urlscan.io logo urlscan.io
SecurityTrails logo

claim.roundup.legal Open in urlscan Pro
3.69.136.55  Public Scan

Go To Rescan Add Verdict Report
URL: https://claim.roundup.legal/
Submission: On June 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 50 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is claim.roundup.legal.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time claim.roundup.legal was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.69.136.55 16509 (AMAZON-02)
2 13.224.189.30 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 52.222.250.38 16509 (AMAZON-02)
1 151.101.129.181 54113 (FASTLY)
7 13.32.99.123 16509 (AMAZON-02)
1 34.227.204.98 14618 (AMAZON-AES)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 3 2600:9000:206... 16509 (AMAZON-02)
1 13.224.189.67 16509 (AMAZON-02)
2 18.66.112.61 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2600:1f18:31e... 14618 (AMAZON-AES)
1 3.126.33.65 16509 (AMAZON-02)
1 18.66.112.82 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 174.138.109.196 14061 (DIGITALOC...)
1 34.211.121.160 16509 (AMAZON-02)
50 27
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
claim.roundup.legal
2    13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:21f3:8000:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
track.hubspot.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    151.101.129.181 (United States)

ASN54113 (FASTLY, US)
views.unsplash.com
7    13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net
fonts.ub-assets.com
1    34.227.204.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-204-98.compute-1.amazonaws.com
events.ub-analytics.com
3    2a03:2880:f08e:100:face:b00c:0:3 (Saint-Denis, France)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:206f:4400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    13.224.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-67.fra2.r.cloudfront.net
cdn.getblueshift.com
2    18.66.112.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-61.fra56.r.cloudfront.net
cdn.callrail.com
js.callrail.com
1    2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
4    2600:1f18:31ec:ca00:bb9f:3d5e:5144:7478 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
capi.injuredfirefighters.com
1    3.126.33.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-33-65.eu-central-1.compute.amazonaws.com
d.agkn.com
1    18.66.112.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-82.fra56.r.cloudfront.net
js.callrail.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6811:6ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    2a05:d018:cc3:fe04:3d91:3936:bb0d:1155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
track.tortdirect.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
track.tend.io
2    174.138.109.196 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
tend.io
1    34.211.121.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-121-160.us-west-2.compute.amazonaws.com
api.getblueshift.com
Apex Domain
Subdomains		 Transfer
9 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
529 KB
7 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 25636
133 KB
4 injuredfirefighters.com
capi.injuredfirefighters.com
770 B
4 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2565
d.adroll.com — Cisco Umbrella Rank: 1319
25 KB
3 tend.io
track.tend.io — Cisco Umbrella Rank: 368548
tend.io — Cisco Umbrella Rank: 285018
4 KB
3 callrail.com
cdn.callrail.com — Cisco Umbrella Rank: 8417
js.callrail.com — Cisco Umbrella Rank: 10189
60 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
175 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 4804
forms.hscollectedforms.net — Cisco Umbrella Rank: 4953
26 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
216 B
2 getblueshift.com
cdn.getblueshift.com — Cisco Umbrella Rank: 15320
api.getblueshift.com — Cisco Umbrella Rank: 11297
3 KB
2 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 12819
track.hubspot.com — Cisco Umbrella Rank: 2419
22 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 20673
37 KB
1 tortdirect.com
track.tortdirect.com
143 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4344
983 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2307
64 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 722
556 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2538
1 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 25951
282 B
1 unsplash.com
views.unsplash.com — Cisco Umbrella Rank: 34566
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
60 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 745
30 KB
1 roundup.legal
claim.roundup.legal
13 KB
50 22
Domain Requested by
7 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
7 d9hhrg4mnvzow.cloudfront.net claim.roundup.legal
4 capi.injuredfirefighters.com 2 redirects claim.roundup.legal
connect.facebook.net
3 s.adroll.com 1 redirects claim.roundup.legal
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 tend.io track.tortdirect.com
2 www.facebook.com claim.roundup.legal
2 js.callrail.com cdn.callrail.com
2 d34qb8suadcc4g.cloudfront.net claim.roundup.legal
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com claim.roundup.legal
1 api.getblueshift.com cdn.getblueshift.com
1 track.hubspot.com
1 track.tend.io
1 track.tortdirect.com 1 redirects
1 d.adroll.com s.adroll.com
1 forms.hsforms.com claim.roundup.legal
1 forms.hscollectedforms.net js.hscollectedforms.net
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 d.agkn.com claim.roundup.legal
1 js.hs-scripts.com www.googletagmanager.com
1 cdn.callrail.com www.googletagmanager.com
1 cdn.getblueshift.com claim.roundup.legal
1 events.ub-analytics.com claim.roundup.legal
1 views.unsplash.com claim.roundup.legal
1 www.googletagmanager.com claim.roundup.legal
1 js.hubspot.com claim.roundup.legal
1 code.jquery.com claim.roundup.legal
1 claim.roundup.legal
50 29

This site contains links to these domains. Also see Links.

