urlscan.io logo urlscan.io
SecurityTrails logo

members.legacyresearch.com Open in urlscan Pro
2600:9000:223d:7800:13:8391:ac00:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.exct.legacyresearch.com/?qs=d693c6a1d150d0b455e1695dc5e658b187c261f9c65c88f9b869745342c4422cb3af0f84d52a3476c990e8a4de3a...
Effective URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Submission: On June 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 5 countries across 22 domains to perform 70 HTTP transactions. The main IP is 2600:9000:223d:7800:13:8391:ac00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is members.legacyresearch.com.
TLS certificate: Issued by Amazon on February 3rd 2022. Valid for: a year.
This is the only time members.legacyresearch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.45.142 22606 (EXACT-7)
7 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 99.86.4.111 16509 (AMAZON-02)
8 18.66.122.29 16509 (AMAZON-02)
5 143.204.89.27 16509 (AMAZON-02)
1 108.138.17.96 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.242.181 22822 (LLNW)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.222.236.74 16509 (AMAZON-02)
1 52.16.152.227 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 4 66.155.71.25 13768 (COGECO-PEER1)
1 2 54.154.32.144 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
1 104.92.106.130 16625 (AKAMAI-AS)
1 2 18.202.123.28 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.118.133 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
70 29
1    13.111.45.142 (United States)

ASN22606 (EXACT-7, US)
PTR: click.exct.legacyresearch.com
click.exct.legacyresearch.com
7    2600:9000:223d:7800:13:8391:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)
members.legacyresearch.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:800:6:3ed5:7000:21 (United States)

ASN16509 (AMAZON-02, US)
d14iv5833casao.cloudfront.net
2    99.86.4.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-111.fra6.r.cloudfront.net
auth.cloudlgr.com
8    18.66.122.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-29.fra60.r.cloudfront.net
article.cloudlgr.com
5    143.204.89.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-27.fra50.r.cloudfront.net
eletter.cloudlgr.com
vars.hotjar.com
1    108.138.17.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-96.fra56.r.cloudfront.net
static.hotjar.com
7    2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
up.pixel.ad
3    2606:4700::6810:1937 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.palmbeachgroup.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
1    52.16.152.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-152-227.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    54.154.32.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-32-144.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com
sync.teads.tv
2    18.202.123.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-28.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
recaptcha.net
1    13.32.118.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-133.fra60.r.cloudfront.net
d2z5ewoj022g8u.cloudfront.net
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
14 cloudlgr.com
auth.cloudlgr.com — Cisco Umbrella Rank: 667184
article.cloudlgr.com — Cisco Umbrella Rank: 708835
eletter.cloudlgr.com — Cisco Umbrella Rank: 846012
66 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
546 KB
8 legacyresearch.com
click.exct.legacyresearch.com — Cisco Umbrella Rank: 628378
members.legacyresearch.com
904 KB
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 5366
98 KB
4 recaptcha.net
recaptcha.net — Cisco Umbrella Rank: 1777
24 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3264
3 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
in.hotjar.com — Cisco Umbrella Rank: 1509
68 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
3 palmbeachgroup.com
secure.palmbeachgroup.com — Cisco Umbrella Rank: 382615
3 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 716
597 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 444
930 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 cloudfront.net
d14iv5833casao.cloudfront.net
d2z5ewoj022g8u.cloudfront.net
13 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5448
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 8
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
449 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 938
172 B
1 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1268
324 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 672
238 B
1 pixel.ad
up.pixel.ad — Cisco Umbrella Rank: 9679
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
2 KB
70 22
Domain Requested by
8 article.cloudlgr.com members.legacyresearch.com
7 c.lytics.io members.legacyresearch.com
c.lytics.io
7 members.legacyresearch.com members.legacyresearch.com
6 www.gstatic.com recaptcha.net
www.gstatic.com
4 fonts.gstatic.com fonts.googleapis.com
recaptcha.net
4 recaptcha.net members.legacyresearch.com
recaptcha.net
www.gstatic.com
4 pixel.sitescout.com 2 redirects members.legacyresearch.com
4 eletter.cloudlgr.com members.legacyresearch.com
3 www.google-analytics.com www.googletagmanager.com
members.legacyresearch.com
3 secure.palmbeachgroup.com www.googletagmanager.com
members.legacyresearch.com
2 sync.crwdcntrl.net 1 redirects
2 pixel.tapad.com 1 redirects
2 dpm.demdex.net 1 redirects
2 auth.cloudlgr.com members.legacyresearch.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net members.legacyresearch.com
1 d2z5ewoj022g8u.cloudfront.net
1 sync.teads.tv
1 loadm.exelator.com
1 trc.taboola.com
1 in.hotjar.com members.legacyresearch.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 up.pixel.ad www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 d14iv5833casao.cloudfront.net members.legacyresearch.com
1 www.googletagmanager.com members.legacyresearch.com
1 fonts.googleapis.com members.legacyresearch.com
1 click.exct.legacyresearch.com 1 redirects
70 30

This site contains links to these domains. Also see Links.

