ponstingldavid78992.wearelegalshield.ca Open in urlscan Pro
104.18.5.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://legalsupport365.net/
Effective URL:
https://ponstingldavid78992.wearelegalshield.ca/opportunity
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On July 15 via api (July 15th 2024, 4:59:24 am UTC) from IT — Scanned from IT

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 49 HTTP transactions. The main IP is 104.18.5.6, located in and belongs to CLOUDFLARENET, US. The main domain is ponstingldavid78992.wearelegalshield.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2024. Valid for: 10 months.

This is the only time ponstingldavid78992.wearelegalshield.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	172.67.142.7 172.67.142.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 34	104.18.5.6 104.18.5.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.4.175 104.18.4.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.247.243.39 162.247.243.39	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
49	8

2 172.67.142.7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

legalsupport365.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 104.18.5.6 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ponstingldavid78992.wearelegalshield.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.4.175 (None, )

ASN13335 (CLOUDFLARENET, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	wearelegalshield.ca 1 redirects ponstingldavid78992.wearelegalshield.ca	1 MB
9	localizecdn.com global.localizecdn.com — Cisco Umbrella Rank: 16474	109 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	75 KB
2	legalsupport365.net 2 redirects legalsupport365.net	1 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 293	752 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 770	28 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 950	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	5 KB
49	9

	Domain	Requested by
34	ponstingldavid78992.wearelegalshield.ca	1 redirects ponstingldavid78992.wearelegalshield.ca
9	global.localizecdn.com	ponstingldavid78992.wearelegalshield.ca
2	code.jquery.com	ponstingldavid78992.wearelegalshield.ca
2	legalsupport365.net	2 redirects
1	bam.nr-data.net	ponstingldavid78992.wearelegalshield.ca
1	js-agent.newrelic.com	ponstingldavid78992.wearelegalshield.ca
1	static.cloudflareinsights.com	ponstingldavid78992.wearelegalshield.ca
1	fonts.googleapis.com	ponstingldavid78992.wearelegalshield.ca
1	cdnjs.cloudflare.com	ponstingldavid78992.wearelegalshield.ca
49	9

This site contains links to these domains. Also see Links.

Domain
checkout.wearelegalshield.ca
accounts.legalshield.com
vimeo.com
lspro.wearelegalshield.com
get.adobe.com
localizejs.com

Subject Issuer	Validity	Valid
wearelegalshield.ca Cloudflare Inc ECC CA-3	`2024-03-04` - `2024-12-31`	10 months	crt.sh
global.localizecdn.com E6	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ponstingldavid78992.wearelegalshield.ca/opportunity
Frame ID: A31480F30EC7E98216965B4231497BF2
Requests: 47 HTTP requests in this frame

Frame: https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js
Frame ID: AAD9C3841CE29C24EE295BC9820180D1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Join My Team | We Are LegalShield

Page URL History Show full URLs

http://legalsupport365.net/ HTTP 307
https://legalsupport365.net/ HTTP 301
https://ponstingldavid78992.wearelegalshield.ca/opportunity HTTP 307
http://legalsupport365.net/ HTTP 301
https://ponstingldavid78992.wearelegalshield.ca/opportunity Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

1602 kB
Transfer

3933 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.wearelegalshield.ca/ponstingldavid78992/upgrade
Title: Add Legal Supplements

Search URL Search Domain Scan URL

URL: https://accounts.legalshield.com/
Title: Member Login

Search URL Search Domain Scan URL

URL: https://vimeo.com/564997130

Search URL Search Domain Scan URL

URL: https://vimeo.com/382594429

Search URL Search Domain Scan URL

URL: https://lspro.wearelegalshield.com/sites/default/files/file/2020-04/aa.app_.us_.3.18.pdf
Title: Associate Agreement

Search URL Search Domain Scan URL

URL: https://get.adobe.com/reader/
Title: Adobe Acrobat Reader

Search URL Search Domain Scan URL

URL: https://localizejs.com/
Title: Localize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://legalsupport365.net/ HTTP 307
https://legalsupport365.net/ HTTP 301
https://ponstingldavid78992.wearelegalshield.ca/opportunity HTTP 307
http://legalsupport365.net/ HTTP 301
https://ponstingldavid78992.wearelegalshield.ca/opportunity Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request opportunity Show response
ponstingldavid78992.wearelegalshield.ca/
Redirect Chain

http://legalsupport365.net/
https://legalsupport365.net/
https://ponstingldavid78992.wearelegalshield.ca/opportunity
http://legalsupport365.net/
https://ponstingldavid78992.wearelegalshield.ca/opportunity