Domain
www.injuredfirefighters.com
Subject Issuer Validity Valid
claim.roundup.legal
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.unsplash.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-10-01 -
2023-11-02		 a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2022-11-17 -
2023-12-17		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-10 -
2023-06-08		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-08-01		 5 months crt.sh
*.getblueshift.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-07		 7 months crt.sh
swappy.callrail.com
Amazon RSA 2048 M01		 2023-03-02 -
2023-09-08		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
capi.injuredfirefighters.com
R3		 2023-05-27 -
2023-08-25		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
tend.io
R3		 2023-05-20 -
2023-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://claim.roundup.legal/
Frame ID: 1168709C637860E6D731EF99E926FA18
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AFFF Fire Foam - Justice & Compensation Center For Firefighters | Free Claim Analysis and Consultation

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

92 %
HTTPS

56 %
IPv6

22
Domains

29
Subdomains

27
IPs

6
Countries

1184 kB
Transfer

2267 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://capi.injuredfirefighters.com/?event_name=%22PageView%22&event_id=%221685580535558%22&action_source=%22website%22&fbp=%22fb.1.1685580535567.1829552087%22&fbc=null&event_source_url=%22https%3A%2F%2Fclaim.roundup.legal%2F%22&event_time=1685580535 HTTP 302
  • https://capi.injuredfirefighters.com/auth/login HTTP 301
  • https://capi.injuredfirefighters.com/auth/login/
Request Chain 41
  • https://s.adroll.com/j/exp/VSPLXTJPP5BO3IJRMTXBWD/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 45
  • https://track.tortdirect.com/js/track/v3.6.min.js HTTP 301
  • https://track.tend.io/js/track/v3.6.min.js

