www.oldrepublicexchange.com Open in urlscan Pro
207.67.29.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.us.m.mimecastprotect.com/s/uMt4C31pVgIrPJ83iqsiBV?domain=orexco1031.com/
Effective URL:
https://www.oldrepublicexchange.com/
Submission: On June 05 via api (June 5th 2024, 4:03:43 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 16 domains to perform 39 HTTP transactions. The main IP is 207.67.29.218, located in Elk Grove Village, United States and belongs to LVLT-3549, US. The main domain is www.oldrepublicexchange.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on April 24th 2024. Valid for: a year.

This is the only time www.oldrepublicexchange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.113 207.211.31.113	14135 (NAVISITE-...) (NAVISITE-EAST-2)
1 1	2606:4700::68... 2606:4700::6812:d31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	207.67.29.218 207.67.29.218	3549 (LVLT-3549) (LVLT-3549)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b347	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.65.228 142.250.65.228	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
39	15

2 207.211.31.113 (St. Cloud, United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com

url.us.m.mimecastprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d31 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.orexco1031.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 207.67.29.218 (Elk Grove Village, United States)

ASN3549 (LVLT-3549, US)
PTR: www.oldrepublicexchange.com

www.oldrepublicexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b347 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	oldrepublicexchange.com www.oldrepublicexchange.com	104 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 351 www.linkedin.com — Cisco Umbrella Rank: 553 px4.ads.linkedin.com — Cisco Umbrella Rank: 6771	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	231 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 6465	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	72 KB
2	mimecastprotect.com 2 redirects url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 12325	3 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 943	393 B
1	t.co t.co — Cisco Umbrella Rank: 713	374 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	64 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 907	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 880	17 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 137	21 KB
1	orexco1031.com 1 redirects www.orexco1031.com	162 B
39	16

	Domain	Requested by
17	www.oldrepublicexchange.com	www.oldrepublicexchange.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.oldrepublicexchange.com www.googletagmanager.com
2	pi.pardot.com	www.oldrepublicexchange.com pi.pardot.com
2	www.facebook.com	www.oldrepublicexchange.com
2	connect.facebook.net	www.oldrepublicexchange.com connect.facebook.net
2	url.us.m.mimecastprotect.com	2 redirects
1	analytics.twitter.com	www.oldrepublicexchange.com
1	t.co	www.oldrepublicexchange.com
1	px4.ads.linkedin.com	www.oldrepublicexchange.com
1	www.linkedin.com	1 redirects
1	www.google.com	www.oldrepublicexchange.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.oldrepublicexchange.com
1	www.orexco1031.com	1 redirects
39	18

This site contains links to these domains. Also see Links.

Domain
www.oldrepublic.com
www.oldrepublictitle.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.oldrepublicexchange.com GeoTrust TLS RSA CA G1	`2024-04-24` - `2025-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-07-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.oldrepublicexchange.com/
Frame ID: 6C2BF46451CB0F6F500B4B3064B52406
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Old Republic Exchange

Page URL History Show full URLs

https://url.us.m.mimecastprotect.com/s/uMt4C31pVgIrPJ83iqsiBV?domain=orexco1031.com/ HTTP 307
https://url.us.m.mimecastprotect.com/r/Dx9HknpCawNh3-O1LjJ92nt2C2RcNQUpHTZ5PP3_z7fndtBiJ7b1baZflZ6LLHpPkKP1B1yb4G... HTTP 307
http://www.orexco1031.com/ HTTP 307
https://www.orexco1031.com/ HTTP 301
https://www.oldrepublicexchange.com/ Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

39
Requests

97 %
HTTPS

41 %
IPv6

16
Domains

18
Subdomains

15
IPs

1
Countries

490 kB
Transfer

1257 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.oldrepublic.com/
Title: Old Republic International Corporation

Search URL Search Domain Scan URL

URL: http://www.oldrepublictitle.com/
Title: Old Republic National Title Insurance Company

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/oldrepublicexchange
Title: LET'S CONNECT