252 KB
69 KB

1861ms
1860ms

Document
text/html

104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3b739bb484e8d6314fb86e8be7516d637ddd56b506b5c72721906ebe306d172

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: no-cache, private, must-revalidate, no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8a372e839c6b0e15-MXP
content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors 'self' frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Mon, 15 Jul 2024 04:59:13 GMT
expect-ct: max-age=86400, enforce
expires: Sun, 19 Nov 1978 05:00:00 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: X-USER_REGION_ON,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-f9c8a10c-4266-11ef-b044-f3cd2bd9e471
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8a372e831a475fe3-MRS
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 15 Jul 2024 04:59:11 GMT
Expires: Mon, 15 Jul 2024 05:59:11 GMT
Location: https://ponstingldavid78992.wearelegalshield.ca/opportunity
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zop6OPzA0djFQndLWyLMsAH4ZU%2Fh7Yzmqz1RzJSA%2FJ2I9E02%2FOmMeKqk%2Fc2FVs7uZFnsQ8XiZU1wtqVHaJ8lzB9q3yNE1w%2B82EsgDoEeDZk5So9b6OMkYYraER74go7TYgJ3xJt"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding

GET
H2 200 localize.js Show response
global.localizecdn.com/ 63 KB
23 KB 986ms
92ms Script
application/javascript 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/localize.js

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59bd3c7e4c71dd8ce3165db56aa2f3af6ab504f633d04d9350d0a9edb143ed20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v: 486
date: Mon, 15 Jul 2024 04:59:14 GMT
via: 1.1 c02572554c02a87f23aa1896dbdde042.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: cEVAyXx.WxSrMmr2OLN04AARpb1COzc1
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 202172
x-amz-cf-pop: MXP53-P1
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 19:11:11 GMT
server: cloudflare
etag: W/"1337d4c67df26000f40a4bf5dadc1766"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8a372e95b97a0e49-MXP
x-amz-cf-id: CstqL6n0KHEYemcxMdMXOydMyrxKAroZqy9p1-A7OcpEXGRg2bWmZw==

GET
H2 200 css_XqHsJGrrkalBjTKSCc8CO8lB8O4ChlOGZzx6zBgA9R4.css
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/ 11 KB
3 KB 509ms
499ms Stylesheet
text/css 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_XqHsJGrrkalBjTKSCc8CO8lB8O4ChlOGZzx6zBgA9R4.css

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea1ec246aeb91a9418d329209cf023bc941f0ee02865386673c7acc1800f51e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 2964
x-xss-protection: 1; mode=block
x-request-id: v-fafbd968-4266-11ef-8a4c-579212bb5093
referrer-policy: same-origin
last-modified: Sat, 06 Jul 2024 14:01:19 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e9018730e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 955ms
63ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5700358
x-cache: HIT, HIT
content-length: 8323
x-served-by: cache-lga21981-LGA, cache-mxp6922-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721019554.181642,VS0,VE0
etag: W/"28feccc0-8c85"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 79786, 31594

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 959ms
67ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 188967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65993750-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVqSuI1sLsNMucrcYRqy9p02zMntCVVI2hxgnh0bJJMXVkerd7R1omso5Ua1Bxc6OdJQtMZERJDTI4FA6ufSa6NBHStfnH%2Fsz6xOQtEv55CfVk7JXs8kp%2B%2F3C66G%2BZrn55f8B9yV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a372e95adb6badb-MXP
expires: Sat, 05 Jul 2025 04:59:14 GMT

GET
H2 200 css_nnx4V1oymteGlm8S4ruUYgRQoJkUePZYoh20oDxr81M.css
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/ 136 KB
20 KB 591ms
582ms Stylesheet
text/css 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_nnx4V1oymteGlm8S4ruUYgRQoJkUePZYoh20oDxr81M.css

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e7c78575a329ad786966f12e2bb94620450a0991478f658a21db4a03c6bf353

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 20458
x-xss-protection: 1; mode=block
x-request-id: v-fafa1998-4266-11ef-8ef1-2b650a58b6fd
referrer-policy: same-origin
last-modified: Mon, 08 Jul 2024 00:01:52 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e9018750e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 css_2koT3Z_mAirlOGVNc344jheONX2l29eS__52hrzCt5g.css
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/ 13 KB
3 KB 498ms
490ms Stylesheet
text/css 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_2koT3Z_mAirlOGVNc344jheONX2l29eS__52hrzCt5g.css

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4a13dd9fe6022ae538654d737e388e178e357da5dbd792fffe7686bcc2b798