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
claim.roundup.legal/ 		61 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claim.roundup.legal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
48b925a1f69eff8d3de45b1a98445057f43cf33f8438e2a2fd0b117053fa3c92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
12118
content-location
https://claim.roundup.legal/
content-type
text/html; charset=utf-8
date
Thu, 01 Jun 2023 00:48:55 GMT
etag
"a:ad7435e986ff42e68e728fa1cb222117"
link
<https://claim.roundup.legal/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
1354e838-b1c7-49f5-b008-908cdcfbef7e
x-unbounce-variant
a
x-unbounce-visitorid
ad7435e9-86ff-42e6-8e72-8fa1cb222117
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 05:52:08 GMT
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-version-id
Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop
FRA2-C1
age
6375408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Mon, 13 Mar 2023 16:18:47 GMT
server
AmazonS3
etag
"15295835030f315ea1ec0147abd5ea63"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QS1wL1e3v0wWatyC8PGyFkKaRm3DkW8nkSuB4rBWF1KqPoUfpKBKRQ==
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 25 May 2023 09:51:04 GMT
content-encoding
gzip
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-amz-version-id
TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
x-amz-cf-pop
FRA2-C2
age
572272
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1865
last-modified
Tue, 17 Jan 2023 21:14:25 GMT
server
AmazonS3
etag
"fde4d3457a50df6eb5c2e00c8f2ae5b3"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_9SLs28mS5nrSfahH-kB2QvlfNksdiTpYVS4BcH9vRH8wx6q8h-_oA==
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://claim.roundup.legal/
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
content-encoding
gzip
last-modified
Fri, 26 Aug 2022 17:36:05 GMT
server
nginx
etag
W/"63090485-15e40"
vary
Accept-Encoding
x-hw
1685580535.dop136.fr8.t,1685580535.cds336.fr8.hn,1685580535.cds258.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30957
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 11 May 2023 04:58:19 GMT
content-encoding
gzip
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
FRA2-C1
age
1799437
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FLK2xAad1dM0v6kg81YL84oleovmmU6cVIt41WMI6zopic7gKJGWkQ==
22718917.js
js.hubspot.com/analytics/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/analytics/22718917.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0319a64137d958c576865ce0c01812185358b10e7b86cc1c6edbeab6ea81c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
M4ZW1AWQ4YJSW32J
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uM9BIPnYzosKJNJoKHhBqwZOPyHSuutSnfrtzCTLjBiGaYLGdmS5Fswrsq48BYRUHpLkuiLHVzbmMctoavx7og==
x-evy-trace-listener
listener_https
x-request-id
62392c47-4f1d-4ef3-90e7-60582ed1f475
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 31 May 2023 19:43:39 GMT
server
cloudflare
etag
W/"a7f1cf535db1f6c60a1d9a4cac58a0e3"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JGyLN80T%2FYNhTwUmI7Pe6trlfRwx1vEagjtXa6AR7qUY2RD5PlrBSm%2FXNziGNT9gdUoVb3ZSkBWamlwpABauAFoJX%2FBkZEpX7%2FpRsoT6FZMyW9ibwMG5GonUTqbKuR3lCsLMGtPe%2FPTkisN"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-hsbd9
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7d03742a8d9c9bf2-FRA
expires
Thu, 01 Jun 2023 00:53:55 GMT
gtm.js
www.googletagmanager.com/ 		168 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KH79XHF
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34cdb789e5de10730d650f48dbf123b71f566ae8020b911d712a926cc73c5181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61207
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jun 2023 00:48:55 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
b4973360-unsplash-bk11wzwb9f4-bk11wzwb9f4_11hc0zk00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/b4973360-unsplash-bk11wzwb9f4-bk11wzwb9f4_11hc0zk00000000000001o.jpg
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b5a54e392b8257bad0b2509381677731dc0b5003bf39a7ba3320e465c4df5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
PzhsgYOnnrjayIFfv3o_GUYguJpbAvG_
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"af8d8840671ce4cc11016a10a4fb3034"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
268645
x-amz-cf-id
BPetXN-pkCUP4YW-jJHMBIyJdtqlkLsfYL-2yGNSbaZMw4i2IM4Dlg==
0bfa4674-unsplash-mdjfhthrtdu-mdjfhthrtdu_11hc1uo1hc0di0001h501o.jpg
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/0bfa4674-unsplash-mdjfhthrtdu-mdjfhthrtdu_11hc1uo1hc0di0001h501o.jpg
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35766d29c4555a5040b0a8cbdd0af8d34f9ecc8afb2b2f3dd3409d02a58542e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
s5GZGcff8TQ7kbVTF.WTHJvLQSAMAgGN
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"7fc3e486ef376fbd1d19bc35179f3964"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
203880
x-amz-cf-id
n-e70w6YY6gs1-zbCuOKdsPiITztN3wvK9cFY4ywzCd64jDv0YyjqA==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 25 May 2023 08:01:03 GMT
content-encoding
gzip
via
1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
578873
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
4Yt4rCIqcNn5RMNSfVtg8yivkDdE1dKeIAqqndivyT3qgi025qf68w==
62e20480-2cd5-44a3-a217-85fb93a78e27
https://claim.roundup.legal/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://claim.roundup.legal/62e20480-2cd5-44a3-a217-85fb93a78e27
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
v
views.unsplash.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://views.unsplash.com/v?app_id=27955&photo_id=bk11wzwb9f4,mdjfhthrtdu
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
css
fonts.ub-assets.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
6477aa5cebd264a4c7aac584d093b1773c6a0e1f3b9ae462deee47838c4cfe2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
548920dd-5c3c-4add-874c-06655109671c
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
F0GmwHzzoAMF2Uw=
content-length
979
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-6477eaf7-5c4bf23d15e60af726fbfc94
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
Sh7mVoJ3tGG75z1Ndk1gWdZW9Hg6N3Ul1K8HrDk5soRRni-jfUfTNA==
1lwgzyz-o-icons-search-64x64_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		383 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/1lwgzyz-o-icons-search-64x64_1000000000000000000028.png
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5170a106a61af43da50e2199ea81c6e08473d917a2c367b87a91143d7915e115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
BUSGR_CUG78FrjBneGkWECnyFZROnV7D
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"bbd5b2635cd9fa21c21fe05cbed7a850"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
383
x-amz-cf-id
okpClUcZR4SsrB88UWT0YTHTX0mTB4xAyixsObfuQOEpiWUXeYnU-w==
1kspb72-o-icons-message-64x64_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		282 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/1kspb72-o-icons-message-64x64_1000000000000000000028.png
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f503882f2f5265bcd4bcb181d2b28c9267b0c6835ce2407c387a86cf79c5b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
R15nSdGM.mClpx5foLt16t0NcMcb3C..
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"3f8d34a470f7fbbd9938e0c9a0ce66a3"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
282
x-amz-cf-id
ujSVRChAj_aOav2QUuYJwsGbhJHwLAAruEFzonZCZf6sBIGaBqO2Fw==
1avcise-o-icons-checkmark-64x64_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		411 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/1avcise-o-icons-checkmark-64x64_1000000000000000000028.png
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a4e0037a648eaacbffc289e07c59efa63e5171e4adacc1104e5dd62e6cf145a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
4C93e2SaNfVvIYomvtGf1Ov4GX9bD0Rj
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"64e8206474ed4764337e537732e239c2"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
411
x-amz-cf-id
9TWNYoRLqimSdxMxhEVCgVdFZ0KAJ5nG0WQGfan2NUeJ-11n2N75NQ==
ada22c76-adobestock-33170956_10at0760ar07600100001o.jpeg
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ada22c76-adobestock-33170956_10at0760ar07600100001o.jpeg
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dc7aaff0e0ecf742c1c45a4d54fa1429131308148f606dce77929ce1a4a1a9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
9bzB0iBz5x4k.fOX7GimJUNotER9FB10
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"66971cf2ee5267612bf62d7144127083"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
23000
x-amz-cf-id
nW1Wld_JEMG-rItlregeEcyeyK5uI9IibiR1Bv0_wroEvr4qYC6hxg==
54e4eea2-502021005-0-f_107c07c00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/claim.roundup.legal/54e4eea2-502021005-0-f_107c07c00000000000001o.jpg
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4717d90eb5ce8869d971eeb949dd9b6695b0d2b2c92b19ee8d18169eadcbbf5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
c_vg4uAOlmUcaxi1iwwOch21VzFwXvEq
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 00:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"07f51b91173a4c2826754ebc3c92159f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
8129
x-amz-cf-id
HqjEnwnUKAhLrYBTz6iFR3-8Aw5SPocv5zD6XaFDcTAIG88FTnSakQ==
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1685580535473&e=pv&url=https%3A%2F%2Fclaim.roundup.legal%2F&page=AFFF%20Fire%20Foam%20-%20Justice%20%26%20Compensation%20Center%20For%20Firefighters%20%7C%20Free%20Claim%20Analysis%20and%20Consultation&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=9d8027b2-efd9-472d-b029-db821d5bb102&dtm=1685580535472&vp=1600x1200&ds=1600x2607&vid=1&sid=af3cac2f-1573-4b83-a44e-884befabd63e&duid=cd2d2c54-22f9-4fea-b078-ad6fa27961fe&uid=ad7435e9-86ff-42e6-8e72-8fa1cb222117&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMTM1NGU4MzgtYjFjNy00OWY1LWIwMDgtOTA4Y2RjZmJlZjdlIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.204.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-204-98.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH79XHF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f08e:100:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Jun 2023 00:48:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27497
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
zCfXVors8IZ2YLL2EWiVPQZYCFouAe2wVh2+VE/U90UlEMeeUgkyfeVAZBJ1prCnf1encP++cHHvhPob3/DLbA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
roundtrip.js
s.adroll.com/j/VSPLXTJPP5BO3IJRMTXBWD/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/VSPLXTJPP5BO3IJRMTXBWD/roundtrip.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a824f615acb54dbaa022d6e835c57ec00241049b7b7c6cb607c7a9cd4b0016c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