Domain
www.legacyresearch.com
beaconstreet-privacy.my.onetrust.com
Subject Issuer Validity Valid
*.legacyresearch.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.cloudlgr.com
Amazon		 2022-03-16 -
2023-04-13		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
*.pixel.ad
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-01-26 -
2023-02-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Frame ID: D86E6F2E633EE15368F49259ECDAE798
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: C432EB3B1B1B73DC218749BCB0376019
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 18ED4ECDC8369ABC019A7BFDEFDC1866
Requests: 6 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Frame ID: F85D8A20AF048C4A930BC3A40A2325C0
Requests: 8 HTTP requests in this frame

Frame: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE
Frame ID: 7C718636489F9F6EED8A0AF8222A2C17
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://click.exct.legacyresearch.com/?qs=d693c6a1d150d0b455e1695dc5e658b187c261f9c65c88f9b869745342c4422cb3af0f84... HTTP 302
    https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

70
Requests

91 %
HTTPS

48 %
IPv6

22
Domains

30
Subdomains

29
IPs

5
Countries

1807 kB
Transfer

6414 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.exct.legacyresearch.com/?qs=d693c6a1d150d0b455e1695dc5e658b187c261f9c65c88f9b869745342c4422cb3af0f84d52a3476c990e8a4de3a98561718e43b72a8c107 HTTP 302
    https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 33
  • https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue HTTP 302
  • https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue
Request Chain 36
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
Request Chain 37
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858
Request Chain 40
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=&ct=y

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 20220616-pbo-issue
members.legacyresearch.com/palm-beach-confidential/
Redirect Chain
  • https://click.exct.legacyresearch.com/?qs=d693c6a1d150d0b455e1695dc5e658b187c261f9c65c88f9b869745342c4422cb3af0f84d52a3476c990e8a4de3a98561718e43b72a8c107
  • https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b373090cb8ae59335e0256b2757fcafb8db40bfeae5ef5f26f42645881f688d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store,must-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 23 Jun 2022 10:27:24 GMT
etag
W/"099db70b658b001fca77606964b85935"
last-modified
Tue, 07 Jun 2022 19:48:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id
tQpO2CSy6H3KK0uIwkeugwGuFanRZ59wbvLuAaCaXaQfS0IgOSGnAA==
x-amz-cf-pop
FRA56-P3
x-cache
Error from cloudfront

Redirect headers

Cache-Control
private
Connection
close
Content-Length
194
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Jun 2022 10:27:21 GMT
Location
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
3.ddfbc785.chunk.css
members.legacyresearch.com/static/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/css/3.ddfbc785.chunk.css
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8204f9f0c3a1ac2bb5b6b4867e62674681787ef0a95fb6cd41efd672e4f08f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:22:40 GMT
content-encoding
gzip
age
284
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-request-id
EBENB3HXDMGYFBYK
x-amz-id-2
tGwJKpzEzKdy/5Y3ve6k+peQUX7cCBW0/Xp11hX2uVzS0/JWrHOy3RdxZ79SGifs0+PSzjr4ElM=
last-modified
Tue, 07 Jun 2022 19:46:59 GMT
server
AmazonS3
etag
W/"4a1f9814e5d7661be78c922c507b8bdd"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
text/css
x-amz-cf-id
pv8-XqutnPxhTyBb7wxF7bFeADGX5_neY0xh9e6CvQ68-TFINrh-9A==
main.829d8ef1.chunk.css
members.legacyresearch.com/static/css/ 		310 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/css/main.829d8ef1.chunk.css
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c456ce9309990d5a1b8946e69426f43b650cbcdaf756d46d30dfe670c550436e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:22:40 GMT
content-encoding
gzip
age
284
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-request-id
A5102QKZCC14XZ6Y
x-amz-id-2
cQO1lrExEEvtM69msRrlNoLTltrYJZai7THVP9fEP0+rr8OnnHaOP0FM29ruVkDs12GYP/N4/jw=
last-modified
Tue, 07 Jun 2022 19:46:57 GMT
server
AmazonS3
etag
W/"34962017614b2c4c1c735f4a51cc1bb9"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
text/css
x-amz-cf-id
C5JjnKiKVOQ793lwpBT5tmU5rqqjtlPuTd7SLD_EIhqWrGeeC2pxpw==
3.28b1317b.chunk.js
members.legacyresearch.com/static/js/ 		3 MB
770 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8e7a9924e324f908ac25086acb1552703d6e86226e7bd2a46e54dc0e46db125

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:22:40 GMT
content-encoding
gzip
age
284
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-request-id
N1BXQFJDZYVX8E3T
x-amz-id-2
PN4bZluAQkcCur8O6jR/QMIeZ9QT6Xya08l7CVchYQ56BU8gGgKCA5JZdEObFHlbDXSoLHT4Heg=
last-modified
Tue, 07 Jun 2022 19:47:00 GMT
server
AmazonS3
etag
W/"e03af65a0f8e59f58ba04b1ecf01ce8f"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/x-javascript
x-amz-cf-id
xCxkuMauAxm1p-XnQI1K6c5l2D_o2Wvixx0_qaRFsMdII5e2491x9Q==
main.5b987ad5.chunk.js
members.legacyresearch.com/static/js/ 		404 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/js/main.5b987ad5.chunk.js
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9310f71642cd889e14f3c056f0b3a46e6c44ab7180c1317878aec561c847608f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:22:40 GMT
content-encoding
gzip
age
284
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-request-id
ZJQDDF1AHJ7544TF
x-amz-id-2
MUSRyAa4wAuNavOkIZnVVH8nCbictk9rGdqRswdFDypj3+1tDaF0KBh6bHM52gIasshGpPv5ULg=
last-modified
Tue, 07 Jun 2022 19:47:00 GMT
server
AmazonS3
etag
W/"678010a6d9a51205d8761be421672d92"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/x-javascript
x-amz-cf-id
QSv0vCXTMxz5IUvfUGCfqvG3ykOhTCPp2t2w6ItA7EAeqsdHHG0MAg==
css
fonts.googleapis.com/ 		20 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,500,700
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/css/main.829d8ef1.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f8ddbe5c4284d0cc2b0ec55bb5397b6c4ba4390f610ce9b19470cc3cfd00763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:27:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Jun 2022 10:27:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Jun 2022 10:27:23 GMT
gtm.js
www.googletagmanager.com/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9LL542
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/main.5b987ad5.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20728109a3d8a5c16e70a1f7199375555911676b13d2b0660c7d1aa7224b6709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56052
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Jun 2022 10:27:23 GMT
custom.css
d14iv5833casao.cloudfront.net/lytics/css/prod/ 		48 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d14iv5833casao.cloudfront.net/lytics/css/prod/custom.css
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/main.5b987ad5.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:6:3ed5:7000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e220bff67826814553a51203a91ef8926a4446f6b0dce9ccde37b1167477eb2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
onRJKJn2b7f2u3F7f6BiUP3DtAFdiaXT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 19:36:34 GMT
server
AmazonS3
age
21335
etag
W/"12fefc9b99c3be0866f1c9366bc35b9f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date
Thu, 23 Jun 2022 04:31:49 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
t2lpeoPcZHuZ8eI8MZvYkoBvWfggLtyAQpM2Lmu4RfOJVDZXRqjlUg==
settings
auth.cloudlgr.com/auth/LG/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.cloudlgr.com/auth/LG/settings
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-111.fra6.r.cloudfront.net
Software
/
Resource Hash
71ab3261b92a425c71acd49507785b7b18f0c2d68eeeabe6ba697a3be710e939

