mar 2019 17:46:37 GMT
server
cloudflare
etag
W/"1b90-58398cdf6f21f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2628000
cf-ray
58d21ba2cbce648b-FRA
cf-request-id
02772f99ba0000648be2a1c200000001
expires
Mon, 01 Jun 2020 13:32:23 GMT
all.css
use.fontawesome.com/releases/v5.0.12/css/ 		38 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nexiumlegalhelp.com/
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 02 May 2020 13:32:23 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 20:54:51 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"d896a88b71aa2ba5d6bd670429bf1bad"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
invitation.ashx
www.apex.live/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apex.live/scripts/invitation.ashx?company=ashunnarahnexium
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:848 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash
120372e86291dd0a8f7013678bc171a0b11de4f52ebe041ab12e37f7aa929e27

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
UrlRewriter.NET 2.0.0, ASP.NET
status
200
content-length
1801
cf-request-id
02772fa06a00001f3dca1ce200000001
x-ua-compatible
IE=edge
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
cf-ray
58d21bad7c1f1f3d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain
Shunnarah-logo-update043020.png
nexiumlegalhelp.com/images/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/images/Shunnarah-logo-update043020.png
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d6acb21fb8c97d159cc384248983c5d0b587d12dcf5a8f94d5e2630a29a898

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
last-modified
Thu, 30 Apr 2020 20:35:11 GMT
server
cloudflare
etag
"12ab4-5a488004b5dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=3153600
accept-ranges
bytes
cf-ray
58d21bad5b0a648b-FRA
content-length
76468
cf-request-id
02772fa0590000648be2a92200000001
expires
Sun, 02 May 2021 13:32:24 GMT
1efa4e05ca73554.jpg
nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/1efa4e05ca73554.jpg
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
731a8dc12b8c94110a31ae1db0deee9f61be5947ca616800f0703ae9d53a7dff

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
58d21bad5b0e648b-FRA
content-length
20871
cf-request-id
02772fa0590000648be2a94200000001
expires
Sun, 02 May 2021 13:32:24 GMT
c4356e2243d82b2.jpg
nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/c4356e2243d82b2.jpg
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c122fd9b80b3cf062074e313c263810454e1b56ffa98744bd4ed5701c9c99cc

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
58d21bad5b10648b-FRA
content-length
19820
cf-request-id
02772fa0590000648be2a95200000001
expires
Sun, 02 May 2021 13:32:24 GMT
d8f89e286bdebf3.png
nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/d8f89e286bdebf3.png
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4547a6c205ce4107011894746091cd9e2c46bd9b5cbefe66f024cbfa80c2432

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
58d21bad5b11648b-FRA
content-length
59381
cf-request-id
02772fa0590000648be2a96200000001
expires
Sun, 02 May 2021 13:32:24 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 03:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3059850
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Mar 2021 03:34:53 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nexiumlegalhelp.com/
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 02 May 2020 13:32:23 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15920567
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02772f9ba800001f251f9d9200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:14 GMT
server
cloudflare
etag
W/"5afd4a7a-500f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58d21ba5dcc61f25-FRA
expires
Thu, 22 Apr 2021 13:32:23 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nexiumlegalhelp.com/
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 02 May 2020 13:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:53 GMT
status
200
etag
"1544639633"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14038
app.min.js
nexiumlegalhelp.com/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexiumlegalhelp.com/js/app.min.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4416fb1ffa6de34320035b0de2ca4e0e5c368f0c059e7acc7a41d33789a15ec

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 01 Aug 2018 20:09:26 GMT
server
cloudflare
etag
W/"27dc-5726545801ca4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=2628000
cf-ray
58d21bad4af8648b-FRA
cf-request-id
02772fa04e0000648be2a91200000001
expires
Mon, 01 Jun 2020 13:32:24 GMT
invitation.ashx
www.liveleads.us/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.liveleads.us/scripts/invitation.ashx?company=ashunnarahnexium
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:77e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash
4bbe2e2c1031751ade2028b92fe7987edacf01369b994fa8975432bc63e386f5