X-Amz-Version-Id
lud4TQxTxSy9TfAad9zeubFKL1zpgYXQ
Content-Encoding
gzip
Via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Date
Thu, 01 Jun 2023 00:48:57 GMT
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 31 May 2023 11:31:06 GMT
Server
AmazonS3
Etag
W/"786451e12f36f713ddeb3b5dabf117e6"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
8YdBRNjMMI2Jm14Mp-N0B4uiccAs_Jrg1171fYmFy_YZ3Vtc5SCpJA==
blueshift.js
cdn.getblueshift.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e751514dc1d224be97ed644ada25dc382108c9d7967bafe328f5d7a176047b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 31 May 2023 23:55:26 GMT
Content-Encoding
gzip
Via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
3209
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2228
Last-Modified
Wed, 22 Mar 2023 02:49:08 GMT
Server
AmazonS3
ETag
"f0cb4d631149e484cf139de39318f519"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
GfMm3s34_Np_Y9l6Q4baeXqbQfaDlFaiC4FJwNNq82-G3bfjiw6L2Q==
swap.js
cdn.callrail.com/companies/499947410/d397622a975ff664d534/12/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.callrail.com/companies/499947410/d397622a975ff664d534/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH79XHF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-61.fra56.r.cloudfront.net
Software
/
Resource Hash
6ba5ecae7c7cfbf28f5b7401de1aa65e67e25056f811fb381eac0a736578d8c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-runtime
0.012669
date
Thu, 01 Jun 2023 00:48:55 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
etag
W/"6ba5ecae7c7cfbf28f5b7401de1aa65e"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public
timing-allow-origin
*
x-amz-cf-id
3n4iqhQ9rw5atasgYFoAN8vf6cS4nGMU7-7vvvqWagMdeMIGAUooAQ==
x-request-id
bc156ef8-52d5-45d5-bd12-d003973f202a
22718917.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/22718917.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KH79XHF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8df3b508d0680f9062d32b55a8ff9292bd5100b3bb72c5167863afd8584ee671

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:55 GMT
content-encoding
br
cf-cache-status
MISS
x-hubspot-correlation-id
22d76122-8d05-46dd-ac79-599efbb805b1
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
11
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
edc36b61-9b3e-4c38-8ceb-4a9ba2012224
last-modified
Thu, 01 Jun 2023 00:48:55 GMT
server
cloudflare
x-trace
2BE7E83917B9217F66C472DF855E32F1A2587EF28E000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://claim.roundup.legal
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-z5f85
cf-ray
7d03742c8b6c8fca-FRA
expires
Thu, 01 Jun 2023 00:49:55 GMT
/
capi.injuredfirefighters.com/auth/login/
Redirect Chain
  • https://capi.injuredfirefighters.com/?event_name=%22PageView%22&event_id=%221685580535558%22&action_source=%22website%22&fbp=%22fb.1.1685580535567.1829552087%22&fbc=null&event_source_url=%22https%3...
  • https://capi.injuredfirefighters.com/auth/login
  • https://capi.injuredfirefighters.com/auth/login/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.injuredfirefighters.com/auth/login/
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Server
2600:1f18:31ec:ca00:bb9f:3d5e:5144:7478 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