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
zAhsJRx2G8a6BuSvuOXDX9nqNvTMOPtW8ebO9clT

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
808b0ed2-3a4b-4e15-a53c-12b0d78d6214
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-7ca340fb3dcfba75358a7fc1
api-version
3.0.2
access-control-allow-credentials
true
x-amz-apigw-id
UK7yBF3OoAMFsZQ=
content-length
2757
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-id
0Zm6BtZcF-uNUV8vdyD6mKvJESq8fZT2LRFt_3u77wuwJ130UlOqKw==
paidpublications
article.cloudlgr.com/articles/all/v2/ 		361 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/v2/paidpublications?type=lgm
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash
5925eb1595f8e731b22def121c31eaef4915ccaa85420e9b093946b88d26cf79

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
xwAzMa08Ea3TilnxNvPlg4NaYxHm70Mo1LQ2gFIi

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
a9d5d64e-761e-449e-8860-17e1e8a2d303
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-2df26dd2432375f368a9d98a
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7x_GO7oAMF3dQ=
content-length
50975
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
owgefDn3JjVFNcYJr_d0DwwD2RKTEj_4dFWVBsoIV0AxkUZOzW09hA==
eletterpublications
eletter.cloudlgr.com/eletters/all/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eletter.cloudlgr.com/eletters/all/eletterpublications?type=lgm
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-27.fra50.r.cloudfront.net
Software
/
Resource Hash
c1c0fdc1a3586912dccfbabd462781f2be2aee8634f49dca7f138d50f849e71a

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
tuTaNrCWAV3lYbxwOicvr4mjzUuG9Fea17dfhz0G

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
7fb985b2-85a6-42dc-8849-7f5b547f2d1a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-138c646500cc94247bd8cb6e
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7x_GzXoAMFfQQ=
content-length
1734
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-amz-cf-id
KmyZ_upF32MjsXyYKV1lEIxoa1h2GFe35KnZXx7idwqYs5NWxV2LXA==
authors
article.cloudlgr.com/articles/all/ 		26 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/authors
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash
e5060422ddb4e1fa6110da96f1d5d6eb16568a35d8bff4d099f78fa27cda29f0

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
xwAzMa08Ea3TilnxNvPlg4NaYxHm70Mo1LQ2gFIi

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
0e517ef5-2f61-46cf-b018-1ff0c0141b09
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-671ab70f383225632f9b39f7
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7yBECTIAMFf5A=
content-length
5835
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
s2bGpJ2aHQF9k25Jw3kO5FVveFMQg3elc9XahdoH1uFF-NBughvFqQ==
authors
eletter.cloudlgr.com/eletters/all/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eletter.cloudlgr.com/eletters/all/authors
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-27.fra50.r.cloudfront.net
Software
/
Resource Hash
8259e9b1f1e64f9e574d096c77773234b53934bcd9f9a9ffe04e849db9ea3cf3

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
tuTaNrCWAV3lYbxwOicvr4mjzUuG9Fea17dfhz0G

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
ff933874-e292-4008-9172-6f551f1aaf49
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-5a9190616735e3c63570d927
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7x_HZmoAMFrTg=
content-length
2319
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-amz-cf-id
zd2Dfp2GgPI5mSouB8al2vSBO1o48KYMlC0Sb19OOeZj0YkCsFjexw==
newslettertypes
article.cloudlgr.com/articles/all/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/newslettertypes
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash
049dbe2f987ac1248387a663edc893fd62c44f8a85cdae77131d3b8501665169

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
xwAzMa08Ea3TilnxNvPlg4NaYxHm70Mo1LQ2gFIi