Search URL Search Domain Scan URL

URL: https://www.oldrepublictitle.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.us.m.mimecastprotect.com/s/uMt4C31pVgIrPJ83iqsiBV?domain=orexco1031.com/ HTTP 307
https://url.us.m.mimecastprotect.com/r/Dx9HknpCawNh3-O1LjJ92nt2C2RcNQUpHTZ5PP3_z7fndtBiJ7b1baZflZ6LLHpPkKP1B1yb4Gx7iPYyyZ9D4MQtwyznEbXIEpO8JEbH_vUthvOFRcqyK1IcAu3J1vRkNEX_QgQyTbUFdgnXkoQtzcb4D6hGeaPyHfvzoJpQ88j79AsJOktwPJ3BHi5hw0olk3z9uVdSdg_YnwRGqHZLo_JutMFE8RGVKDN6G2fvgsR-od5lw_u3AsOdKZ9nKbOBpVS9lxn96t-qMRE24TUpebP0PCsq9wSKEgKgAWg9Wwpg6P7i2Gg7ZaQFH8SBVAO0ICv6hpNwkW64Nk6xAYSHFTQpOzizShwUB5PD0SMiZTeYy-4bpyXNzK6nbX_E2I2AYLEROtcBjNoCqEjnpELv4PCBcbqBwU0p4_snZ__uiGNVYaTZ2zW4j-Msxl5av39QW2aBYhN9XX8RwNm5Jm5FDhZTS81nOrDtC8MnFk7rLuLXEjhVvDIzov0zaBsq7ZByIwZFHW5Zke--4OlLce9mT868sj0PGY8SugTQ-NBGCHIhIVAOT-pngshLmbZ7-w-_jcQdTedSV4HxdRf6VIAL99Pj1KBzxu6HcwEADd-msWtieIAcZa_S9UagtFe_ESgwd_0wefRvMwv1XuGkIo7Vn2DgCytRvhTNY7dRo7hJaNuQ6MxUp8qDiB2cDVCTPB9yZA-V642UakJfePgwHgRc23nfKfjGfXi3xiDVEQ-3wflpHvjhwq0V_eQQZLd9lrsqqCTMMnW6Bn_KT9UGJ5iA-7Bmo5KN0UsU6dza5Vhefqw3_7KaIt09eEbksOVMpiAtt8jx1Kw4mVAdA12XmliRzdsWxcjtFOJBMOR9k_iGONAlPkmFGBlw3IhUSltiLdOX_wxUDmrd3nN26bGAFw_Jbya9vIgg_yLY9ndpp1Pj8kZmSAzGEhdQz45p0y_fV2ubCzU9bVDrmxdMJqS6Tz9Xe2h6C_yVJk42KU1K0rflvXbR9AU8hUuZgd3F7RjFQFvDUpGVgy5duPBoJI-_tw5tMCBMweFSLbyyFQtlL8IwgseICSkZT8uHZbmR0DnSKwCae_xoZrWLBZ9-JGr0NztJFW46XaOxRNEoVlvYS8441EHHafnixDhsCEJj99rDtJLSKjKHmJiovKft5ZgulKd4I0r-P_W86_sPTEDzGzks2WEHd2qxyeexflb9kONquE94-R2i1-KJxeTWWQQWZCDuxSU5TmLFGP4ZSGlB2L6LnqJn3lnUBsJdAOBY2eOa68W3V8lt_8UHBx_vWy558Ma15oS68vf5oaGc6vMfW5Lyluo7yslo4ogZW7hyoApX-E0s7CxlHoFmDxdB7vzx4zRZkyEHm37WpzJHMO79YoMdxXkMXvGTcea13GQYg8aSMmL867teiRZcaS_2qdINqvW2cuJ4L6GFuO14hRo9-N8eTsWF8-XsOINIpKpvWL068f_fg_gyqjSUANvVoH7yTkrI_eV8MnOc6M63oSSbL_uNESuHk0fseujcX4sOVy8b8mXrKEUOq4GVICcm6V1CZmIT2TylSutwk-Ao1EZEVAeT_RRnLm0UZxcL6cXSk7fPf-PsHndDuB_G9C79oyNVBF4K8brLDI_TKkGDwJOq2PoW1K604wwbjjXPHUP__M_3RK8DYMPtaFCiDZApr2KbVlCDKJKki6WFD9Ps25UhN_V9r86tUh6D8AmX-cRsvk7Ym1RkxIZry65K16mBlIJz8pU5Kohz1wnpYG61eBA0jX1On2WGWz2prr2p46Epyz2MT9jRulgvsCUeIXE8SOh2j1ukOYB1WXQd0koR7hx0Az6uXrCKulzlov-ipBmh422byZU6d0P9CXbxOJ-ws62GjjVuiV1VjSvF0YEenKqCvBBE7ku11cJLFlMYxYwHMFVu6y6b2Qhwa9eAC-EUucYWpP0v7BA8zJiKRmUnssiLOyuNs69gxhk59CjkxhONaIVR5NRXivc-QEX8a7oMsv3syJ-Ykjh8E6GEDGdyg-rgqebOwCzkFHcXHfGg6LRxGeFoKKSZhSQiOFNMN4xioEuhs9CNgVXpHwl7yUqCHGSxrhwlimc8Bi_nfx3AUPbMn6dQrJRji7PbuhnCFu7CwADeC2siVOEqNX61Dc0U4D7MW_FJhuU7eP0XLkjGwuY1g2ljKn2JLp1W0BUWxDGRv0v6LjhbgySWulnFF02RDswDvnbdlcqzSgxu7lFZkfzOes2XNPy-r-y1MCnx41Qk1k4xdsnmx46xblZ33iTjlwS59v1tMil7vj1KKs08FCCYstT3OJFUpylBY8yJR2zELseWNgMj25EiabT3l3ErEh7wjIJbwaU5AWIE_CTwEyv7fzo3onm2_FyT5Q-Sj2366g8POSIRnYlHAtBGw-wogPkv3tvjgBMJGTXl8m58uF5MzSFk7ZQjCIb1ldP0UCmTQiHuVzOqhw7XBQL9yUQpa5gF6mRzDNEEZs_ZpnfsOFtu5ORFzU122TiyfOUYyvNH3rPNQDmvDMrU5NG-o1lOaLQk5085OGl9eNk_70qx-u5q042JtyCnLy-zw0jxUCN8cj42aIssnzP5gDuM5DARadFTQUJehFixENgi_f-YC0XHjKAkcmEfKVywHQN1f-0wdIXfAHtmsLrA-wf2T2SVNcKjJ3hK9Uj4S1vMEFr55Dzo9-NFxu9fhdBHiHkLSSe3eE8t1Rt6qONItipN6TWqkbGLOj8Mh1Dr2PbLo6KbTLQGqjipHZfo3MUM8oT-zB_SCar9XlKvvn4Kwi5wRzjrQCWoVntVdLNvk6jEbaDDcjgBUwQtOM8RSYyMdSS9V6yNLOflLEaha7h_iup5OIfYedsqxbcL9vKgokGiie8t8zLpKxVbW9s5saxOdFqMDcEvT3c_ja0aHB9yTI9VGmgwbgnfhhY-SmMfdajN61_oMyJ_7EorWJfk HTTP 307
http://www.orexco1031.com/ HTTP 307
https://www.orexco1031.com/ HTTP 301
https://www.oldrepublicexchange.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2670564%26time%3D1717603418172%26url%3Dhttps%253A%252F%252Fwww.oldrepublicexchange.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJt6gIG5UEMqgAAAY_pJEEmNVti5uIu6ZKNv6Lh5WJE5C98EYgB51WDBkuBlLzbzCKyFA