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 3451
x-xss-protection: 1; mode=block
x-request-id: v-faf9e7ac-4266-11ef-997e-c30a5a126008
referrer-policy: same-origin
last-modified: Sun, 16 Jun 2024 00:01:43 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e9018760e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 959ms
69ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:400,400i,500,500i|Source+Serif+Pro:700&display=swap

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

b0dabd2df082ad149ad9999323d0d4bf7103e7ea97c2bc3bdbd63990bc311edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 04:59:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 04:59:14 GMT

GET
H2 200 css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/ 755 KB
69 KB 625ms
618ms Stylesheet
text/css 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a02eaf25ecc0d4a831da58b53eabc91746559f5a6f3773af04b970cefe6c90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-faf9cfce-4266-11ef-a9f0-db4b134a13e6
referrer-policy: same-origin
last-modified: Sat, 13 Jul 2024 14:03:39 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1209600
cf-ray: 8a372e9018770e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 modernizr.min.js Show response
ponstingldavid78992.wearelegalshield.ca/core/assets/vendor/modernizr/ 7 KB
3 KB 491ms
485ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/core/assets/vendor/modernizr/modernizr.min.js?v=3.11.7

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 3090
x-xss-protection: 1; mode=block
x-request-id: v-fafa0944-4266-11ef-8cf3-8f32a9d15389
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:54 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e9018790e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 modernizr-additional-tests.js Show response
ponstingldavid78992.wearelegalshield.ca/core/misc/ 2 KB
1 KB 468ms
463ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/core/misc/modernizr-additional-tests.js?v=3.11.7

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 966
x-xss-protection: 1; mode=block
x-request-id: v-faf89a32-4266-11ef-921c-9f2a0a0ea5c0
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:54 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e90187a0e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 file-icon.png
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/ 2 KB
2 KB 483ms
478ms Image
image/png 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/file-icon.png

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c672e70b77363b2983179eb83ca5b3f11055e9f54ee4c5b803f50a92cb034a85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 2397
x-xss-protection: 1; mode=block
x-request-id: v-faf9dd8e-4266-11ef-8bdf-832d2d8e52ee
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e90187b0e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 wals-4.jpg
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-06/ 226 KB
227 KB 796ms
792ms Image
image/jpeg 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-06/wals-4.jpg?itok=wg-Us2Wq

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f668076d49999c6dd0103090727ab163d4da6f00b37992079a496c24e97339

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 231622
x-xss-protection: 1; mode=block
x-request-id: v-fafa5b06-4266-11ef-bcb3-5305d1562a42
referrer-policy: same-origin
last-modified: Wed, 01 Jul 2020 10:45:31 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e90187c0e15-MXP
expires: Mon, 29 Jul 2024 04:59:13 GMT

GET
H2 200 iStock-1138233826.jpg
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-07/ 179 KB
179 KB 713ms
708ms Image
image/jpeg 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-07/iStock-1138233826.jpg?itok=Lz_g8tK4

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564165426740146fa161a3f62c9dcb9854c6c71d3d9c9ad6cfcf3e420ffb11c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 183378
x-xss-protection: 1; mode=block
x-request-id: v-fb421b80-4266-11ef-bd11-93bb56038ef3
referrer-policy: same-origin
last-modified: Wed, 01 Jul 2020 11:28:10 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e930b040e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 presentation.png
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-04/ 431 KB
432 KB 668ms
667ms Image
image/png 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/x_large/public/image/2020-04/presentation.png?itok=pSVSDMAy

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fc52014607137ca81822ce772cbd30fba0d08ad1bea79c91da8450fbd954898

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 441235
x-xss-protection: 1; mode=block
x-request-id: v-fb81032c-4266-11ef-a0ef-c3fa2bae5106
referrer-policy: same-origin
last-modified: Tue, 30 Jun 2020 21:35:32 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e95ad200e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 js_5Yx6P-d8tMs5iKsFBFiwzKeAgRvj1dXwxf9n_dy72tI.js Show response
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/ 649 KB
157 KB 594ms
581ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/js_5Yx6P-d8tMs5iKsFBFiwzKeAgRvj1dXwxf9n_dy72tI.js

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e58c7a3fe77cb4cb3988ab050458b0cca780811be3d5d5f0c5ff67fddcbbdad2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fba3fd3c-4266-11ef-a380-6f03d26eda85
referrer-policy: same-origin
last-modified: Sun, 16 Jun 2024 14:06:30 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
cf-ray: 8a372e971e2e0e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 gtag.js Show response
ponstingldavid78992.wearelegalshield.ca/modules/contrib/google_tag/js/ 944 B
704 B 492ms
481ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/modules/contrib/google_tag/js/gtag.js?sgn1dt