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
580c2d4e-50b8-4f14-860e-92138497c78c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400c-632564b521ca974b5d628de5
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7yBHdioAMFjNg=
content-length
692
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
flH8iVd37FoXXWR8kFoc5XIGFmpJNOvRt8AxHvazayRxgWCLrC6NHA==
hotjar-342323.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-342323.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9LL542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-96.fra56.r.cloudfront.net
Software
/
Resource Hash
487d6a50f546933199bd69e76fdf1b0431d00f59610a5324c2ee1885ac0e15f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P7
etag
W/3ae9528209c47187f8766fd4d8a7a2d0
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
dBAxox69ffEiOdWmuCw_5c6DDKDWQcTMiD3QMiT_oshJz0O6_97vtA==
via
1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
latest.min.js
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 google
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3814
content-encoding
br
last-modified
Thu, 23 Jun 2022 09:23:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWJENXE5%2FAkZGKAAoYl03ZgVlmZ9FL1t0g4WCUmUp26Y6w6aQHgme8uPRzmmdU%2F4yZImHMZ9ZDAmBK4rCJDkbMM5yCU2jZs8qoHwo7GuHfBUdF3nkrS3godor5Ti8pnULgQK8qmDNvc9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
71fc87ec5c1d5b38-FRA
up.js
up.pixel.ad/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9LL542
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 16:22:21 GMT
server
AC1.1
age
149699
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1550
x-llid
c9518db11b3d61e6ec574160905e523d
bss-px.min.js
secure.palmbeachgroup.com/store/PROD/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9LL542
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amzn-remapped-date
Tue, 21 Jun 2022 03:02:11 GMT
x-amz-cf-pop
DUS51-P1, FRA56-P4
x-amzn-requestid
de5cdc97-7a7f-45da-8705-63b364ac045b
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-apigw-id
UDUsIEFUoAMFhDQ=
content-length
2057
last-modified
Tue, 01 Jun 2021 15:08:33 GMT
server
cloudflare
etag
W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id
fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via
1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront), 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amzn-remapped-server
cloudflare
cf-ray
71fc87ec5ce19b74-FRA
x-amz-cf-id
AIXM3EbPWLUVhLZ1AxBnckLT7QO7UO5jG91a6M_BhE-8EFj5pCP9Mg==
x-amzn-remapped-connection
keep-alive
settings
auth.cloudlgr.com/auth/LG/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.cloudlgr.com/auth/LG/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-111.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x-GZmoAMFXfw=
x-amz-cf-id
sA-lVeeuVWtuH_05dQw19hInGqIGyysWXV03q5GoY-Cx9YWVmQDgkg==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
fd10ab59-4e0c-40b8-997e-01f2f94bdb74
x-amzn-trace-id
Root=1-62b4400c-3405732e1eb2cb0c51799b67
x-cache
Miss from cloudfront
paidpublications
article.cloudlgr.com/articles/all/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/v2/paidpublications?type=lgm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x8G-joAMFcwQ=
x-amz-cf-id
J2OWbFh65C1bg8VwsA1G6ifiI0T5781kuC9Po90PbXyEV7OKab3UAw==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
f5f7376a-44b4-4310-b32e-0e993a534033
x-amzn-trace-id
Root=1-62b4400c-6ef6f5e468b742e46dc0f123
x-cache
Miss from cloudfront
eletterpublications
eletter.cloudlgr.com/eletters/all/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eletter.cloudlgr.com/eletters/all/eletterpublications?type=lgm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-27.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x8GKCoAMFrow=
x-amz-cf-id
HzcjIw3j12qVldG005j3A5YxsLn3X5B937OvYme4PI1BACr2aZ8QCw==
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
83ec12bc-2a79-4ddb-83d8-a5d71f578575
x-amzn-trace-id
Root=1-62b4400c-1a91cb8f2e085349100d1164
x-cache
Miss from cloudfront
authors
article.cloudlgr.com/articles/all/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/authors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x-G5HoAMFslw=
x-amz-cf-id
xZKwaEztSFwpXGMopo3NK3kUx67Vx3jbZ6IrnLSSBcStZyomVzZcMQ==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
2fa395b0-505d-40e5-a182-2c8ef5a8e5af
x-amzn-trace-id
Root=1-62b4400c-2645fdd55b5b0fef0049649f
x-cache
Miss from cloudfront
authors
eletter.cloudlgr.com/eletters/all/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eletter.cloudlgr.com/eletters/all/authors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-27.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x8ETOoAMFyPA=
x-amz-cf-id
Nn-3ssnMPBmMTZcUBl4yR_B02xYzwHuPbHGww5QWPWMJNVW106eyuA==
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
0d351459-b11d-4349-a7e2-fdc6e02b1349
x-amzn-trace-id
Root=1-62b4400c-39f3d5645045fe3b38dfc5f3
x-cache
Miss from cloudfront
newslettertypes
article.cloudlgr.com/articles/all/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/newslettertypes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7x-EH2IAMFuWA=
x-amz-cf-id
Q1MmGBaYcEnZObNCG_voJEAM11ozRgtV0ucYcCgivck6BBvU8piXAA==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
fc7ffeeb-ba30-4fda-b18c-f01bcc0a4c5f
x-amzn-trace-id
Root=1-62b4400c-71243b0532a4c269361d6752
x-cache
Miss from cloudfront
modules.58b0567970adefe5846a.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.58b0567970adefe5846a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-342323.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
89f6089a08cc1c82d297577a431c69927082a16305c59bea96ae51b58a14156b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 09:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
3858
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64035
access-control-allow-origin
*
last-modified
Thu, 23 Jun 2022 09:22:12 GMT
etag
"af7dba47fa75f89b59b4405220d4ae7e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9pvFmUBn4sMGx6zOg-vfQFFW5CNL6n2MlX_GeCPDcE8N4_kIFauJag==
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 		35 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1655980043566&event=gtm.js&gtm.uniqueEventId=1&_ts=1655980044274&_nmob=t&_device=desktop&url=members.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue&_v=3.0.27&_uid=7cf21973-0f03-45f1-b971-1cd2f17164d2&_getid=t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-length
35
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCfnlmFK6hpDPuxk8BPXtRZGyUvIiwLcvODxAjTWrh4hSW6E6o9lo3yiOBn2GSHSMlFUm2TOCF00HVZwx89Ll32o3Pu3d98NWDGDc4vTzDiLMuXFuBEjeoArA0HsPTxKnKL8qGo%2BztBI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
71fc87ececbb5b38-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame C432 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-342323.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-27.fra50.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://members.legacyresearch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1997598
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-id
KMrrNZ3G0aLI9QLmxTd4HXKi9kv1VJrSkqwOQMRyuqgIo1vNNJS_Ww==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
7cf21973-0f03-45f1-b971-1cd2f17164d2
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 		178 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/7cf21973-0f03-45f1-b971-1cd2f17164d2?segments=true&mergestate=true&state=%7B%22_uid%22%3A%227cf21973-0f03-45f1-b971-1cd2f17164d2%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22members.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1655980044454&callback=u_770442026682761300
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ea1d9737de6b4768e16495dc969507350bccdc892a600d0931f2df528cfe81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
71fc87ededaa5b38-FRA
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFzRLvFGDdZbrt%2FDd13kpZrFJjQfe9q5o9x2uQkmcP6Lt8373CXhrdvzf5G9RLV9L8JLNBNd1%2B%2BQDM7POC8u7Qncil1erTnQH7JSlNmcmV%2BDcvNrApShBRwkAzK1Zc6RXNji5OKOAoqW"}],"group":"cf-nel","max_age":604800}
content-encoding
br
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 		35 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1655980044445&_nmob=t&_device=desktop&url=members.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue&_uid=7cf21973-0f03-45f1-b971-1cd2f17164d2&_v=3.0.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-length
35
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAfVi46Ns%2FOiabFh4D4MPqkh8itiFQNDuwC8VF%2FrYfFx0e5jFVIsPnFrXr82UUcNx%2BhlDBYcQMYTwreKguOnoBFMcHktlFxfyCh1I7zDwlVMOrUyapZHksU14cQx6wCYa%2FdNMVXMy7Gj"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
71fc87ededb55b38-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
visit-data
in.hotjar.com/api/v2/client/sites/342323/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/342323/visit-data?sv=7
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.152.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-152-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 23 Jun 2022 10:27:24 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
logger
secure.palmbeachgroup.com/snowflake/ 		0
0
logger
secure.palmbeachgroup.com/snowflake/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.palmbeachgroup.com/snowflake/logger
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
71fc87ef3d7f692b-FRA
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7yEExmiYcF2Tg=
x-amz-cf-id
FBwR9igeHkjh5VM5-MF0dcORKy_zaFzkHu3oEvEq1t3QtRoy3bzmiQ==
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
d17302a4-9d61-458b-9c48-7580f5481ff7
x-amzn-trace-id
Root=1-62b4400d-718529797cfc65346f5f5a73
x-cache
Miss from cloudfront
cm
trc.taboola.com/sg/lytics/1/ 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D7cf21973-0f03-45f1-b971-1cd2f17164d2%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 23 Jun 2022 10:27:24 GMT
via
1.1 varnish
server
nginx
x-timer
S1655980045.723028,VS0,VE9
x-served-by
cache-hhn4032-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 18ED
Redirect Chain
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
90b9b8670f277e1862b2d340c39e961d67dd57d9bc1ddec1bd8f65472eaf727c