location
/auth/login/
date
Thu, 01 Jun 2023 00:48:56 GMT
cache-control
no-store
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
/
d.agkn.com/pixel/12126/ 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/12126/?cd1=bc1&cd2=106&cd3=0
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.33.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-33-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 00:48:55 GMT
Content-Type
image/gif
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f08e:100:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Jun 2023 00:48:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2151x6y9N6DR4XJe5WvW/C4isSJJbaAjO5LgexseZjhMcnklPupCrnqQSyz2KbWbnE2uUrkw5jb2Nsbo9HMWSw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
390929188084111
connect.facebook.net/signals/config/ 		435 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/390929188084111?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f08e:100:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
61c02529e5c6b75bd600205321464a694e7c247e692f5211be251cdd4840bd45
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 01 Jun 2023 00:48:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2nVForxoCX92sHPhQkDtBokL7x0Ic76A7lAKVa1D5oOxeanDngbejyhxJkXCdgpyLlp5kCVocB1VnSx2HJ6u7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.ub-assets.com/fonts/s/ubuntu/v20/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 03:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
34852
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
16319335
x-amzn-requestid
a476a0cc-af13-42de-8789-ea62cc17f7cf
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cFkejGbJIAMFcFw=
content-length
34885
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637ee790-3639317e587ce4b93ebd6594
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
b1L2bllbZwc58zTgau3K008Z77d00zPAh3hrsThssx4iA3BPD8Tyzw==
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.ub-assets.com/fonts/s/ubuntu/v20/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 07:47:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
29752
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
14662907
x-amzn-requestid
2c32f3a6-fcd6-47f2-ac20-7b3561066576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
dEwffHoUIAMF8sQ=
content-length
29780
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-63982dfc-22175fc427e94249740f7c2c
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ZNMY3VnUv7Ao4-M1O6LTbqrcysY_nWmTWU115-Y7pOcaaWUYbMwS0w==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 04:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15744
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
3269205
x-amzn-requestid
ff01d1ee-0668-4ebc-b9c2-0d537a59d6fb
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
D3ZJbGUDoAMFWJA=
content-length
15767
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-644608a2-083b1a7f389f2dea58beaad8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Unhf-EiNgYNLjBOKLoIFYocP-gNXvR8ks4o73SX4qzz89ebt1qkNyQ==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2507748
x-amzn-requestid
4a10d137-c669-4fc8-bc9d-ebb1a3a2b4d4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUcLEEJuoAMFYNw=
content-length
23578
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a713-5a3dc6fb498279ab2ce1cdeb
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
BpV0zqoJNn73MOV2h-Iqt3QPYgKQ_8Lu1XH4xK5QTeACQOjQzCMcfA==
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.ub-assets.com/fonts/s/montserrat/v25/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 08:00:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
12820
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
16303728
x-amzn-requestid
0b9fe4d0-6c11-43d4-9ca8-2ad13fd4c8ad
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
cGKlQGULIAMF6EQ=
content-length
12843
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:10 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-637f2487-73be495707dcafd568bf2582
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ofVYNI0QDzXJJqecqT1OtQz33WseuinmdxKoD9LaVrF_N_Kl1QnRVA==
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v21/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Ubuntu:regular,700%7CLato:regular%7CMontserrat:500%7CSource+Sans+Pro:italic%7CRoboto:regular
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 01:53:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
12580
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
4920939
x-amzn-requestid
e7eb61f7-0305-418f-bcf0-27f8bfffa7f7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
C4YmAE7goAMFvNQ=
content-length
12603
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:48 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-642cd48c-47d7f5ce765768f475feac0d
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
aki32Hl1SIvniJC0l1tK1qRtNVGzNGnc7ddd0GQv3wheVqSlB0Pvfw==
external_forms.js
js.callrail.com/companies/499947410/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/companies/499947410/external_forms.js?t=1685580535909&
Requested by
Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/499947410/d397622a975ff664d534/12/swap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-61.fra56.r.cloudfront.net
Software
/
Resource Hash
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
x-request-id
b5b8b64c-35db-48c0-bf56-2632b47f6ab5
x-runtime
0.011894
referrer-policy
strict-origin-when-cross-origin
etag
W/"bb520d834b4b8107e8cd589e6fb93cf0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
f3XGcyfCz_bGw4IqsTbIu0eWkL3uoCL7W8t2Bd6dXcDtXwVNjdP95A==
swap_session.json
js.callrail.com/group/0/d397622a975ff664d534/12/ 		134 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.callrail.com/group/0/d397622a975ff664d534/12/swap_session.json
Requested by
Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/499947410/d397622a975ff664d534/12/swap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-82.fra56.r.cloudfront.net
Software
/
Resource Hash
a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de

Request headers

Accept
application/json
Referer
https://claim.roundup.legal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

x-runtime
0.057512
date
Thu, 01 Jun 2023 00:48:56 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
etag
W/"a16c2bf1b21db196ddf564a979a6a1b8"
access-control-max-age
7200
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin
x-amz-cf-id
C285-eH0irFYCNpIVk_jjkFgl7KGHptgZbpA5PNOaQNHhJGBe7fNkg==
x-request-id
a7a77d27-7fa7-4b42-9909-8b4988d714b3
events
capi.injuredfirefighters.com/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.injuredfirefighters.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/390929188084111?v=2.9.104&r=stable
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1f18:31ec:ca00:bb9f:3d5e:5144:7478 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://claim.roundup.legal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://claim.roundup.legal
date
Thu, 01 Jun 2023 00:48:56 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=390929188084111&ev=PageView&dl=https%3A%2F%2Fclaim.roundup.legal%2F&rl=&if=false&ts=1685580535945&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685580535567.1829552087&it=1685580535728&coo=false&eid=1685580535558&tm=1&rqm=GET
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Jun 2023 00:48:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22718917.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687