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 455
x-xss-protection: 1; mode=block
x-request-id: v-fba68bc4-4266-11ef-9bfe-ef7b24ca687d
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:56 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e971e2f0e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 js_JORjh78-zWLun0ApLbr5I1xYudmH2LUiSNG6zbbcuqA.js Show response
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/ 176 KB
47 KB 712ms
701ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/js_JORjh78-zWLun0ApLbr5I1xYudmH2LUiSNG6zbbcuqA.js

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24e46387bf3ecd62ee9f40292dbaf9235c58b9d987d8b52248d1bacdb6dcbaa0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 47691
x-xss-protection: 1; mode=block
x-request-id: v-fba6bfea-4266-11ef-8a38-fbe0054be266
referrer-policy: same-origin
last-modified: Thu, 20 Jun 2024 14:05:58 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e971e300e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 73ms
64ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 26217354
x-cache: HIT, HIT
content-length: 67751
x-served-by: cache-lga13623-LGA, cache-mxp6922-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721019554.411044,VS0,VE0
etag: W/"28feccc0-3dee4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 8, 40371

GET
H2 200 js_QMomI_zwTtYA_uk76_5_a8xbSA4FZ__6UkXkSJd9GJM.js Show response
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/ 22 KB
5 KB 514ms
504ms Script
application/javascript 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/js/js_QMomI_zwTtYA_uk76_5_a8xbSA4FZ__6UkXkSJd9GJM.js

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ca2623fcf04ed600fee93bebfe7f6bcc5b480e0567fffa5245e448977d1893

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 4482
x-xss-protection: 1; mode=block
x-request-id: v-fba711de-4266-11ef-bca7-7f2e9b232f16
referrer-policy: same-origin
last-modified: Sat, 06 Jul 2024 00:01:28 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e971e320e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 524ms
100ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin: https://ponstingldavid78992.wearelegalshield.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8a372e99b9d85260-MXP

GET
H2 200 BestDefense-Regular.ttf
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/ 71 KB
37 KB 704ms
696ms Font
application/font-sfnt 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/BestDefense-Regular.ttf

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20ddde5cf80db4f46844129c2826dbbd444b689a99bb49aa96130f3d61d50534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
Origin: https://ponstingldavid78992.wearelegalshield.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fba5d85a-4266-11ef-b32c-df65353eaec3
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
cache-control: public, max-age=1209600
cf-ray: 8a372e971e2c0e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 tu Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 497 B
569 B 847ms
427ms XHR
application/json 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tu?v=486

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8e5d4681bf75db3f15146187207c0261ba86068998659a35e93eb37e458171b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"1f1-StZC8qV2xNGYwV+kp3qB0E4tObM"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8a372e99ac260e52-MXP
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 g Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 64 KB
26 KB 1021ms
602ms XHR
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=0&l=source

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31727d1c28ebba7b8bfd4016db9333ed60a753ee6cea3af0c3ff5a26f2184dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=259200
cf-ray: 8a372e99ac280e52-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 04:59:15 GMT

GET
H2 200 icon-phone-ca2.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 678 B
554 B 601ms
588ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/icon-phone-ca2.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f839e4a8f0cb4c2020f22709171275a33f7639a60aa963658168fbb7864872a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbbd7302-4266-11ef-80cb-b77c80ef1191
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e981efe0e15-MXP
expires: Mon, 29 Jul 2024 04:59:14 GMT

GET
H2 200 icon-email-ca2.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 814 B
465 B 604ms
591ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/icon-email-ca2.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d600b238958ea79c62904698f7bc3e86d53b20483542603ea7a699c9dc178a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbbe5628-4266-11ef-99b8-1b3728e4e25d
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e981f020e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 cart-icon.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 690 B
520 B 601ms
588ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/cart-icon.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbbddf2c-4266-11ef-af57-5b7e73756a46
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e981f050e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 dot-pattern.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 23 KB
4 KB 673ms
663ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/dot-pattern.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbc01c2e-4266-11ef-869c-3b5982806591
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e981f060e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 SwiftJustice.ttf
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/ 215 KB
89 KB 721ms
720ms Font
application/font-sfnt 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/SwiftJustice.ttf

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b6eeede8881171009f665ee67e2959c4a3b1f8c3fcd9924dcbd5c241e0fdbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
Origin: https://ponstingldavid78992.wearelegalshield.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbf01172-4266-11ef-977f-ebe9718477f6
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
cache-control: public, max-age=1209600
cf-ray: 8a372e9a18700e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 icomoon.woff
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/ 7 KB
4 KB 520ms
519ms Font
application/font-woff 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/fonts/icomoon/fonts/icomoon.woff