Request headers

Referer
https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
content-length
1162
content-type
text/html;charset=UTF-8
date
Thu, 23 Jun 2022 10:27:24 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1

Redirect headers

content-length
0
date
Thu, 23 Jun 2022 10:27:24 GMT
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server
AC1.1
77c21d510266169b
pixel.sitescout.com/up/
Redirect Chain
  • https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue
  • https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fmembers.legacyresearch.com%2Fpalm-beach-confidential%2F20220616-pbo-issue
date
Thu, 23 Jun 2022 10:27:24 GMT
server
AC1.1
content-length
0
paidpublications
article.cloudlgr.com/articles/all/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/v2/paidpublications?type=lgmarchived
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7yFFh0oAMFyFg=
x-amz-cf-id
tZ3OzovYm5a9HrNr2pFtFsv_yR5LCsss6LC7FsFEtbtt1m75KkRWDg==
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
3c2e7dbe-b27d-4fe8-b39c-d7ca830b942d
x-amzn-trace-id
Root=1-62b4400d-3f0d1b93107ac29f02b4ad89
x-cache
Miss from cloudfront
paidpublications
article.cloudlgr.com/articles/all/v2/ 		100 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://article.cloudlgr.com/articles/all/v2/paidpublications?type=lgmarchived
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-29.fra60.r.cloudfront.net
Software
/
Resource Hash
e636f1894b1827433dd5ea7bec41c5e137943c805d3f72d48c6d42c6c1f68817

Request headers

Accept
application/json, text/plain, */*
Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-api-key
xwAzMa08Ea3TilnxNvPlg4NaYxHm70Mo1LQ2gFIi