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
UrlRewriter.NET 2.0.0, ASP.NET
status
200
content-length
1800
cf-request-id
02772fa08c0000324462bcb200000001
x-ua-compatible
IE=edge
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
cf-ray
58d21badaaf13244-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain
gtm.js
www.googletagmanager.com/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL8ZMKM
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71b586b5088ffedbd371d79a44162d83a1279a8196bde79eada891aafe73fe2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23724
x-xss-protection
0
last-modified
Sat, 02 May 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 May 2020 13:32:24 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2164
date
Sat, 02 May 2020 12:56:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Sat, 02 May 2020 14:56:20 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 07 Apr 2020 11:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2167204
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6490
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Apr 2021 11:32:20 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
B5ggx5xsuyTIsGG9qq97p5Nax0mP+eKDCsFxXLnU+kVl/kbLhzVbDK1SHTftghmHNrl/8/xyldsRfdLtTE1Vhw==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Sat, 02 May 2020 13:32:24 GMT, Sat, 02 May 2020 13:32:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
241937644
player.vimeo.com/video/ Frame 0180 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/241937644?api=1&player_id=vimeo-player-1
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nexiumlegalhelp.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nexiumlegalhelp.com/

Response headers

Connection
keep-alive
Content-Length
4900
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Sat, 02 May 2020 13:42:24 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Sat, 02 May 2020 13:32:24 GMT
Age
0
X-Served-By
cache-hhn4037-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1588426345.610713,VS0,VE147
Vary
Accept-Encoding
2ef3e9d0f13a1c8.jpg
nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/ 		492 KB
492 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/2ef3e9d0f13a1c8.jpg
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ca702e40c0fefb8e1527bcb3e6b14c4fef95b78253e249187373d707ca9386

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
58d21bad6b18648b-FRA
content-length
503567
cf-request-id
02772fa05f0000648be2a97200000001
expires
Sun, 02 May 2021 13:32:24 GMT
25c60bbef5c3f82.jpg
nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexiumlegalhelp.com/www/pages/5/0/0/1/2/images/25c60bbef5c3f82.jpg
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681c:d37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a55c2c6599804f52ebdf04c4e0818159e1630c52282d03252fafac36598420b6

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
58d21bad6b1e648b-FRA
content-length
291280
cf-request-id
02772fa0630000648be2a98200000001
expires
Sun, 02 May 2021 13:32:24 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.12/webfonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.12/webfonts/fa-solid-900.woff2
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.0.12/css/all.css
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 02 May 2020 13:32:24 GMT
last-modified
Thu, 03 May 2018 20:55:16 GMT
server
NetDNA-cache/2.2
status
200
etag
"62e224193aeed0b428e83d1cccfd6d91"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
45132
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 		137 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
status
200
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
21024
css
fonts.googleapis.com/ 		9 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:600%7CRoboto+Condensed:400,700%7COpen+Sans:400,+400italic,+600,+700,+800%7CHind+Siliguri:400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bd22909f5fdb8f69ee9eb60019b1ebc6e152e5190f36914899155497733281a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 May 2020 13:32:24 GMT
server
ESF
date
Sat, 02 May 2020 13:32:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 May 2020 13:32:24 GMT
380207802496019
connect.facebook.net/signals/config/ 		475 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/380207802496019?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20fb5b9c21a2b8e4e7d966f94a0e609bfd612f42c54375703248582286e02b6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
F2K2oaGLj5jbmIerCfpZy0psQ8UiEciC6lw2JHXeMwPlmh45IHBbtDr9yX5otrF0HXfw0PSS7Q+B2m/zdnMIUA==
x-fb-trip-id
420120009
x-frame-options
DENY
date
Sat, 02 May 2020 13:32:25 GMT, Sat, 02 May 2020 13:32:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
swap.js
cdn.calltrk.com/companies/695482925/5395b797866229cc9b9d/12/ 		32 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.calltrk.com/companies/695482925/5395b797866229cc9b9d/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL8ZMKM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.153.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-153-63.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-runtime
0.004758
date
Sat, 02 May 2020 13:32:25 GMT
content-encoding
gzip
server
nginx/1.16.1
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
content-type
text/javascript; charset=utf-8
status
200, 200 OK
cache-control
max-age=3600, public
timing-allow-origin
*
x-request-id
1f50b834-4bca-4f4d-b466-41847c432f73
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=588267952&t=pageview&_s=1&dl=https%3A%2F%2Fnexiumlegalhelp.com%2F&ul=en-us&de=UTF-8&dt=Nexium%20Litigation%20%3A%20Shunnarah&sd=24-bit&sr=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75603538-4&cid=253781000.1588426345&jid=1924469847&_gid=1947382765.1588426345&gjid=274899587&_v=j81&z=790714485
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75603538-4&cid=253781000.1588426345&jid=1924469847&_gid=1947382765.1588426345&gjid=274899587&_v=j81&z=790714485
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 May 2020 13:32:25 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 May 2020 13:32:25 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75603538-4&cid=253781000.1588426345&jid=1924469847&_gid=1947382765.1588426345&gjid=274899587&_v=j81&z=790714485
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
ijwTs5juQtsyLLR5jN4cxBEoTJzax8s3Jik.woff2
fonts.gstatic.com/s/hindsiliguri/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hindsiliguri/v6/ijwTs5juQtsyLLR5jN4cxBEoTJzax8s3Jik.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
967f31692fbbf9aa3f0e5bfbbcc89c860bf1fd1cb6763ea6e48350439955c439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:600%7CRoboto+Condensed:400,700%7COpen+Sans:400,+400italic,+600,+700,+800%7CHind+Siliguri:400
Origin
https://nexiumlegalhelp.com