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.oldrepublicexchange.com/
Redirect Chain

https://url.us.m.mimecastprotect.com/s/uMt4C31pVgIrPJ83iqsiBV?domain=orexco1031.com/
https://url.us.m.mimecastprotect.com/r/Dx9HknpCawNh3-O1LjJ92nt2C2RcNQUpHTZ5PP3_z7fndtBiJ7b1baZflZ6LLHpPkKP1B1yb4Gx7iPYyyZ9D4MQtwyznEbXIEpO8JEbH_vUthvOFRcqyK1IcAu3J1vRkNEX_QgQyTbUFdgnXkoQtzcb4D6hGea...
http://www.orexco1031.com/
https://www.orexco1031.com/
https://www.oldrepublicexchange.com/

9 KB
5 KB

168ms
45ms

Document
text/html

207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

1b4b63613f1f2ae025e2be6c0b1fadb5a63f0dbbd8061f3454444fa7ea29e3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 4415
Content-Type: text/html; charset=utf-8
Date: Wed, 05 Jun 2024 16:03:31 GMT
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

cache-control: max-age=3600
cf-ray: 88f164d008494bd2-BUF
content-length: 167
content-type: text/html
date: Wed, 05 Jun 2024 16:03:37 GMT
expires: Wed, 05 Jun 2024 17:03:37 GMT
location: https://www.oldrepublicexchange.com
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK styles.css
www.oldrepublicexchange.com/css/ 17 KB
4 KB 42ms
40ms Stylesheet
text/css 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oldrepublicexchange.com/css/styles.css

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

4e465a11492e306173f1414dda26c7fb6d47b8e2ae20f03ee1a81765b2cfe643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 04 Jun 2024 02:06:27 GMT
X-Content-Type-Options: nosniff
ETag: "8053c5ce23b6da1:0"
Vary: Accept-Encoding
Content-Type: text/css
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 3207

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 130ms
63ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139132382-1

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8d75f2bc277ea79359b1a577b00e8b7f4755745a873b601b4f295d2d1d3b5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75762
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 16:03:37 GMT

GET
H/1.1 200
OK ORE-SL-M-W-425x110.png
www.oldrepublicexchange.com/images/ 7 KB
8 KB 81ms
40ms Image
image/png 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/ORE-SL-M-W-425x110.png

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

a178ee9fb8baadcb8856d96dd5e13f9233caaa58d99138cab11fae00469b30d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "14ebc0cf23b6da1:0"
Content-Type: image/png
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 7609

GET
H/1.1 200
OK home_text_top.png
www.oldrepublicexchange.com/images/home/ 2 KB
2 KB 188ms
50ms Image
image/png 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/home/home_text_top.png

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

2582aaf6d475a98e913b17b76382c8be325e46fa27e7be533cf0a1a2a7b2f8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "f76298cf23b6da1:0"
Content-Type: image/png
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 1839

GET
H/1.1 200
OK home_drop_cap.png
www.oldrepublicexchange.com/images/home/ 747 B
1 KB 144ms
49ms Image
image/png 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/home/home_drop_cap.png

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

f67ec2c6cbe7784ea5c3c78813cef60dafc99cde34177b9737e925e0fa8374e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "be3b91cf23b6da1:0"
Content-Type: image/png
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 747

GET
H/1.1 200
OK home_text_bot.png
www.oldrepublicexchange.com/images/home/ 2 KB
2 KB 131ms
27ms Image
image/png 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/home/home_text_bot.png

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

8857d326e3407266e333494e80cfb5b04f6810a6de3972e2ebfc16d190ee3ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "f76298cf23b6da1:0"
Content-Type: image/png
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 1878

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 57 KB
21 KB 152ms
106ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

6d0d9ea85a716570439b2fe83675f90555adaa4d2e55230c23d4a385bdf14b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21150
x-xss-protection: 0
server: cafe
etag: 12855177211735995526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Jun 2024 16:03:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
67 KB 138ms
115ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NC5V7JM

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0d5a10d03908b4f247daf205985f5befca90a4ff1b312629cf95a4a42e5822c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68827
x-xss-protection: 0
last-modified: Wed, 05 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jun 2024 16:03:37 GMT

GET
H/1.1 200
OK home_photo_2018_0.jpg
www.oldrepublicexchange.com/images/home/ 56 KB
56 KB 154ms
40ms Image
image/jpeg 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/home/home_photo_2018_0.jpg

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

18342e7fd736efaacffbb913d3535db49b91e7b4674491b911c711a87899839e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "be3b91cf23b6da1:0"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 56999

GET
H/1.1 200
OK button_sign_in_temp.jpg
www.oldrepublicexchange.com/images/ 3 KB
3 KB 151ms
37ms Image
image/jpeg 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/button_sign_in_temp.jpg

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

8d6f6d38a7cd33bd4962a35ec96ae3d17b52b4372586c7b8f14e389cf97482b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "15277cf23b6da1:0"
Content-Type: image/jpeg
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 2784