Response headers

date
Thu, 23 Jun 2022 10:27:25 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-amzn-requestid
51ba9741-d9a5-4bf2-8a32-932b4150fcb9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62b4400d-69f73d8d527e71d475da6d72
api-version
3.0.0
access-control-allow-credentials
true
x-amz-apigw-id
UK7yJG-7oAMFqPQ=
content-length
116
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-id
1IGGw5Tc4xs1aFuSxgFIBY4DuZp6xwlYJJdp29cCvYraHkvp3kPTOA==
demconf.jpg
dpm.demdex.net/ Frame 18ED
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.154.32.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-32-144.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v034-0c7706e1f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zyvTAARqRn0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v034-02c80f70d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
CpCwBt1SQAM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame 18ED
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858
date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame 18ED 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
um
sync.teads.tv/ Frame 18ED 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-106-130.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:25 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Jun 2022 10:27:25 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame 18ED
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=&ct=y
49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
18.202.123.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-123-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.23.37
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa4faa39-ec4c-4a95-b036-5bba74bc651e-62b4400c-5858&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.3.52
content-length
0
expires
0
pathfora.min.js
c.lytics.io/static/ 		101 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
71fc87f259f35b38-FRA
date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 09:45:19 GMT
server
cloudflare
age
2526
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhSsyVm46YnCoSVjOBY7F9Kvp9EyqG4YcQ5HTBqAXcBY0xpHKBu0BlxPQjw09UhC9pArQ6a6%2BB4QwlL2sLUs13fq%2B5RfVTJH2bSdP5aNPC%2B8uNJ39RvX4xlK8qPTIxk2NL7%2FT9LNUldf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000;
content-encoding
br
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
71fc87f28a275b38-FRA
date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 09:45:18 GMT
server
cloudflare
age
2527
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqY8onBPl%2BDiE7d8WZ5G3RDNvZygD8ALQS0kZXa0srcxvszUrucHTWVt0lHI432LcSBRHeXXwwrOqQKyc1YW8215%2BBocKfAxavvlIn6Bgpd5IoMhGW4AEKLECZqr5pQMHitzfOqHgMqd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=63072000;
content-encoding
br
config.js
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 		415 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b825650b993eecb352d1008eace23546aa8aa9c38500e2edde7dc7e5af91498
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:25 GMT
via
1.1 google
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6292
content-encoding
br
last-modified
Thu, 23 Jun 2022 08:42:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KszkdlIoFC2mXIBU87KhZEsedR5lNAGJ5tn4psK%2FV62UDLOCWeyZKgNPKVDf0p6jFpJp9ztX0x%2Fl2cCSP%2BeaN2Ti4iQgvbrlcIp1iI5jqZH1NbCmYrELt6jlVMASwqMDKDj83e9aiCBW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cf-ray
71fc87f28a285b38-FRA
0.4a86e829.chunk.js
members.legacyresearch.com/static/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/js/0.4a86e829.chunk.js
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0adeee9dd2dd1bc0dfe55dc19f1eacde72cf214752a2e22a165e52b6f96f9a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:22:43 GMT
content-encoding
gzip
age
283
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-request-id
6AZGR47SAQRDMNJ6
x-amz-id-2
k5ySeSSbQIkuc9iBpGwv+4jLHjFWhjMIMJIifSjEZ7K93nJC8p47pVROlj7BCxi0r9p9KYdHEvQ=
last-modified
Tue, 07 Jun 2022 19:46:57 GMT
server
AmazonS3
etag
W/"84d690347964d55c2c4277af4cd07c4e"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/x-javascript
x-amz-cf-id
95i7tzlQoWZT4kuDSbkm8J44ZAjt9-0UwRGK6gFSz942OTgwqztVpg==
10.9cd78cc6.chunk.js
members.legacyresearch.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.legacyresearch.com/static/js/10.9cd78cc6.chunk.js
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/palm-beach-confidential/20220616-pbo-issue
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7800:13:8391:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f80d077ffe95311d20ec6b975f7ed6251a5eb1db3b1b2b7d772b36994d03379

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:27 GMT
content-encoding
gzip
x-amz-request-id
CW0RTBJZKRKR07YR
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:924149985142:build/BSS-DevOps-Codebuild-Standardv5:2c7c0431-afe7-4595-8216-7eb13ba2e5a7
x-cache
RefreshHit from cloudfront
x-amz-meta-codebuild-content-md5
edd71578065678c88a64cea596012cf6
x-amz-id-2
WiTR/9Hw7HTHK02MxmamuwuE/UIdWcohUNbvR/vHUMx+PWWaQjXtQeXBIwOA7etyI68rjP5P/Qc=
last-modified
Tue, 07 Jun 2022 19:46:58 GMT
server
AmazonS3
etag
W/"33980519a44343257173aee6151c4bfe"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
d0d666f770a3d45e68765aae053ac130288db78ba7ab97c49ba3acd484db8dda
via
1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-type
application/x-javascript
x-amz-cf-id
zZbHENTrZKUFwUbI26PwIRWeqRzXKWbwFwGCxGC6PtvL5gkI-die0Q==
logger
secure.palmbeachgroup.com/snowflake/ 		0
0
logger
secure.palmbeachgroup.com/snowflake/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://secure.palmbeachgroup.com/snowflake/logger
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://members.legacyresearch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
71fc87f5ae52692b-FRA
content-length
0
content-type
application/json
date
Thu, 23 Jun 2022 10:27:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-apigw-id
UK7yLEgciYcFyag=
x-amz-cf-id
O598IbXlq9UPo1AUd_zivVPFZdzWo7_oS49M_NFtYxo9gZJJd06P-g==
x-amz-cf-pop
FRA2-C2
x-amzn-requestid
4acd6a47-aa2d-432d-bafc-dd51b5f7dddf
x-amzn-trace-id
Root=1-62b4400d-7d0c676a7885e8d01ff8313d
x-cache
Miss from cloudfront
api.js
recaptcha.net/recaptcha/ 		908 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ccb05a6c8de572031299bf17d1e2707dced7194ec3dd60d75f76010b4ec3ca6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
1; mode=block
expires
Thu, 23 Jun 2022 10:27:26 GMT
lrg-main-logo.svg
d2z5ewoj022g8u.cloudfront.net/site/img/logos/nav/desktop/top/ 		25 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2z5ewoj022g8u.cloudfront.net/site/img/logos/nav/desktop/top/lrg-main-logo.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-133.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59bc1b80d42e6fba72edd8261f32812de6d743390626662ccc0f55da76711488