Response headers

date
Wed, 15 Apr 2020 05:08:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:51:26 GMT
server
sffe
age
1499017
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
expires
Thu, 15 Apr 2021 05:08:48 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:600%7CRoboto+Condensed:400,700%7COpen+Sans:400,+400italic,+600,+700,+800%7CHind+Siliguri:400
Origin
https://nexiumlegalhelp.com

Response headers

date
Wed, 15 Apr 2020 23:49:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1431761
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 15 Apr 2021 23:49:44 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:600%7CRoboto+Condensed:400,700%7COpen+Sans:400,+400italic,+600,+700,+800%7CHind+Siliguri:400
Origin
https://nexiumlegalhelp.com

Response headers

date
Sat, 28 Mar 2020 09:55:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:22 GMT
server
sffe
age
3037000
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10968
x-xss-protection
0
expires
Sun, 28 Mar 2021 09:55:45 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:600%7CRoboto+Condensed:400,700%7COpen+Sans:400,+400italic,+600,+700,+800%7CHind+Siliguri:400
Origin
https://nexiumlegalhelp.com

Response headers

date
Mon, 13 Apr 2020 11:22:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:17 GMT
server
sffe
age
1649408
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10996
x-xss-protection
0
expires
Tue, 13 Apr 2021 11:22:17 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=380207802496019&ev=PageView&dl=https%3A%2F%2Fnexiumlegalhelp.com%2F&rl=&if=false&ts=1588426345230&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1588426345229.357598497&it=1588426344769&coo=false&rqm=GET
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT, Sat, 02 May 2020 13:32:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sat, 02 May 2020 13:32:25 GMT
invitation2.ashx
www.apex.live/scripts/ 		977 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=
Requested by
Host: www.liveleads.us
URL: https://www.liveleads.us/scripts/invitation.ashx?company=ashunnarahnexium
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:848 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash
f366abee954889955c7f693928be190fa0d6f87969290086b05b50ac0a124bf5

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-aspnet-version
4.0.30319
x-powered-by
UrlRewriter.NET 2.0.0, ASP.NET
p3p
policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
cf-request-id
02772fa3aa00001f3dca22e200000001
x-ua-compatible
IE=edge
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,no-transform
cf-ray
58d21bb2aba41f3d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain
/
www.facebook.com/tr/ 		44 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=380207802496019&ev=Microdata&dl=https%3A%2F%2Fnexiumlegalhelp.com%2F&rl=&if=false&ts=1588426345733&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Nexium%20Litigation%20%3A%20Shunnarah%20%20%20%20%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Nexium%20Litigation%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fnexiumlegalhelp.com%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Shunnarah%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1588426345229.357598497&it=1588426344769&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: nexiumlegalhelp.com
URL: https://nexiumlegalhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:25 GMT, Sat, 02 May 2020 13:32:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sat, 02 May 2020 13:32:25 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.apex.live
URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 23:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396949
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Apr 2021 23:16:39 GMT
soundmanager2-nodebug-jsmin.js
www.apex.live/scripts/libraries/soundmanager2/script/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.apex.live/scripts/libraries/soundmanager2/script/soundmanager2-nodebug-jsmin.js
Requested by
Host: www.apex.live
URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:848 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / UrlRewriter.NET 2.0.0, ASP.NET
Resource Hash
5fb787f0951e073a615e79625472742dd39a1a5ba628621b667f4dc530b0dce5