GET
H/1.1 200
OK nav_0.gif
www.oldrepublicexchange.com/images/ 2 KB
2 KB 106ms
37ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_0.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

e360b22fe3cf13fc8c7fc015dae8ca86125bb9ed0cc30d65ef22b83e0475062b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "b388becf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 1811

GET
H/1.1 200
OK nav_1.gif
www.oldrepublicexchange.com/images/ 2 KB
2 KB 108ms
40ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_1.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

615e21da4f756033e6d79f2494ac6fa983fd2d27153329e4f522a64dfd2b199c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "b388becf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 2087

GET
H/1.1 200
OK nav_2.gif
www.oldrepublicexchange.com/images/ 4 KB
4 KB 66ms
41ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_2.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

530a7aa7caf5b67720ec7df48787ca15d5ffcc7ddfbfb60d278879269dee778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "b388becf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 4142

GET
H/1.1 200
OK nav_3.gif
www.oldrepublicexchange.com/images/ 3 KB
4 KB 69ms
37ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_3.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

49d1fbfd6ef87b8e088cfc3dfdb73b8ed36a4ace422cfd1bec051c55dccfc4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "14ebc0cf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 3174

GET
H/1.1 200
OK nav_4.gif
www.oldrepublicexchange.com/images/ 2 KB
3 KB 95ms
28ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_4.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

4b7b4b993b29432eeee880a7159b217ea5f32db7553d1ce996261b2064cb1a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "14ebc0cf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 2270

GET
H/1.1 200
OK nav_5.gif
www.oldrepublicexchange.com/images/ 2 KB
3 KB 106ms
39ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_5.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

2a7bdab0c0f6cfc8c884d4f824a0bc910a8db653e9cd2f8c857d19f5b893400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "14ebc0cf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 2414

GET
H/1.1 200
OK nav_6.gif
www.oldrepublicexchange.com/images/ 2 KB
3 KB 67ms
28ms Image
image/gif 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/nav_6.gif

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

09b1b70d220615626a0056361cddcf608bb7ca3a76cb22cd429af9557327b31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "14ebc0cf23b6da1:0"
Content-Type: image/gif
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 2190

GET
H/1.1 200
OK home_text_bg.png
www.oldrepublicexchange.com/images/home/ 206 B
618 B 38ms
33ms Image
image/png 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oldrepublicexchange.com/images/home/home_text_bg.png

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

1eb4f90f95ea67333868b550ac24cc39bad87eca44c3aa92a5fa53ebb6eeee78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jun 2024 02:06:28 GMT
ETag: "f76298cf23b6da1:0"
Content-Type: image/png
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
Accept-Ranges: bytes
Content-Length: 206

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 65ms
65ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SHHEP37RGP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139132382-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b857998a73ab10b10dc16da7113682753a8e30ae59916eb53bbc3897b51fe4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 16:03:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 97ms
31ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139132382-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jun 2024 15:51:49 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 709
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jun 2024 17:51:49 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964857183/ 2 KB
1 KB 111ms
59ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964857183/?random=1717603418019&cv=9&fst=1717603418019&num=1&label=4SmVCPGLxQUQ35qKzAM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&tiba=Old%20Republic%20Exchange&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

c8dc3b79f1d1090c018e3f6a1f786ada8ff5b4230af65157f91ac325a345fc19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1371
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 97ms
26ms Script
application/javascript 2600:141b:1c00:8::1728:b347
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC5V7JM

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:8::1728:b347 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65782
accept-ranges: bytes
content-length: 16683

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 139ms
42ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC5V7JM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: gzip
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kjyo7100110-IAD