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 10:27:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Nov 2018 00:57:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P1
ETag
W/"552553dcef3a357938b3edaf72d7d6fa"
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
image/svg+xml
Via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
KbQGhPGqJaDOjO7kbGe6ntlV2Uqk9_TYUS6A9Vmz1RHM_Y4nBNonyA==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://members.legacyresearch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
227971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Jun 2023 19:07:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://members.legacyresearch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
178904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 08:45:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://members.legacyresearch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:56:05 GMT
x-content-type-options
nosniff
age
250281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Jun 2023 12:56:05 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://members.legacyresearch.com/
Origin
https://members.legacyresearch.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 10:27:22 GMT
anchor
recaptcha.net/recaptcha/api2/ Frame F85D 		43 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
632432c6574a1aa167bf408a709bc5f160a5c6ce154a12a7d8ac6f1552ca8d44
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n34o1uwgd9FZacrPVuJK8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://members.legacyresearch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22762
content-security-policy
script-src 'report-sample' 'nonce-n34o1uwgd9FZacrPVuJK8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 10:27:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame F85D 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 10:02:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame F85D 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 08:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 08:29:53 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9LL542
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5900
date
Thu, 23 Jun 2022 08:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Jun 2022 10:49:07 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2057336408&t=pageview&_s=1&dl=https%3A%2F%2Fmembers.legacyresearch.com%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2107498995&gjid=510788402&cid=1318945626.1655980047&tid=UA-120161192-4&_gid=1995730449.1655980047&_r=1&gtm=2wg6f0M9LL542&z=652630574
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://members.legacyresearch.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F85D 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F85D 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F85D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
142059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 28 Jun 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F85D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://recaptcha.net/
Origin
https://recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
148846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Jun 2023 17:06:41 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120161192-4&cid=1318945626.1655980047&jid=2107498995&gjid=510788402&_gid=1995730449.1655980047&_u=YEBAAEAAAAAAAC~&z=1785283346
Requested by
Host: members.legacyresearch.com
URL: https://members.legacyresearch.com/static/js/3.28b1317b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://members.legacyresearch.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Jun 2022 10:27:27 GMT
content-type
text/plain
access-control-allow-origin
https://members.legacyresearch.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
webworker.js
recaptcha.net/recaptcha/api2/ Frame F85D 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE&co=aHR0cHM6Ly9tZW1iZXJzLmxlZ2FjeXJlc2VhcmNoLmNvbTo0NDM.&hl=de&type=image&v=4rwLQsl5N_ccppoTAwwwMrEN&theme=light&size=normal&badge=bottomright&cb=q8zsk6b68bzf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:27:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Thu, 23 Jun 2022 10:27:27 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120161192-4&cid=1318945626.1655980047&jid=2107498995&_u=YEBAAEAAAAAAAC~&z=366893251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120161192-4&cid=1318945626.1655980047&jid=2107498995&_u=YEBAAEAAAAAAAC~&z=366893251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 10:27:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
recaptcha.net/recaptcha/api2/ Frame 7C71 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ae70695df8d2afd007aa3144c02a9b46c74907680ad72703203495c5dfcf7b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vt4nUC7FLtegJlpC-nyapA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://members.legacyresearch.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1112
content-security-policy
script-src 'report-sample' 'nonce-Vt4nUC7FLtegJlpC-nyapA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 10:27:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 7C71 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 10:02:08 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 7C71 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: recaptcha.net
URL: https://recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Ldt4HYUAAAAAMdgN61HaS8FfAFvQw6T4j66X_eE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 08:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Jun 2023 08:29:53 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2057336408&t=pageview&_s=1&dl=https%3A%2F%2Fmembers.legacyresearch.com%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1318945626.1655980047&tid=UA-120161192-4&_gid=1995730449.1655980047&gtm=2wg6f0M9LL542&z=1822040435
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://members.legacyresearch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Jun 2022 11:48:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81529
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.palmbeachgroup.com
URL
https://secure.palmbeachgroup.com/snowflake/logger
Domain
secure.palmbeachgroup.com
URL
https://secure.palmbeachgroup.com/snowflake/logger

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __version object| recaptchaOptions object| webpackJsonplegacy-web-app number| __mobxInstanceCount object| __mobxGlobals object| __SENTRY__ string| siteCode string| app_env boolean| app_dev object| __app_wp_compat object| dataLayer function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ object| google_tag_manager function| hj object| _hjSettings object| jstag object| cntrUpTag object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __lytics__jstag__ undefined| u_770442026682761300 function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| bsspxClass object| bsspx object| pathfora object| _pfacfg object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_622546 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

21 Cookies

Domain/Path Name / Value
members.legacyresearch.com/palm-beach-confidential Name: bssSessionId
Value: 109203cc-0a2d-4a8c-b319-13501dfc4dfb
.members.legacyresearch.com/ Name: seerses
Value: e
.members.legacyresearch.com/ Name: seerid
Value: 7cf21973-0f03-45f1-b971-1cd2f17164d2
.lytics.io/ Name: seerid
Value: 7cf21973-0f03-45f1-b971-1cd2f17164d2
.legacyresearch.com/ Name: _hjSessionUser_342323
Value: eyJpZCI6IjhmNjE3MGQ3LWFjODktNTFjOS04MzMxLWE1MThjNWIxNjYwZSIsImNyZWF0ZWQiOjE2NTU5ODAwNDQzOTEsImV4aXN0aW5nIjpmYWxzZX0=
.legacyresearch.com/ Name: _hjFirstSeen
Value: 1
members.legacyresearch.com/ Name: _hjIncludedInSessionSample
Value: 1
.legacyresearch.com/ Name: _hjSession_342323
Value: eyJpZCI6IjI5ZDgyMDBlLWEwYjktNDE5Yy1iM2EwLTcwNjRmNDUxZDQ0OSIsImNyZWF0ZWQiOjE2NTU5ODAwNDQ0NzcsImluU2FtcGxlIjp0cnVlfQ==
members.legacyresearch.com/ Name: _hjIncludedInPageviewSample
Value: 1
.legacyresearch.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.sitescout.com/ Name: ssi
Value: fa4faa39-ec4c-4a95-b036-5bba74bc651e#1655980044852
.sitescout.com/ Name: _ssuma
Value: eyIzNCI6MTY1NTk4MDA0NDg3OSwiMiI6MTY1NTk4MDA0NDg3OSwiNCI6MTY1NTk4MDA0NDg3OSwiMzkiOjE2NTU5ODAwNDQ4NzksIjciOjE2NTU5ODAwNDQ4Nzl9
.tapad.com/ Name: TapAd_TS
Value: 1655980045040
.tapad.com/ Name: TapAd_DID
Value: 90c5d397-b368-4059-bba3-463ba1c43573
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.demdex.net/ Name: demdex
Value: 53244755447749851380123017829774230653
.dpm.demdex.net/ Name: dpm
Value: 53244755447749851380123017829774230653
.legacyresearch.com/ Name: _ga
Value: GA1.2.1318945626.1655980047
.legacyresearch.com/ Name: _gid
Value: GA1.2.1995730449.1655980047
.legacyresearch.com/ Name: _gat_UA-120161192-4
Value: 1