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e561c4e149bc1916e7625a21ca9f7a5fe505bb585e49acdce666087e4b541548

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
Origin: https://ponstingldavid78992.wearelegalshield.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbef0c6e-4266-11ef-aad4-f7e61ba33df4
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff
cache-control: public, max-age=1209600
cf-ray: 8a372e9a18720e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 PPLSI-ProductComboLockup-notag.png
ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/large/public/image/2022-01/ 14 KB
14 KB 587ms
569ms Image
image/png 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/styles/large/public/image/2022-01/PPLSI-ProductComboLockup-notag.png?itok=Hrw2DF_1

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82cf5fd3e2c32c4718410c29d82db58c51ddd90ac6c6a3e0ee095ba8c98dff18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 14267
x-xss-protection: 1; mode=block
x-request-id: v-fbf46c4a-4266-11ef-84f2-ebe934e5e57f
referrer-policy: same-origin
last-modified: Thu, 13 Jan 2022 14:21:09 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8a372e9a689b0e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 icon-call-mobile-ca.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 2 KB
1 KB 496ms
494ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/icon-call-mobile-ca.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf46ff5ff8f3357752c6dc60264e6b7328d208886d09ee49e7ec5ed7bc94d111

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbf7ba30-4266-11ef-8d3e-e7893f850fed
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e9a88b70e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 icon-message-mobile-ca.svg
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/ 4 KB
2 KB 495ms
493ms Image
image/svg+xml 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/dist/images/svg/icon-message-mobile-ca.svg

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc9871851db7ef95b8a0c6b95e6fa7ec32af95f78dfd17d5167d03a0ddfffe9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/sites/networkca/files/css/css_FKAuryXswNSoMdpYtT6ryRdGVZ9abzdzrwS5cM7-bJA.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fbf712e2-4266-11ef-afa2-33f25f91f01a
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8a372e9a88b80e15-MXP
expires: Mon, 29 Jul 2024 04:59:15 GMT

GET
H2 200 g Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 64 KB
26 KB 571ms
570ms XHR
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=16233&l=source

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31727d1c28ebba7b8bfd4016db9333ed60a753ee6cea3af0c3ff5a26f2184dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=259200
cf-ray: 8a372e9d3ee40e52-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 04:59:15 GMT

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 B
206 B 453ms
452ms Image
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=source&c=9083589

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8a372e9e28c40e49-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 associate_plans Show response
ponstingldavid78992.wearelegalshield.ca/plan_details/get/ 28 B
151 B 592ms
578ms XHR
application/json 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/plan_details/get/associate_plans?_=1721019555259

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b0da80139663726e9b8e97d9eb7cf81aa7b5ed0b652a0b88e85126203bc35a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwcFVFFWAgEGXg==
Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 46
x-xss-protection: 1; mode=block
x-request-id: v-fc5a867e-4266-11ef-9910-eb06f7906453
x-ua-compatible: IE=edge
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: X-USER_REGION_ON,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 8a372e9e7c620e15-MXP
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 current_domain Show response
ponstingldavid78992.wearelegalshield.ca/lang/get/ 21 B
344 B 555ms
554ms XHR
application/json 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/lang/get/current_domain?_=1721019555260

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6756d02c309ebb74b2f32efbee9961cee29093ddd9998e881a88db58c3e953

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwcFVFFWAgEGXg==
Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 41
x-xss-protection: 1; mode=block
x-request-id: v-fc5a4786-4266-11ef-b373-73a91c6c823b
x-ua-compatible: IE=edge
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: X-USER_REGION_ON,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 8a372e9e9c720e15-MXP
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 cookie Show response
ponstingldavid78992.wearelegalshield.ca/geolocate/set/ 232 B
639 B 593ms
592ms XHR
application/json 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/geolocate/set/cookie?_=1721019555261

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa36213e59561377748a3c04491b768885023320044cf53468b11da80bf14da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwcFVFFWAgEGXg==
Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 148
x-xss-protection: 1; mode=block
x-request-id: v-fc5dea4e-4266-11ef-8d90-07f49a907a2d
x-ua-compatible: IE=edge
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: X-USER_REGION_ON,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: no-cache, private, must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 8a372e9ebc8d0e15-MXP
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2