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 72ms
23ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 16:03:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: XiWIEbAgrd13ydIlrDbocU1/vHBfQ+oODSFNXICmEvbV07BeD1lFlkrk25cvWCy89tgSWGiT/PTJqZpllGwY+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 44ms
43ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SHHEP37RGP&gtm=45je4630v9114348283za200&_p=1717603417841&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=177957851.1717603418&ul=en-us&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1717603418&sct=1&seg=0&dl=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&dt=Old%20Republic%20Exchange&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHHEP37RGP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 16:03:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oldrepublicexchange.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 41ms
40ms XHR
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=400897765&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&ul=en-us&de=UTF-8&dt=Old%20Republic%20Exchange&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1661534775&gjid=325494479&cid=177957851.1717603418&tid=UA-139132382-1&_gid=1664659936.1717603418&_r=1&gtm=457e4630za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&jsscut=1&z=776127885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 16:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oldrepublicexchange.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/964857183/ 42 B
64 B 92ms
42ms Image
image/gif 142.250.65.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964857183/?random=1717603418019&cv=9&fst=1717603200000&num=1&label=4SmVCPGLxQUQ35qKzAM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&tiba=Old%20Republic%20Exchange&hn=www.googleadservices.com&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL7UwK7N6prBggWvezQ6uXZJLC5oEJug&random=2399652235&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.228 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 16:03:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
763 B 109ms
56ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BC97AADA139A4AC49F5E4757A1C2112C Ref B: EWR311000108037 Ref C: 2024-06-05T16:03:38Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYaJrWcCaXDm1GAK5gRKg==
x-fs-uuid: 00061a26b59c09a5c39b51802b98112a

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2670564%26time%3D1717603418172%26url%3Dhttps%253A%252F%252Fwww.oldrepublicexchang...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJt6gIG5UEMqgAAAY_pJEEmNVti5uIu6...

0
491 B

88ms
49ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJt6gIG5UEMqgAAAY_pJEEmNVti5uIu6ZKNv6Lh5WJE5C98EYgB51WDBkuBlLzbzCKyFA
Requested by: Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://www.oldrepublicexchange.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8BE6F436491B4F14A1DD32D2715C76BC Ref B: YTO01EDGE0517 Ref C: 2024-06-05T16:03:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaJrWfmDGa9+Me6+xFzQ==

Redirect headers

date: Wed, 05 Jun 2024 16:03:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 12679E513C53450CB22F97ABE3C188EE Ref B: NYCEDGE1313 Ref C: 2024-06-05T16:03:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2670564&time=1717603418172&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJt6gIG5UEMqgAAAY_pJEEmNVti5uIu6ZKNv6Lh5WJE5C98EYgB51WDBkuBlLzbzCKyFA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYaJrWeXVkWsm6JtuOjlg==

GET
H2 200 671142070197680 Show response
connect.facebook.net/signals/config/ 57 KB
13 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/671142070197680?v=2.9.157&r=stable&domain=www.oldrepublicexchange.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b90f3f9211e995e6d4822ae8fc350c46dd04c73de29d1a604c0da316c171de24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jun 2024 16:03:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12669
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=63, mss=1297, tbw=63494, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: /KGlMKc/bpBtV++4o6snXZUlTCGszSVOqUcnVWnQiZjOStyzoEjI9YunAWRtbYKSdvfsZ1qZfTbwglCk9qoc4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
374 B 153ms
76ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=66c56d7b-f2e5-4ba6-8b0f-123a2bb8c504&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f59c46ac-f972-467a-ae4c-192932e6d490&tw_document_href=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx6on&type=javascript&version=2.3.30

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 5
date: Wed, 05 Jun 2024 16:03:38 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8ee22394cbe345ca
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: e1ba96e1151bfcbd8feb9d6f504041fb11af30c033bc06e4e1e594c016d2147d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 158ms
61ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=66c56d7b-f2e5-4ba6-8b0f-123a2bb8c504&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f59c46ac-f972-467a-ae4c-192932e6d490&tw_document_href=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nx6on&type=javascript&version=2.3.30

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 5
date: Wed, 05 Jun 2024 16:03:37 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 6ab7f16cea1620c3
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 5085dfa7b433b0c8ade8f5751c9949a03e7ed25e614c432ab717c745d0752c48
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 85ms
33ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=671142070197680&ev=PageView&dl=https%3A%2F%2Fwww.oldrepublicexchange.com&rl=&if=false&ts=1717603418230&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717603418228.177248786485074276&pm=1&hrl=505971&ler=empty&cdl=API_unavailable&it=1717603418190&coo=false&cs_cc=1&cas=7406527256100796%2C3668690346555654%2C5015402571810888&rqm=GET