Request headers

Referer
https://claim.roundup.legal/
Origin
https://claim.roundup.legal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
SGo7xq5b6d1kUu6c8SU5YR.mobmUICUY
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
cf-cache-status
MISS
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.370/bundles/project.js&cfRay=7d03742e5e979bcb-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2f80bb6d-148b-4dbf-947a-194761e8fc39
last-modified
Tue, 09 May 2023 08:44:18 UTC
server
cloudflare
etag
W/"d1b16df440198d59c993c4956b7fded6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-qrxbq
cf-ray
7d03742e5e979bcb-FRA
x-amz-cf-id
EosldRBLbbVEj2ZDQQLfX5xOItu6X9wiglxf44QcwzHBz2lYJpwSVA==
x-hs-target-asset
collected-forms-embed-js/static-1.370/bundles/project.js
banner.js
js.hs-banner.com/v2/22718917/ 		208 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/22718917/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22718917.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55063ed0422f2c786807fd530d7f20ba2f532d02e178084233077861194403f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
x-amz-version-id
.Mv8zxxFlfO4rvLCFMZnaADDHCq466.S
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
6R1EFRBBVBVR9V79
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
77
x-amz-id-2
w8WeIA0DdBq4TQz+c0AviyALqPq3Y+JFBuTDIMEiC66QsgIAmC8jWC1PHOySYw05mI9outD9cbw=
x-evy-trace-listener
listener_https
x-request-id
1f6a3bb8-9d87-4fc7-91f1-719cec24e063
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 17 Apr 2023 19:15:28 GMT
server
cloudflare
etag
W/"c7959c45ce12d42f635f2a576a624f0c"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.injuredfirefighters.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7d03742e5c213659-FRA
expires
Thu, 01 Jun 2023 00:53:56 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		116 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22718917&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea594b244dd7320e3691dca3bc147099d2e1ec9118529d04193f8eb3a999ac51

Request headers

Accept
application/json, text/plain, */*
Referer
https://claim.roundup.legal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
7d1a6d23-8b65-4c27-aab7-e94f7a73e955
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
574a7e81-365b-42e9-9695-b13b0c9a13e9
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://claim.roundup.legal
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-wd7jg
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7d03742faf639bcb-FRA
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/VSPLXTJPP5BO3IJRMTXBWD/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
HTTP/1.1
Server
2600:9000:206f:4400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 31 May 2023 20:15:49 GMT
X-Amz-Version-Id
KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Age
16388
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Tue, 21 Mar 2023 16:39:30 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
QGs2s4-vJuxtjVPjvL9lplwD-UoQYHxviX4e1N0UQyx5n8AelZxOPQ==

Redirect headers

Date
Thu, 01 Jun 2023 00:48:56 GMT
Via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
eMJYPlds75Ra0zo-lcIACFJ_71Nvf4tYfIl4WgRWW4KwNmx4t9o9zQ==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 00:48:56 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
30508e7b-a890-4697-b404-884f7705f214
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b55357b9-80c4-4bbe-b981-8aaba6ba27b9
Server
cloudflare
X-Trace
2BAFAB24C722F0561DED0BE14773019A867B69FB6A000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-g2zls
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7d037430ecef6987-FRA
VSPLXTJPP5BO3IJRMTXBWD
d.adroll.com/consent/check/ 		466 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/VSPLXTJPP5BO3IJRMTXBWD?pv=41875484220.30607&arrfrr=https%3A%2F%2Fclaim.roundup.legal%2F&_s=13fe4caee0562e6785f943351227305e&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/VSPLXTJPP5BO3IJRMTXBWD/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3d91:3936:bb0d:1155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
facc4a6b4f9d1d4884d0f912968552564e253e9159ce83879a86b23c7a99cccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:56 GMT
server
nginx/1.22.1
content-length
466
content-type
application/javascript
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=390929188084111&ev=Microdata&dl=https%3A%2F%2Fclaim.roundup.legal%2F&rl=&if=false&ts=1685580536449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AFFF%20Fire%20Foam%20-%20Justice%20%26%20Compensation%20Center%20For%20Firefighters%20%7C%20Free%20Claim%20Analysis%20and%20Consultation%22%2C%22meta%3Akeywords%22%3A%22Firefighters%2C%20Fire%20Fighting%2C%20Lawsuit%2C%20AFFF%2C%20Lawsuit%2C%20PFAS%20MDL%2C%20PFAS%2C%20Forever%20Chemicals%2C%20Testicular%20Cancer%22%2C%22meta%3Adescription%22%3A%22If%20you%20or%20a%20loved%20one%20are%20a%20firefighter%2C%20have%20been%20exposed%20to%20these%20foams%2C%20and%20later%20diagnosed%20with%20kidney%2C%20testicular%2C%20pancreatic%2C%20or%20another%20type%20of%20cancer%2C%20you%20can%20file%20a%20lawsuit%20against%20companies%20that%20made%20firefighting%20foam.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22AFFF%20Fire%20Foam%20-%20Justice%20%26amp%3B%20Compensation%20Center%20For%20Firefighters%20%7C%20Free%20Claim%20Analysis%20and%20Consultation%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685580535567.1829552087&eid=ob3_plugin-set_6412b7c6a39d2c16804e5f144be96a769c119dfdd638006a65e815304ed4c879&it=1685580535728&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: claim.roundup.legal
URL: https://claim.roundup.legal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 01 Jun 2023 00:48:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
v3.6.min.js
track.tend.io/js/track/
Redirect Chain
  • https://track.tortdirect.com/js/track/v3.6.min.js
  • https://track.tend.io/js/track/v3.6.min.js
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.tend.io/js/track/v3.6.min.js
Protocol
H2
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7f73b0e3f8191bcd2fedc5765d12d1521c556ff7b209f5b67ce6f629fd6219bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edge-location
defr
x-cache
HIT
x-xss-protection
1; mode=block
last-modified
Mon, 17 Jun 2019 17:03:24 GMT
server
keycdn-engine
etag
W/"5d07c7dc-1522"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
link
<https://tend.io/js/track/v3.6.min.js>; rel="canonical"
expires
Thu, 08 Jun 2023 00:48:57 GMT