200

main.js Show response
ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/ Frame AAD9
Redirect Chain

https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

8 KB
4 KB

58ms
58ms

Script
application/javascript

104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f7bf6bc1ddf94905850728dc4c7b09410bc7dd2e7cf40bddfa07079e7acde07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
content-security-policy: frame-ancestors 'self'
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a372ea06de90e15-MXP
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 15 Jul 2024 04:59:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
server: cloudflare
content-security-policy: frame-ancestors 'self'
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7a55c9ccbaaa/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a372e9ecc990e15-MXP
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 B
149 B 467ms
466ms Image
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=en&c=135162

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 04:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:16 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8a372e9fba3c0e49-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

POST
H2 200 8a372e839c6b0e15 Show response
ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame AAD9 0
403 B 103ms
99ms XHR
text/plain 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/h/g/jsd/r/8a372e839c6b0e15

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
server: cloudflare
content-security-policy: frame-ancestors 'self'
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cf-ray: 8a372ea1ef290e15-MXP
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 43 B
103 B 453ms
452ms Image
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/tl.gif?l=en-CA&c=4634994

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 04:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:16 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
cf-ray: 8a372ea23c550e49-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 g Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 96 KB
32 KB 571ms
570ms XHR
text/plain 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/g?v=16233&l=en-CA

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ed1a5a876da6d56f3f49b30ce7d69e1860a1d461de9a33be07ee9df4d52f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 04:59:16 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=259200
cf-ray: 8a372ea23a8e0e52-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 18 Jul 2024 04:59:16 GMT

GET
H2 200 get-licenses Show response
ponstingldavid78992.wearelegalshield.ca/lgs/ 30 B
223 B 590ms
589ms XHR
application/json 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/lgs/get-licenses?qit0g=en4f0j&_=1721019555262

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33a63207da5bfb40b43b2fda369e924d31e7a04a41e9778956b00ed2ad78930

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: VQQDVl9XGwcFVFFWAgEGXg==
Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 0
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
content-length: 50
x-xss-protection: 1; mode=block
x-request-id: v-fcbcb786-4266-11ef-a99d-9fa000e52e42
x-ua-compatible: IE=edge
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: X-USER_REGION_ON,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
x-generator: Drupal 9 (https://www.drupal.org)
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
cf-ray: 8a372ea28fc90e15-MXP
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 nr-full-1.262.0.min.js Show response
js-agent.newrelic.com/ 94 KB
28 KB 523ms
52ms Script
application/javascript 162.247.243.39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-full-1.262.0.min.js

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.247.243.39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9486adc88ceaf594709e66b469a222526198696d1116991b9788b3c3ea279339

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer
Origin: https://ponstingldavid78992.wearelegalshield.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 9M824wc5CA8l7iYESq3isFEmK6QQu9Z9
content-encoding: br
via: 1.1 varnish
date: Mon, 15 Jul 2024 04:59:17 GMT
strict-transport-security: max-age=300
x-amz-request-id: HW4M0DHN4W584HHW
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 27775
x-amz-id-2: 2EFt+Bq45WymbK4B8Z4fuTKADjtb+CpJRD4OYMgm3eye2IJn9JVBS+9+ZPcvkpTTmTXVh6/bu58=
x-served-by: cache-mxp6952-MXP
last-modified: Wed, 10 Jul 2024 15:59:13 GMT
server: AmazonS3
etag: "433c6de1350ce70ae221521478f7037a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 33533

POST
H2 204 rum Show response
ponstingldavid78992.wearelegalshield.ca/cdn-cgi/ 0
165 B 70ms
68ms XHR
text/plain 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/cdn-cgi/rum?

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VQQDVl9XGwcFVFFWAgEGXg==
Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 15 Jul 2024 04:59:16 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ponstingldavid78992.wearelegalshield.ca
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8a372ea50a4a0e15-MXP

GET
H2 200 LS-Shield-favicon.ico
ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/branding/wals/ 4 KB
814 B 493ms
493ms Other
image/vnd.microsoft.icon 104.18.5.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ponstingldavid78992.wearelegalshield.ca/themes/custom/themekit/branding/wals/LS-Shield-favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3d57d2f0d2f0dbc677a92bd211c02dde19b14c2cd7a62c2767dfeb6fcdd5a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponstingldavid78992.wearelegalshield.ca/opportunity
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self', frame-ancestors 'self'
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-fcfc21a0-4266-11ef-83bb-278b61f97bda
referrer-policy: same-origin
last-modified: Wed, 01 Nov 2023 21:47:57 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=1209600
cf-ray: 8a372ea51a560e15-MXP
expires: Mon, 29 Jul 2024 04:59:17 GMT