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2814, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jun 2024 16:03:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 229ms
178ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=671142070197680&ev=PageView&dl=https%3A%2F%2Fwww.oldrepublicexchange.com&rl=&if=false&ts=1717603418230&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4124&fbp=fb.1.1717603418228.177248786485074276&pm=1&hrl=505971&ler=empty&cdl=API_unavailable&it=1717603418190&coo=false&cs_cc=1&cas=7406527256100796%2C3668690346555654%2C5015402571810888&rqm=FGET

Requested by

Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4f4cdd89fc9f923f","source_keys":["1","2"]},{"key_piece":"0x1bc1cd3218f56258","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 05 Jun 2024 16:03:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=12, mss=1297, tbw=3132, tp=-1, tpl=-1, uplat=154, ullat=1
pragma: no-cache
x-fb-debug: dF6qAnJxe7YTJckFKwswcAOvay9uWfVK+x13S1cwn10CJcIm3yPWuQv8sM6LZetvhPflPVKyeEHO7HiC93GpJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
204 B 45ms
44ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.oldrepublicexchange.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 16:03:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 185ADE2174FC416CA719DE8B614A4334 Ref B: NYCEDGE1313 Ref C: 2024-06-05T16:03:38Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.oldrepublicexchange.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYaJrWggOZxEcU9sNSCQQ==

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 122ms
36ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.oldrepublicexchange.com
URL: https://www.oldrepublicexchange.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Wed, 05 Jun 2024 05:28:46 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Fri, 05 Jun 2026 16:03:38 GMT

GET
H/1.1 404
Not Found favicon.ico
www.oldrepublicexchange.com/ 1 KB
2 KB 39ms
38ms Other
text/html 207.67.29.218
LVLT-3549

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oldrepublicexchange.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.67.29.218 Elk Grove Village, United States, ASN3549 (LVLT-3549, US),

Reverse DNS

www.oldrepublicexchange.com

Software

Resource Hash

dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin
Permissions-Policy: geolocation=(self "https://example.com"), microphone=()
X-Content-Type-Options: nosniff
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
488 B 49ms
49ms Script
text/html 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=2082&account_id=105662&title=Old%20Republic%20Exchange&url=https%3A%2F%2Fwww.oldrepublicexchange.com%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.oldrepublicexchange.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 05 Jun 2024 16:03:38 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
cache-control: max-age=63072000
Connection: keep-alive
Content-Length: 89
expires: Fri, 05 Jun 2026 16:03:38 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.oldrepublicexchange.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: kgt2px50tq30qkhxzsetd02v
.doubleclick.net/	1970-01-20 21:06:44	Name: test_cookie Value: CheckForPermission
.oldrepublicexchange.com/	1970-01-21 06:42:43	Name: _ga_SHHEP37RGP Value: GS1.1.1717603418.1.0.1717603418.0.0.0
.oldrepublicexchange.com/	1970-01-21 06:42:43	Name: _ga Value: GA1.2.177957851.1717603418
.oldrepublicexchange.com/	1970-01-20 21:08:09	Name: _gid Value: GA1.2.1664659936.1717603418
.oldrepublicexchange.com/	1970-01-20 21:06:43	Name: _gat_gtag_UA_139132382_1 Value: 1
.oldrepublicexchange.com/	1970-01-20 23:16:19	Name: _fbp Value: fb.1.1717603418228.177248786485074276
.linkedin.com/	1970-01-20 23:16:19	Name: li_sugr Value: 718ee368-3334-4f22-955f-27a049a6b506
.linkedin.com/	1970-01-21 05:52:19	Name: bcookie Value: "v=2&dc39ba76-57e3-42e2-8814-f2a419f591e3"
.linkedin.com/	1970-01-20 21:08:09	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3262:u=1:x=1:i=1717603418:t=1717689818:v=2:sig=AQGls-dxJpRk_RcDANccIHOCzTMyDnqX"
.linkedin.com/	1970-01-20 21:49:55	Name: UserMatchHistory Value: AQKA30AWPl0nNwAAAY_pJEC2b29kpZ6QXB9eZRFnY3MgSiFaHlvkdyxa-jSwLgU4eNljErx-ssZrSQ
.linkedin.com/	1970-01-20 21:49:55	Name: AnalyticsSyncHistory Value: AQI9grmNpS2NOAAAAY_pJEC2KtDUo7ehghvmoz3WC9UV6ugHBLXuZ0zCdwv1opRrIVD0Jf6c1_D6bttlFS5QPQ
.t.co/	1970-01-21 06:42:43	Name: muc_ads Value: 434fd73e-7e6f-48c4-a0e1-8176123d4d30
.twitter.com/	1970-01-21 06:42:43	Name: personalization_id Value: "v1_/xgUUQxUl3VSOHp+4gaing=="
.www.linkedin.com/	1970-01-21 05:52:19	Name: bscookie Value: "v=1&202406051603382b338392-b8f9-4950-8e3f-ff9cd2ee99c3AQGP5Xb4CihuNeHyquJjhT4yV4jLUrPi"