Redirect headers

location
https://track.tend.io/js/track/v3.6.min.js
date
Thu, 01 Jun 2023 00:48:57 GMT
server
ghs
content-length
239
x-xss-protection
0
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
__ptq.gif
track.hubspot.com/ 		45 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1987118913&v=1.1&a=22718917&pu=https%3A%2F%2Fclaim.roundup.legal%2F&t=AFFF+Fire+Foam+-+Justice+%26+Compensation+Center+For+Firefighters+%7C+Free+Claim+Analysis+and+Consultation&cts=1685580536935&vi=df1af3452161a9d4715f76dd9f9f7184&nc=true&u=15558697.df1af3452161a9d4715f76dd9f9f7184.1685580536931.1685580536931.1685580536931.1&b=15558697.1.1685580536931&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 00:48:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
42b3f247-f20d-474c-a95c-22d91e12b704
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
aeaab8ae-763b-4966-aca6-6cafd21b9af4
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYhFYvQ9uSZY3mdNzbdyK9ZkUP0M6kI%2FJleFBt%2BlTXLyT3ZG20I81v0hYIXDlqrIMF%2BG0ZcrHcvf2aDfhBE7mGVIfYcJFq0G997jOv41GZBi5Dfk6wiGsZdGWXKievtHti%2B8QZ5IM3WZ3EtdOkqr"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-lqfnv
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7d0374340b6d9bf2-FRA
x-robots-tag
none
get_user_data
tend.io/track/ 		245 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tend.io/track/get_user_data
Requested by
Host: track.tortdirect.com
URL: https://track.tortdirect.com/js/track/v3.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
174.138.109.196 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.6 /
Resource Hash
b5ea44d0d10ce6f2e5b7a263869643828f7301193e3d730f0b508d90ce721f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claim.roundup.legal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Jun 2023 00:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.13.6
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-type
application/json
cache-control
no-cache, private
x-xss-protection
1; mode=block
action
tend.io/track/ 		0
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tend.io/track/action
Requested by
Host: track.tortdirect.com
URL: https://track.tortdirect.com/js/track/v3.6.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
174.138.109.196 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.13.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claim.roundup.legal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Jun 2023 00:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.13.6
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-xss-protection
1; mode=block
unity.gif
api.getblueshift.com/ 		42 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1685580538&e=pageload&r=&z=932039&x=ebcaa1bb017f31b7dc8f8142ac30ab4e&k=4873abf6-bab1-dc31-ea9f-c9e2a0152ce9&u=https%3A%2F%2Fclaim.roundup.legal%2F
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.121.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-121-160.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claim.roundup.legal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://claim.roundup.legal
date
Thu, 01 Jun 2023 00:48:58 GMT
access-control-expose-headers
etag
content-length
42
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| ub object| module object| dataLayer function| $ function| jQuery object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll string| _blueshiftid object| blueshift string| tendKey object| tend object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded function| CallTrkSwap function| CallTrk object| regeneratorRuntime object| _hsp object| __hsCollectedFormsDebug function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields function| adroll_tpc_callback object| __adroll_consent_data boolean| _hspb_loaded boolean| _hspb_ran boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| adroll_exp_list boolean| _hstc_ran string| __hsUserToken number| expireDateTime number| timer function| array_flip boolean| Tend string| req

22 Cookies

Domain/Path Name / Value
claim.roundup.legal/ Name: ubvs
Value: ad7435e9-86ff-42e6-8e72-8fa1cb222117
.roundup.legal/ Name: ubvt
Value: v2%7Cad7435e9-86ff-42e6-8e72-8fa1cb222117%7C1354e838-b1c7-49f5-b008-908cdcfbef7e%3Aa%3Asingle
claim.roundup.legal/ Name: ubpv
Value: a%2C1354e838-b1c7-49f5-b008-908cdcfbef7e
.unsplash.com/ Name: ugid
Value: 223fd6f9d93382f40df406a89db622a35618601
.roundup.legal/ Name: _fbp
Value: fb.1.1685580535567.1829552087
.hubspot.com/ Name: __cf_bm
Value: .nXcM1_DzXeiRo47SfvUZCwTM9tkJJOGMwpG04DHfqY-1685580535-0-AVJurfLIGfQFNhIf1F07R5G+GgYC7iLHWMmEno8CMbVozH+BhJVwn/ltN5Sp7Z/2ltVW/dQBgKPZtwfzn7HmVfI=
.roundup.legal/ Name: calltrk_referrer
Value: direct
.roundup.legal/ Name: calltrk_landing
Value: https%3A//claim.roundup.legal/
.roundup.legal/ Name: calltrk_session_id
Value: c9f8933c-af89-41c3-8810-7db2f4685829
.agkn.com/ Name: ab
Value: 0001%3AQavLnwlQj%2Fbbxo6QHSZLpiERMKsc86af
.agkn.com/ Name: u
Value: C|0AAAsCqd3LAqndwAAAAAA
.roundup.legal/ Name: calltrk_fcid
Value: 05000cf3-f953-4ceb-a60a-5364c75980e8
claim.roundup.legal/ Name: __hstc
Value: 15558697.df1af3452161a9d4715f76dd9f9f7184.1685580536931.1685580536931.1685580536931.1
claim.roundup.legal/ Name: hubspotutk
Value: df1af3452161a9d4715f76dd9f9f7184
claim.roundup.legal/ Name: __hssrc
Value: 1
claim.roundup.legal/ Name: __hssc
Value: 15558697.1.1685580536931
claim.roundup.legal/ Name: a_ip
Value: 84.19.175.184
claim.roundup.legal/ Name: a_opt
Value: null
claim.roundup.legal/ Name: a_uid
Value: 2928
claim.roundup.legal/ Name: a_capt
Value: {"firstName":"firstname","lastName":"lastname","email":"*","c_phone":"company_phone","c_ip":"company_ip"}
claim.roundup.legal/ Name: a_id
Value: 2928-8419175184-Wa1200160024C114:1
.claim.roundup.legal/ Name: _bs
Value: 4873abf6-bab1-dc31-ea9f-c9e2a0152ce9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getblueshift.com
builder-assets.unbounce.com
capi.injuredfirefighters.com
cdn.callrail.com
cdn.getblueshift.com
claim.roundup.legal
code.jquery.com
connect.facebook.net
d.adroll.com
d.agkn.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
forms.hscollectedforms.net
forms.hsforms.com
js.callrail.com
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hubspot.com
s.adroll.com
tend.io
track.hubspot.com
track.tend.io
track.tortdirect.com
views.unsplash.com
www.facebook.com
www.googletagmanager.com
13.224.189.30
13.224.189.67
13.32.99.123
151.101.129.181
174.138.109.196
18.66.112.61
18.66.112.82
2001:4de0:ac18::1:a:3b
2600:1f18:31ec:ca00:bb9f:3d5e:5144:7478
2600:9000:206f:4400:6:9280:1080:93a1
2600:9000:21f3:8000:1d:11cf:5800:93a1
2606:4700::6811:6ac7
2606:4700::6811:d4f3
2606:4700::6812:18c4
2606:4700::6812:873b
2606:4700::6813:9a53
2a00:1450:4001:812::2013
2a00:1450:4001:82b::2008
2a03:2880:f08e:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe04:3d91:3936:bb0d:1155
2a0b:4d07:101::1
3.126.33.65
3.69.136.55
34.211.121.160
34.227.204.98
52.222.250.38
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f503882f2f5265bcd4bcb181d2b28c9267b0c6835ce2407c387a86cf79c5b69
34cdb789e5de10730d650f48dbf123b71f566ae8020b911d712a926cc73c5181
35766d29c4555a5040b0a8cbdd0af8d34f9ecc8afb2b2f3dd3409d02a58542e7
4717d90eb5ce8869d971eeb949dd9b6695b0d2b2c92b19ee8d18169eadcbbf5f
48b925a1f69eff8d3de45b1a98445057f43cf33f8438e2a2fd0b117053fa3c92
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
5170a106a61af43da50e2199ea81c6e08473d917a2c367b87a91143d7915e115
61c02529e5c6b75bd600205321464a694e7c247e692f5211be251cdd4840bd45
6477aa5cebd264a4c7aac584d093b1773c6a0e1f3b9ae462deee47838c4cfe2a
6a4e0037a648eaacbffc289e07c59efa63e5171e4adacc1104e5dd62e6cf145a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba5ecae7c7cfbf28f5b7401de1aa65e67e25056f811fb381eac0a736578d8c9
7b5a54e392b8257bad0b2509381677731dc0b5003bf39a7ba3320e465c4df5e1
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f73b0e3f8191bcd2fedc5765d12d1521c556ff7b209f5b67ce6f629fd6219bd
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
8df3b508d0680f9062d32b55a8ff9292bd5100b3bb72c5167863afd8584ee671
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9dc7aaff0e0ecf742c1c45a4d54fa1429131308148f606dce77929ce1a4a1a9e
a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a824f615acb54dbaa022d6e835c57ec00241049b7b7c6cb607c7a9cd4b0016c6
b5ea44d0d10ce6f2e5b7a263869643828f7301193e3d730f0b508d90ce721f18
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0319a64137d958c576865ce0c01812185358b10e7b86cc1c6edbeab6ea81c1a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e751514dc1d224be97ed644ada25dc382108c9d7967bafe328f5d7a176047b9c
ea594b244dd7320e3691dca3bc147099d2e1ec9118529d04193f8eb3a999ac51
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55063ed0422f2c786807fd530d7f20ba2f532d02e178084233077861194403f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
facc4a6b4f9d1d4884d0f912968552564e253e9159ce83879a86b23c7a99cccc