POST
H/1.1 200
OK c786e855e0 Show response
bam.nr-data.net/1/ 148 B
752 B 576ms
295ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c786e855e0?a=450045018&v=1.262.0&to=ZQZUZUVWXkIHAUJaV1xMd1JDXl9fSSZERkhTD2pfWFNVbSUNWEdKXQ9aVEVrfl4CB2BaXUUgWV9DRV9dCgdEHgZEClNG&rst=9076&ck=0&s=0&ref=https://ponstingldavid78992.wearelegalshield.ca/opportunity&ptid=c6cde895da795e87&af=err,xhr,stn,ins&qt=9&ap=1373&be=4979&fe=3496&dc=2501&at=SUFDEw1MTR1EAxQJQ08e&perf=%7B%22timing%22:%7B%22of%22:1721019548143,%22n%22:0,%22f%22:3112,%22dn%22:3112,%22dne%22:3112,%22c%22:3112,%22s%22:3112,%22ce%22:3112,%22rq%22:3120,%22rp%22:4979,%22rpe%22:5227,%22di%22:7304,%22ds%22:7308,%22de%22:7480,%22dc%22:8473,%22l%22:8473,%22le%22:8475%7D,%22navigation%22:%7B%7D%7D&fp=6889&fcp=6889
Requested by: Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed05b0cdffaab17033d5d167645796469705064a6c5bf0e280dc1e172c1f23d8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 15 Jul 2024 04:59:17 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://ponstingldavid78992.wearelegalshield.ca
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 8a372eaa7c4e0d80-MXP
timing-allow-origin: https://ponstingldavid78992.wearelegalshield.ca

POST
H2 200 s Show response
global.localizecdn.com/api/lib/cANnh5Q5gPxqh/ 2 B
112 B 401ms
392ms XHR
application/json 104.18.4.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/cANnh5Q5gPxqh/s

Requested by

Host: ponstingldavid78992.wearelegalshield.ca
URL: https://ponstingldavid78992.wearelegalshield.ca/opportunity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Jul 2024 04:59:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8a372eb2ffa50e52-MXP
alt-svc: h3=":443"; ma=86400
content-length: 2