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.oldrepublicexchange.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.oldrepublicexchange.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
connect.facebook.net
googleads.g.doubleclick.net
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
static.ads-twitter.com
t.co
url.us.m.mimecastprotect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.oldrepublicexchange.com
www.orexco1031.com
104.244.42.195
13.107.42.14
142.250.65.226
142.250.65.228
142.250.80.98
146.75.32.157
207.211.31.113
207.67.29.218
2600:141b:1c00:8::1728:b347
2606:4700::6812:d31
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80e::200e
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
52.54.96.194
72.21.81.130
09b1b70d220615626a0056361cddcf608bb7ca3a76cb22cd429af9557327b31b
18342e7fd736efaacffbb913d3535db49b91e7b4674491b911c711a87899839e
1b4b63613f1f2ae025e2be6c0b1fadb5a63f0dbbd8061f3454444fa7ea29e3ca
1eb4f90f95ea67333868b550ac24cc39bad87eca44c3aa92a5fa53ebb6eeee78
2582aaf6d475a98e913b17b76382c8be325e46fa27e7be533cf0a1a2a7b2f8c4
2a7bdab0c0f6cfc8c884d4f824a0bc910a8db653e9cd2f8c857d19f5b893400e
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49d1fbfd6ef87b8e088cfc3dfdb73b8ed36a4ace422cfd1bec051c55dccfc4ac
4b7b4b993b29432eeee880a7159b217ea5f32db7553d1ce996261b2064cb1a72
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e465a11492e306173f1414dda26c7fb6d47b8e2ae20f03ee1a81765b2cfe643
530a7aa7caf5b67720ec7df48787ca15d5ffcc7ddfbfb60d278879269dee778c
615e21da4f756033e6d79f2494ac6fa983fd2d27153329e4f522a64dfd2b199c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0d9ea85a716570439b2fe83675f90555adaa4d2e55230c23d4a385bdf14b0a
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8857d326e3407266e333494e80cfb5b04f6810a6de3972e2ebfc16d190ee3ebf
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8d6f6d38a7cd33bd4962a35ec96ae3d17b52b4372586c7b8f14e389cf97482b6
a178ee9fb8baadcb8856d96dd5e13f9233caaa58d99138cab11fae00469b30d6
a8d75f2bc277ea79359b1a577b00e8b7f4755745a873b601b4f295d2d1d3b5c9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0d5a10d03908b4f247daf205985f5befca90a4ff1b312629cf95a4a42e5822c
b857998a73ab10b10dc16da7113682753a8e30ae59916eb53bbc3897b51fe4b6
b90f3f9211e995e6d4822ae8fc350c46dd04c73de29d1a604c0da316c171de24
c8dc3b79f1d1090c018e3f6a1f786ada8ff5b4230af65157f91ac325a345fc19
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e360b22fe3cf13fc8c7fc015dae8ca86125bb9ed0cc30d65ef22b83e0475062b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67ec2c6cbe7784ea5c3c78813cef60dafc99cde34177b9737e925e0fa8374e4

www.oldrepublicexchange.com Open in urlscan Pro 207.67.29.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

41 %IPv6

16 Domains

18 Subdomains

15 IPs

1 Countries

490 kBTransfer

1257 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oldrepublicexchange.com Open in urlscan Pro
207.67.29.218 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

41 %
IPv6

16
Domains

18
Subdomains

15
IPs

1
Countries

490 kB
Transfer

1257 kB
Size

15
Cookies

39 HTTP transactions
0 data transactions