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 02 May 2020 13:32:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
5122
x-powered-by
UrlRewriter.NET 2.0.0, ASP.NET
status
200
content-length
16900
cf-request-id
02772fae8500001f3dca354200000001
x-ua-compatible
IE=edge
last-modified
Fri, 20 Mar 2020 19:12:17 GMT
server
cloudflare
etag
"6ca3df78ebfed51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
content-type
application/javascript
cache-control
max-age=14400, no-transform
accept-ranges
bytes
cf-ray
58d21bc40cc61f3d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, referring-domain
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
IMAGE_YES_NO_-_Alexander_Shunnarah_Law_1788_1_1_3580_invite_1
adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com/IMAGE_YES_NO_-_Alexander_Shunnarah_Law_1788_1_1_3580_invite_1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0bd897667cc57390f4143a21438973f553591b49c573a4f338f9434083aa5dd8

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 13:32:31 GMT
Last-Modified
Fri, 01 Apr 2016 21:19:34 GMT
X-Trans-Id
tx4d4d2d1fd38b493fb5760-005eabfb67ord1
ETag
8e38ac023a3348a90d106bff6bc3b566
Content-Type
application/octet-stream
X-Timestamp
1459545573.43161
Cache-Control
public, max-age=31525349
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66303
Expires
Sun, 02 May 2021 10:35:00 GMT
IMAGE_YES_NO_-_Alexander_Shunnarah_Law_1788_2_2_3581_invite_2
adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com/IMAGE_YES_NO_-_Alexander_Shunnarah_Law_1788_2_2_3581_invite_2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c429fb05f9157745f70992e99fa302c5e65db7dc0d8f46fa7d32d9c5f8ff6e41

Request headers

Referer
https://nexiumlegalhelp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 02 May 2020 13:32:31 GMT
Last-Modified
Fri, 01 Apr 2016 21:19:50 GMT
X-Trans-Id
txa12d8710304c440fb92b1-005eabfb67ord1
ETag
c86773c7f3e2687eb00aaae85fc97eb3
Content-Type
application/octet-stream
X-Timestamp
1459545589.60830
Cache-Control
public, max-age=31525318
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33046
Expires
Sun, 02 May 2021 10:34:29 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer string| GoogleAnalyticsObject function| ga object| WebFontConfig function| fbq function| _fbq function| cb function| raf function| $ function| jQuery function| Popper object| bootstrap object| WebFont object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ApexChat function| printStackTrace function| printStackTraceLimited boolean| isLoaded string| ApexChatBaseUrl number| ApexChatDefaultLogLevel string| ApexChatCompanyKey object| Handlebars object| jQQ function| ApexLogger object| AnalyticsCategories object| AnalyticsEvents object| ApexChatTimeTracker object| fm object| fm.websync object| isMobile function| diff_match_patch number| DIFF_DELETE number| DIFF_INSERT number| DIFF_EQUAL number| profileId string| smsNumber string| ref_domain string| ref_path string| ref_search function| SoundManager object| soundManager

12 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl292535724.1094859815
nexiumlegalhelp.com/ Name: apexchat_invitation_traffic_sources
Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26overwritetrafficsource%3Dtrue%26date%3D20200502
nexiumlegalhelp.com/ Name: apexchat_sms_number
Value: 925-230-0476
nexiumlegalhelp.com/ Name: apexchat_profile_id
Value: 115587
nexiumlegalhelp.com/ Name: apexchat_visitor_id
Value: 768700693
nexiumlegalhelp.com/ Name: apexchat_operator_id
Value: 0
nexiumlegalhelp.com/ Name: apexchat_agent_alias_id
Value: 5251
.nexiumlegalhelp.com/ Name: __cfduid
Value: dfa33c46b0a1a456bc7fc310ab77ad3681588426342
.nexiumlegalhelp.com/ Name: _fbp
Value: fb.1.1588426345229.357598497
.nexiumlegalhelp.com/ Name: _gat_UA-75603538-4
Value: 1
.nexiumlegalhelp.com/ Name: _gid
Value: GA1.2.1947382765.1588426345
.nexiumlegalhelp.com/ Name: _ga
Value: GA1.2.253781000.1588426345

6 Console Messages

Source Level URL
Text
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
Exceptional Case: No Cookie, No Web Storage Supported/Enabled on Browser!!!!
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
setup complete
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
ready run
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
run EP code!
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
creating image invite
console-api log URL: https://www.apex.live/scripts/invitation2.ashx?company=ashunnarahnexium&suppressInitialize=false&chatId=null&visitorId=0&agentAliasId=0&operatorId=0&profileId=115587&gclid=&gs=&gm=&gc=&originalReferrer=(Line 30)
Message:
create executed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adcc0b6fec71f6da6868-9951c12eaf763ebd0692efbd5797203c.ssl.cf2.rackcdn.com
ajax.googleapis.com
cdn.calltrk.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
nexiumlegalhelp.com
player.vimeo.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
use.fontawesome.com
www.apex.live
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.liveleads.us
151.101.112.217
18.235.153.63
2001:4de0:ac19::1:b:2a
23.111.9.35
23.210.249.13
2606:4700:20::681a:77e
2606:4700:20::681a:848
2606:4700:3034::681c:d37
2606:4700::6810:85e5
2a00:1450:4001:809::2008
2a00:1450:4001:814::200a
2a00:1450:4001:815::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0bd897667cc57390f4143a21438973f553591b49c573a4f338f9434083aa5dd8
0ceee487a90eea3b0e52f01360b44e8b6ac0898062c143dbe724663efd3d6f63
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120372e86291dd0a8f7013678bc171a0b11de4f52ebe041ab12e37f7aa929e27
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20fb5b9c21a2b8e4e7d966f94a0e609bfd612f42c54375703248582286e02b6e
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
43d6acb21fb8c97d159cc384248983c5d0b587d12dcf5a8f94d5e2630a29a898
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
49ac2513a3e998897d8579b00ccfe6461c84b4b24389df6e7c95f508f1869b62
4bbe2e2c1031751ade2028b92fe7987edacf01369b994fa8975432bc63e386f5
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5fb787f0951e073a615e79625472742dd39a1a5ba628621b667f4dc530b0dce5
71b586b5088ffedbd371d79a44162d83a1279a8196bde79eada891aafe73fe2b
72ca702e40c0fefb8e1527bcb3e6b14c4fef95b78253e249187373d707ca9386
731a8dc12b8c94110a31ae1db0deee9f61be5947ca616800f0703ae9d53a7dff
7d349f9e08a50336b6f398554e817e6921dd390ef9d8cacf3074a24d4379bd10
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
967f31692fbbf9aa3f0e5bfbbcc89c860bf1fd1cb6763ea6e48350439955c439
9c122fd9b80b3cf062074e313c263810454e1b56ffa98744bd4ed5701c9c99cc
a55c2c6599804f52ebdf04c4e0818159e1630c52282d03252fafac36598420b6
b4416fb1ffa6de34320035b0de2ca4e0e5c368f0c059e7acc7a41d33789a15ec
b502503828f41c6f0073d51dc9c55e2c634018e3f0f7475048c9972f66e3bf48
bd22909f5fdb8f69ee9eb60019b1ebc6e152e5190f36914899155497733281a2
c429fb05f9157745f70992e99fa302c5e65db7dc0d8f46fa7d32d9c5f8ff6e41
c4547a6c205ce4107011894746091cd9e2c46bd9b5cbefe66f024cbfa80c2432
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f366abee954889955c7f693928be190fa0d6f87969290086b05b50ac0a124bf5