4 Console Messages

Source Level URL
Text
javascript error URL: https://members.legacyresearch.com/login
Message:
Access to XMLHttpRequest at 'https://secure.palmbeachgroup.com/snowflake/logger' from origin 'https://members.legacyresearch.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure.palmbeachgroup.com/snowflake/logger
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://members.legacyresearch.com/login
Message:
Access to XMLHttpRequest at 'https://secure.palmbeachgroup.com/snowflake/logger' from origin 'https://members.legacyresearch.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://secure.palmbeachgroup.com/snowflake/logger
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

article.cloudlgr.com
auth.cloudlgr.com
c.lytics.io
click.exct.legacyresearch.com
d14iv5833casao.cloudfront.net
d2z5ewoj022g8u.cloudfront.net
dpm.demdex.net
eletter.cloudlgr.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
loadm.exelator.com
members.legacyresearch.com
pixel.sitescout.com
pixel.tapad.com
recaptcha.net
script.hotjar.com
secure.palmbeachgroup.com
static.hotjar.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
trc.taboola.com
up.pixel.ad
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
secure.palmbeachgroup.com
104.92.106.130
108.138.17.96
13.111.45.142
13.32.118.133
143.204.89.27
178.79.242.181
18.202.123.28
18.66.122.29
2001:4860:4802:32::178
2600:9000:2156:800:6:3ed5:7000:21
2600:9000:223d:7800:13:8391:ac00:93a1
2606:4700:20::681a:216
2606:4700::6810:1937
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c08::9b
2a04:4e42:400::300
35.227.248.159
52.16.152.227
52.222.236.74
54.154.32.144
54.78.254.47
66.155.71.25
99.86.4.111
049dbe2f987ac1248387a663edc893fd62c44f8a85cdae77131d3b8501665169
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0adeee9dd2dd1bc0dfe55dc19f1eacde72cf214752a2e22a165e52b6f96f9a61
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20728109a3d8a5c16e70a1f7199375555911676b13d2b0660c7d1aa7224b6709
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
487d6a50f546933199bd69e76fdf1b0431d00f59610a5324c2ee1885ac0e15f4
4f80d077ffe95311d20ec6b975f7ed6251a5eb1db3b1b2b7d772b36994d03379
5925eb1595f8e731b22def121c31eaef4915ccaa85420e9b093946b88d26cf79
59bc1b80d42e6fba72edd8261f32812de6d743390626662ccc0f55da76711488
5ae70695df8d2afd007aa3144c02a9b46c74907680ad72703203495c5dfcf7b0
5b825650b993eecb352d1008eace23546aa8aa9c38500e2edde7dc7e5af91498
62ea1d9737de6b4768e16495dc969507350bccdc892a600d0931f2df528cfe81
632432c6574a1aa167bf408a709bc5f160a5c6ce154a12a7d8ac6f1552ca8d44
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f8ddbe5c4284d0cc2b0ec55bb5397b6c4ba4390f610ce9b19470cc3cfd00763
71ab3261b92a425c71acd49507785b7b18f0c2d68eeeabe6ba697a3be710e939
7ccb05a6c8de572031299bf17d1e2707dced7194ec3dd60d75f76010b4ec3ca6
8204f9f0c3a1ac2bb5b6b4867e62674681787ef0a95fb6cd41efd672e4f08f05
8259e9b1f1e64f9e574d096c77773234b53934bcd9f9a9ffe04e849db9ea3cf3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f6089a08cc1c82d297577a431c69927082a16305c59bea96ae51b58a14156b
90b9b8670f277e1862b2d340c39e961d67dd57d9bc1ddec1bd8f65472eaf727c
9310f71642cd889e14f3c056f0b3a46e6c44ab7180c1317878aec561c847608f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b373090cb8ae59335e0256b2757fcafb8db40bfeae5ef5f26f42645881f688d4
c1c0fdc1a3586912dccfbabd462781f2be2aee8634f49dca7f138d50f849e71a
c456ce9309990d5a1b8946e69426f43b650cbcdaf756d46d30dfe670c550436e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e220bff67826814553a51203a91ef8926a4446f6b0dce9ccde37b1167477eb2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5060422ddb4e1fa6110da96f1d5d6eb16568a35d8bff4d099f78fa27cda29f0
e636f1894b1827433dd5ea7bec41c5e137943c805d3f72d48c6d42c6c1f68817
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8e7a9924e324f908ac25086acb1552703d6e86226e7bd2a46e54dc0e46db125