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wearelegalshield.ca/	1969-12-31 23:59:59	Name: lgs_affiliated_associate Value: ponstingldavid78992
.ponstingldavid78992.wearelegalshield.ca/	1970-01-20 22:36:59	Name: SSESS6150107a448d4a2243e834982ef1a029 Value: VKbaqQPeLwo0ezbvzfwwZ8kNV0-V0UP9bCpfJVQDt75bjAxv
.wearelegalshield.ca/	1970-01-20 22:03:41	Name: __cf_bm Value: 0kTydMXq7s9t6K7e92BYrs0oEiWBNPrZ3pQBqWz4Ntc-1721019553-1.0.1.1-TAuhz3Wc6AUNaDiUh6NXyTaQ4dQCyXu2ad4TuYPHEqk5mtKAYL85IeYyxuRCDIx6urg6W2qtX0DPSYJnPnIBcw
ponstingldavid78992.wearelegalshield.ca/	1969-12-31 23:59:59	Name: cart-region-timeout Value: shown
ponstingldavid78992.wearelegalshield.ca/	1970-01-20 22:03:43	Name: geolocation Value: %7B%22geoplugin_regionName%22%3A%22Ontario%22%2C%22geoplugin_regionCode%22%3A%22ON%22%2C%22geoplugin_countryCode%22%3A%22IT%22%2C%22wals_canada_url%22%3A%22https%3A%5C%2F%5C%2Fponstingldavid78992.wearelegalshield.ca%22%2C%22geoplugin_domain%22%3A%22https%3A%5C%2F%5C%2Fponstingldavid78992.wearelegalshield.ca%22%7D
ponstingldavid78992.wearelegalshield.ca/	1970-01-20 23:30:03	Name: cart_region Value: ON
.wearelegalshield.ca/	1970-01-21 06:49:15	Name: cf_clearance Value: qLjZa9uqyr39SeDGINaUernD3Dq.fFloNC7YmQL.OuI-1721019556-1.0.1.1-Qhjl63Vc3c7bwVVwIJJlNFOf3h58ZJuy7MPYx7J4Ixj1xCZnUHaJppn7GrA0QczxDaxdMEQ3jAzfIwHoV_1qMw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
global.localizecdn.com
js-agent.newrelic.com
legalsupport365.net
ponstingldavid78992.wearelegalshield.ca
static.cloudflareinsights.com
104.16.79.73
104.17.24.14
104.18.4.175
104.18.5.6
142.250.186.138
151.101.66.137
162.247.241.14
162.247.243.39
172.67.142.7
07b6eeede8881171009f665ee67e2959c4a3b1f8c3fcd9924dcbd5c241e0fdbb
113e86f602e9cffee5e305938ddba9e218ebbd9c0216c6a4ada1ec3f25f28bc2
14a02eaf25ecc0d4a831da58b53eabc91746559f5a6f3773af04b970cefe6c90
1e398d7e1be8e034e06112d41c1ddf1ec9881665fe923c28f7c2037dc35449e1
20ddde5cf80db4f46844129c2826dbbd444b689a99bb49aa96130f3d61d50534
24e46387bf3ecd62ee9f40292dbaf9235c58b9d987d8b52248d1bacdb6dcbaa0
29ed1a5a876da6d56f3f49b30ce7d69e1860a1d461de9a33be07ee9df4d52f36
315ca72ab48ac5d6ce2a22a316e0f872c3791e53af658f250d9f3dcca9badaed
31727d1c28ebba7b8bfd4016db9333ed60a753ee6cea3af0c3ff5a26f2184dba
3fc52014607137ca81822ce772cbd30fba0d08ad1bea79c91da8450fbd954898
40ca2623fcf04ed600fee93bebfe7f6bcc5b480e0567fffa5245e448977d1893
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7bf6bc1ddf94905850728dc4c7b09410bc7dd2e7cf40bddfa07079e7acde07
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
564165426740146fa161a3f62c9dcb9854c6c71d3d9c9ad6cfcf3e420ffb11c1
59bd3c7e4c71dd8ce3165db56aa2f3af6ab504f633d04d9350d0a9edb143ed20
5b6756d02c309ebb74b2f32efbee9961cee29093ddd9998e881a88db58c3e953
5cc9871851db7ef95b8a0c6b95e6fa7ec32af95f78dfd17d5167d03a0ddfffe9
5ea1ec246aeb91a9418d329209cf023bc941f0ee02865386673c7acc1800f51e
82cf5fd3e2c32c4718410c29d82db58c51ddd90ac6c6a3e0ee095ba8c98dff18
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8d600b238958ea79c62904698f7bc3e86d53b20483542603ea7a699c9dc178a6
939fe220ac3999512e38ecd5397d7334210c1568e7aec55eb6c6f4d1316c8353
9486adc88ceaf594709e66b469a222526198696d1116991b9788b3c3ea279339
94b0da80139663726e9b8e97d9eb7cf81aa7b5ed0b652a0b88e85126203bc35a
9e7c78575a329ad786966f12e2bb94620450a0991478f658a21db4a03c6bf353
9fa36213e59561377748a3c04491b768885023320044cf53468b11da80bf14da
b0dabd2df082ad149ad9999323d0d4bf7103e7ea97c2bc3bdbd63990bc311edf
c33a63207da5bfb40b43b2fda369e924d31e7a04a41e9778956b00ed2ad78930
c672e70b77363b2983179eb83ca5b3f11055e9f54ee4c5b803f50a92cb034a85
cb918d375c564ebbaff7d5bd73350e6a311bc07714b436e133cd17202d448bfa
cf46ff5ff8f3357752c6dc60264e6b7328d208886d09ee49e7ec5ed7bc94d111
da3d57d2f0d2f0dbc677a92bd211c02dde19b14c2cd7a62c2767dfeb6fcdd5a7
da4a13dd9fe6022ae538654d737e388e178e357da5dbd792fffe7686bcc2b798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e561c4e149bc1916e7625a21ca9f7a5fe505bb585e49acdce666087e4b541548
e58c7a3fe77cb4cb3988ab050458b0cca780811be3d5d5f0c5ff67fddcbbdad2
e5f668076d49999c6dd0103090727ab163d4da6f00b37992079a496c24e97339
e8e5d4681bf75db3f15146187207c0261ba86068998659a35e93eb37e458171b
ed05b0cdffaab17033d5d167645796469705064a6c5bf0e280dc1e172c1f23d8
f3b739bb484e8d6314fb86e8be7516d637ddd56b506b5c72721906ebe306d172
f839e4a8f0cb4c2020f22709171275a33f7639a60aa963658168fbb7864872a0

ponstingldavid78992.wearelegalshield.ca Open in urlscan Pro 104.18.5.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

8 IPs

2 Countries

1602 kBTransfer

3933 kBSize

7 Cookies

7 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ponstingldavid78992.wearelegalshield.ca Open in urlscan Pro
104.18.5.6 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

8
IPs

2
Countries

1602 kB
Transfer

3933 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions