legalthoughtbd.com Open in urlscan Pro
104.193.142.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Submission: On July 15 via automatic, source openphish (July 15th 2020, 1:31:41 pm UTC)

Summary HTTP 74 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 18 domains to perform 74 HTTP transactions. The main IP is 104.193.142.80, located in Los Angeles, United States and belongs to INMOTI-1, US. The main domain is legalthoughtbd.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 18th 2020. Valid for: 3 months.

This is the only time legalthoughtbd.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Trademe (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.193.142.80 104.193.142.80	54641 (INMOTI-1) (INMOTI-1)
22	122.252.191.120 122.252.191.120	9834 (TRADEME-A...) (TRADEME-AS-NZ Trade Me Limited)
2	202.162.72.3 202.162.72.3	9834 (TRADEME-A...) (TRADEME-AS-NZ Trade Me Limited)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	23.5.109.251 23.5.109.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
2 5	52.49.227.144 52.49.227.144	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:f200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.40 13.225.78.40	16509 (AMAZON-02) (AMAZON-02)
1	52.212.184.249 52.212.184.249	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.248.199.171 34.248.199.171	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.186.208 13.224.186.208	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.39 13.225.78.39	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	185.64.189.244 185.64.189.244	62713 (AS-PUBMATIC) (AS-PUBMATIC)
74	28

3 104.193.142.80 (Los Angeles, United States) 1 redirects

ASN54641 (INMOTI-1, US)

legalthoughtbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.legalthoughtbd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 122.252.191.120 (New Zealand)

ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ)

www.trademe.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.162.72.3 (New Zealand)

ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ)

ads.trademe.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.251 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.49.227.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

secure-nz.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:f200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.184.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.199.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.208 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

d3f5l8ze0o4j2m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.staticcdn.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.244 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	trademe.co.nz www.trademe.co.nz ads.trademe.co.nz	450 KB
10	imrworldwide.com 2 redirects secure-nz.imrworldwide.com cdn-gl.imrworldwide.com bee.imrworldwide.com	76 KB
8	googlesyndication.com 12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	87 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com fastlane.rubiconproject.com	3 KB
4	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	120 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com t.pubmatic.com	87 KB
3	legalthoughtbd.com 1 redirects legalthoughtbd.com www.legalthoughtbd.com	50 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	748 B
2	google.com 1 redirects adservice.google.com www.google.com	350 B
2	google.de adservice.google.de www.google.de	274 B
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	googletagmanager.com www.googletagmanager.com	138 KB
1	ampproject.org cdn.ampproject.org	7 KB
1	staticcdn.co.nz www.staticcdn.co.nz	1 KB
1	cloudfront.net 1 redirects d3f5l8ze0o4j2m.cloudfront.net	251 B
1	adsrvr.org match.adsrvr.org	545 B
74	18

	Domain	Requested by
22	www.trademe.co.nz	legalthoughtbd.com
5	secure-nz.imrworldwide.com	2 redirects cdn-gl.imrworldwide.com legalthoughtbd.com
4	cdn-gl.imrworldwide.com	legalthoughtbd.com cdn-gl.imrworldwide.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com legalthoughtbd.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.krxd.net	legalthoughtbd.com cdn.krxd.net
3	securepubads.g.doubleclick.net	www.trademe.co.nz securepubads.g.doubleclick.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	eus.rubiconproject.com	legalthoughtbd.com ads.pubmatic.com
2	www.googletagmanager.com	legalthoughtbd.com www.googletagmanager.com
2	ads.pubmatic.com	www.trademe.co.nz ads.pubmatic.com
2	ads.trademe.co.nz	legalthoughtbd.com
2	legalthoughtbd.com	1 redirects
1	t.pubmatic.com	ads.pubmatic.com
1	cdn.ampproject.org	securepubads.g.doubleclick.net
1	acdn.adnxs.com	ads.pubmatic.com
1	www.staticcdn.co.nz
1	d3f5l8ze0o4j2m.cloudfront.net	1 redirects
1	beacon.krxd.net	cdn.krxd.net
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	ib.adnxs.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	consumer.krxd.net	cdn.krxd.net
1	bee.imrworldwide.com	cdn-gl.imrworldwide.com
1	www.google.de	legalthoughtbd.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	secure-assets.rubiconproject.com	1 redirects
1	mug.criteo.com	legalthoughtbd.com
1	gum.criteo.com	1 redirects
1	www.legalthoughtbd.com	legalthoughtbd.com
74	35

This site contains links to these domains. Also see Links.

Domain
www.lifedirect.co.nz
www.trademeinsurance.co.nz
www.holidayhouses.co.nz
www.trademe.co.nz
www.findsomeone.co.nz
www.motorweb.co.nz
www.harmoney.co.nz
www.harmoney.com
sell.trademe.co.nz
help.trademe.co.nz
trademe.nz

Subject Issuer	Validity	Valid
legalthoughtbd.com cPanel, Inc. Certification Authority	`2020-06-18` - `2020-09-16`	3 months	crt.sh
www.trademe.co.nz DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2021-03-15`	a year	crt.sh
*.trademe.co.nz DigiCert SHA2 High Assurance Server CA	`2019-05-19` - `2021-07-14`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
staticcdn.co.nz Amazon	`2020-01-27` - `2021-02-27`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Frame ID: 217119A5675201428CEAFE0E3318CBA0
Requests: 64 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Frame ID: 03C38A6E724C34B08B4CA10EEE9B1EF3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 8C7A7658F53956707AC9619DF8AB2072
Requests: 1 HTTP requests in this frame

Frame: https://secure-nz.imrworldwide.com/storageframe.html
Frame ID: 4AF0BFC5330466FB25935B3AB2317E13
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 766922C3D6D5388DA9335921259DCCE3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CE758633E6993FB5B49307717953ABF3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 20CA7176D967C3E41C415F95F4D60501
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D8CCCB295CA3B4518FFAD49E17B5BC01
Requests: 1 HTTP requests in this frame

Frame: https://12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: AD11FE6A8D798EA8B74E2BEBC7F985EE
Requests: 1 HTTP requests in this frame

Frame: https://12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 16D0FC883923C45B480D3CD4B0D66A33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: F97D0EE0E3B0396A06A182EBE5EDFA0C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

74
Requests

97 %
HTTPS

38 %
IPv6

18
Domains

35
Subdomains

28
IPs

8
Countries

1051 kB
Transfer

3107 kB
Size

12
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.lifedirect.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: LifeDirect

Search URL Search Domain Scan URL

URL: https://www.trademeinsurance.co.nz/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_header&tm_mid=4319943
Title: Trade Me Insurance

Search URL Search Domain Scan URL

URL: http://www.holidayhouses.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: Holiday Houses

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=103172
Title: Services

Search URL Search Domain Scan URL

URL: http://www.findsomeone.co.nz/?utm_source=trademe&utm_medium=navbar&utm_campaign=homepage
Title: FindSomeone

Search URL Search Domain Scan URL

URL: http://www.motorweb.co.nz/?referral=trademe&utm_source=trademe&utm_medium=text-link&utm_content=free-vehicle-reports&utm_campaign=trademe-header
Title: MotorWeb

Search URL Search Domain Scan URL

URL: https://www.harmoney.co.nz/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_Harmoney_2015
Title: Harmoney

Search URL Search Domain Scan URL

URL: https://www.findsomeone.co.nz/?utm_source=TradeMe&utm_medium=navbar&utm_campaign=homepage
Title: FindSomeone

Search URL Search Domain Scan URL

URL: https://www.harmoney.com/?utm_source=TradeMe&utm_medium=NavBar&utm_content=TradeMe&utm_campaign=TradeMe_Harmoney_2015
Title: Harmoney

Search URL Search Domain Scan URL

URL: https://sell.trademe.co.nz/lastchance
Title: Last chance

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69859&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=general
Title: General item

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69860&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=motors
Title: Car, motorbike or boat

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69861&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=property
Title: Property

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69862&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=jobs
Title: Job

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69863&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=flatmates
Title: Flatmates wanted

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=69864&currentCid=0&wasLoggedIn=True&listInThisCategoryShown=False&fromLink=service
Title: Service

Search URL Search Domain Scan URL

URL: https://sell.trademe.co.nz/myproducts
Title: My products

Search URL Search Domain Scan URL

URL: https://help.trademe.co.nz/hc
Title: Help

Search URL Search Domain Scan URL

URL: https://trademe.nz/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78317
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78318
Title: Apps

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78319
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78320
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.trademe.co.nz/link.aspx?i=78321
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://help.trademe.co.nz/hc/categories/360000655232
Title: Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://legalthoughtbd.com/Images/Payments/ping-balance.svg HTTP 301
https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg

Request Chain 26

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flegalthoughtbd.com%2F&domain=legalthoughtbd.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=WHrCdnwxdzZFZmF4MUVQc3FzVElOVk45QkRVdVVaSHVad2RvRTBudlpmaUdwOE9ZV2R6WGI2K014TkpQNm5HdzhpYVJ1N1IxdVdLenh1Z2VrVW1NQzVjRnd4OWZhK3VlR2VGVUxiSVJINy9DWUtWYlBwTmJnc0gyWGNPWWF6YnRpY3JvaDJXRVJab1VOU0dpS2YxTU94Z1BQMzNIdlNSWGYxVGw5eTlvVzZ6MndlY1NpNmJqNXlhZU1TUFh1YzNCSFZ0dlRCMjVmaUVmQUtxN0l6c2g5dFVoNGtGZW54QVdxV2liTi9nQndvYnByTkRYUFIzRFl2OHE0QllCY3piMFZDVHFHfA&cppv=2

Request Chain 28

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dfp&endpoint=apac HTTP 302
https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac

Request Chain 35

https://secure-nz.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 38

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&gjid=1866099031&_gid=971167797.1594819883&_u=aGBAgAAj~&z=1992881058 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058&slf_rd=1&random=919034037

Request Chain 47

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-98354644bec6ea1982f8d5a8c50e37d2&tz=2 HTTP 302
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-98354644bec6ea1982f8d5a8c50e37d2&tz=2&ja=1

Request Chain 49

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884976 HTTP 301
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884976

Request Chain 50

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884980 HTTP 301
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884980

Request Chain 57

https://d3f5l8ze0o4j2m.cloudfront.net/m87/k33spt.js HTTP 301
https://www.staticcdn.co.nz/m87/k33spt.js

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request e4hul.htm Show response
legalthoughtbd.com/wp-admin/maint/mytrademe/ 49 KB
49 KB 292ms
94ms Document
text/html 104.193.142.80
INMOTI-1

General

Check archive.org

Show headers Download Go to

Full URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.142.80 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS
Software: Apache /
Resource Hash: cdca9397978d82b303eb47c408c5dac18ff79455bc41e67314f264891b4eb9e2

Request headers

Host: legalthoughtbd.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:19 GMT
Server: Apache
Last-Modified: Sat, 11 Jul 2020 03:10:30 GMT
Accept-Ranges: bytes
Content-Length: 50242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK jQuery-bdl Show response
www.trademe.co.nz/JavaScript/ 101 KB
51 KB 2122ms
610ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/jQuery-bdl?v=Q0zamtzUCaOkcfK9AkRLDh0wYek7PJ2-vkczkFeKvlU1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

06021d8aec850fc5a07f583db1bcad20bbb67cbac61107e509481fafd3d484a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:20 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:20 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 51033
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Common-bdl
www.trademe.co.nz/Styles/ 71 KB
22 KB 2061ms
585ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/Common-bdl?v=bczNkqZF7L2YFZMcNZkWzpUtJ95FRqsPDR3tesGY8uU1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

a46c27a1b49cf19fbe5c512716bb7340cf07ac137413a70cb9a0d409b358236b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:20 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:20 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 22096
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK old-site-wrapper-bdl
www.trademe.co.nz/Styles/ 418 KB
106 KB 2064ms
588ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

d4557c5d282a49832255aac86f160773c01d5b3c6adac0be1827cab8151bb2c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:20 GMT
Date: Wed, 15 Jul 2020 13:31:19 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:20 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 107474
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK blueFish-bdl
www.trademe.co.nz/Styles/ 68 KB
19 KB 2079ms
592ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/blueFish-bdl?v=ksp4cADbDQSBwxWZ1E7et7cvJWb_5wzJzfQOe3SH8U41

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

b51687b2f65536226234604891a13b26edc7f84cdfc9da91a419a7dc1b59a3b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:20 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:20 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 18796
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK property-sidebar-search-bdl
www.trademe.co.nz/Styles/Property/Sidebar/ 11 KB
4 KB 1792ms
303ms Stylesheet
text/css 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Styles/Property/Sidebar/property-sidebar-search-bdl?v=VEziZiGVDJhOMRCkYulAASt4adSOVvOFyyWmOrFqTBo1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

0c63b3065b61139291e48ed29dd61228e25edb7b4c82c789c53e21ecaf0404c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:20 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/css; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:20 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 3691
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK AdsChecker.js Show response
www.trademe.co.nz/Javascript/Ads/ 19 B
429 B 1818ms
307ms Script
application/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/Ads/AdsChecker.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:20 GMT
Last-Modified: Sun, 05 Jan 2020 20:10:32 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 19
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Init-bdl Show response
www.trademe.co.nz/JavaScript/Ads/ 911 B
2 KB 2092ms
299ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

122f5c14d70f3c5bef8416cf35536281cfe4611334637aa0ead43041e42cf14e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:21 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:21 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 911
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK SiteClock-bdl Show response
www.trademe.co.nz/JavaScript/ 1 KB
2 KB 2127ms
309ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/SiteClock-bdl?v=b2Keyrc_W89Z2FEdSqFN9drtzY8XTS_Sqxabu5OcJTA1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

5f857fc7e37732ef3132a9fdc01ecd6a4c614eb7d5f7a2c1528e4e4cb07c9b4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:21 GMT
Date: Wed, 15 Jul 2020 13:31:20 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:21 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 725
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK tm-logo-2016-594x116-v1.png
www.trademe.co.nz/images/new-brand-2016/common/ 8 KB
9 KB 304ms
302ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/new-brand-2016/common/tm-logo-2016-594x116-v1.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 723179aa7f40d71a484b10feb58814d6f3e2e535bec1bb1e5d4f047cbef3d884

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 8685
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK ping-logo.svg
www.trademe.co.nz/Images/Payments/ 5 KB
5 KB 308ms
307ms Image
image/svg+xml 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Payments/ping-logo.svg
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: bf933e84833a4f9dc896deea8a8a427503c3725df10be0b1a9e0b166ad665921

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/svg+xml
Content-Length: 5325
X-UA-Compatible: IE=Edge

GET
H/1.1

404
Not Found

ping-balance.svg
www.legalthoughtbd.com/Images/Payments/
Redirect Chain

https://legalthoughtbd.com/Images/Payments/ping-balance.svg
https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg

0
0

626ms
437ms

Image
text/html

104.193.142.80
INMOTI-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.142.80 Los Angeles, United States, ASN54641 (INMOTI-1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Server: Apache
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.legalthoughtbd.com/Images/Payments/ping-balance.svg
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK CookieHelper-bdl Show response
www.trademe.co.nz/Javascript/ 533 B
1 KB 307ms
307ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Javascript/CookieHelper-bdl?v=kRryoz--ZrPeC2NN6IPgkeOJfOvwBvFR72HZu7Ec65k1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

39d35057a4a2fda91aca7244a784fd8c2a84c056fc99f9130f0f4d1f9b6d288e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:22 GMT
Date: Wed, 15 Jul 2020 13:31:22 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:22 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 533
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK 1pixel.gif
www.trademe.co.nz/images/ 43 B
301 B 338ms
302ms Image
image/gif 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/1pixel.gif
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:23 GMT
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 43
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK MobileRedirectCleanUp-bdl Show response
www.trademe.co.nz/Javascript/Footer/ 412 B
1 KB 311ms
310ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/Javascript/Footer/MobileRedirectCleanUp-bdl?v=DCf_1QR-Q_krHZ8xTcbLODDPjIJFs3aR-kPeEFevqaw1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

2a7bbab360397f8fae61498d8ad0895d4e7dcfc66a632e5904c22577770f17e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:22 GMT
Date: Wed, 15 Jul 2020 13:31:21 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:22 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 412
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK TMCommon-bdl Show response
www.trademe.co.nz/JavaScript/ 74 KB
31 KB 299ms
298ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/TMCommon-bdl?v=Ooy0EvBMsd_3M8RPFgfO_8qfwEdAGO30MM0Vmb-KLuc1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

54f64036a4ba633bed6f4ad96fdff3633c37f237ad408f79d1be21886858bd78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:23 GMT
Date: Wed, 15 Jul 2020 13:31:22 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:23 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 30531
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK Ads5.js Show response
ads.trademe.co.nz/Javascript/ 8 KB
3 KB 2093ms
301ms Script
application/x-javascript 202.162.72.3
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trademe.co.nz/Javascript/Ads5.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 202.162.72.3 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 16ec8c024b49dd5463a80c83d3c85857d7b360a1add4e9845b241eb9d2f374e4

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 3177

GET
H/1.1 200
OK AdHandlers-bdl Show response
www.trademe.co.nz/JavaScript/ 2 KB
2 KB 299ms
297ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/AdHandlers-bdl?v=LYS0s675bnw1LQfxHhGhqiluizqegGZ0DugRLdQfKOI1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

5573d4a0ecf5dff081f8cf6b3ac301584fd06b900e311280d607cdfe19e38b3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:22 GMT
Date: Wed, 15 Jul 2020 13:31:22 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:22 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 952
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK TradeMeAds33.js Show response
ads.trademe.co.nz/JavaScript/ 16 KB
4 KB 2092ms
300ms Script
application/x-javascript 202.162.72.3
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.trademe.co.nz/JavaScript/TradeMeAds33.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 202.162.72.3 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b482bf27d45738dc0d8f8f36200077b8ee785abe85fd786c42b0d9df1143ff86

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:24 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 3991

GET
H/1.1 404
Not Found LoadAudienceSegs-bdl
www.trademe.co.nz/Javascript/ 0
0 364ms
361ms Script
text/html 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/LoadAudienceSegs-bdl?v=l9tA7PYZ7x0WrVx2o5LvusZBqGHDRaaftsF5Yq6fbaY1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK Dfp-bdl Show response
www.trademe.co.nz/JavaScript/Ads/ 4 KB
3 KB 311ms
309ms Script
text/javascript 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trademe.co.nz/JavaScript/Ads/Dfp-bdl?v=ZpuCHRtRbRheNydOh5FiSyJA3j2Nt0pMqewHx2F-rYs1

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),

Reverse DNS

Software

Resource Hash

df95df4cc58b1f550a44677491e48eff254ed850c54e70a8de08eaf28cb376e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; report=https://csp.tmcdn.co.nz/report

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 15 Jul 2020 13:31:22 GMT
Date: Wed, 15 Jul 2020 13:31:22 GMT
Vary: User-Agent, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Expires: Thu, 15 Jul 2021 13:31:22 GMT
Cache-Control: public
Content-Security-Policy: upgrade-insecure-requests
Connection: Keep-Alive
Content-Security-Policy-Report-Only: default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; report-uri https://csp.tmcdn.co.nz/report
Content-Length: 2133
X-XSS-Protection: 1; report=https://csp.tmcdn.co.nz/report
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156692/1002/ 281 KB
86 KB 34ms
16ms Script
text/javascript 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Requested by: Host: www.trademe.co.nz
URL: https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b3bc9de780c98a68237e0074c506646f4e9c851e8c5c67e24cf32ba549b02017

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 May 2020 03:42:01 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "16a0c99-4641b-5a5f80ff7adb1"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=109961
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 87613
Expires: Thu, 16 Jul 2020 20:04:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 721 KB
93 KB 95ms
95ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9540da81bf73f6dcb9ac6eae951fcc4160ae76b05cc5232cabf9b1ba3f56464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94800
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Jul 2020 13:31:23 GMT

GET
H/1.1 200
OK sprites-v4.2.png
www.trademe.co.nz/Images/Common/ 66 KB
66 KB 491ms
295ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites-v4.2.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 615ceb6319ee1a7601369300773c65b28505f563890290ad0c6197a9c6753898

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 67741
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sprites-v4.4.png
www.trademe.co.nz/Images/Common/ 71 KB
71 KB 513ms
298ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites-v4.4.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 36da47385ebce25b47f19117cf48f4739a5aaabde8fc793f274cb051a03fa1e6

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 72527
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sell-dropdown-hand.png
www.trademe.co.nz/images/loyalty/ 1 KB
2 KB 374ms
310ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/images/loyalty/sell-dropdown-hand.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: 04f5cbbdad3af0f77b8cbe51a04dde86296379329d8c987a15526422a6a41fa9

Request headers

Referer: https://www.trademe.co.nz/Styles/old-site-wrapper-bdl?v=A4uK8vYus9-TqK2yd6koyl1D8DocLsYZePWpVTBnjms1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:22 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1455
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK sprites_non-repeating_v19.png
www.trademe.co.nz/Images/Common/ 45 KB
45 KB 507ms
297ms Image
image/png 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trademe.co.nz/Images/Common/sprites_non-repeating_v19.png
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash: eecdeb4349604c7926f8c08ed6992a333f446db6843d5b563e35ba8d1ffb85d7

Request headers

Referer: https://www.trademe.co.nz/Styles/Common-bdl?v=bczNkqZF7L2YFZMcNZkWzpUtJ95FRqsPDR3tesGY8uU1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 13:31:23 GMT
Cache-Control: public,max-age=31536000
Last-Modified: Mon, 13 Jul 2020 01:41:56 GMT
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 45743
X-UA-Compatible: IE=Edge

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flegalthoughtbd.com%2F&domain=legalthoughtbd.com&cw=1
https://mug.criteo.com/sid?cpp=WHrCdnwxdzZFZmF4MUVQc3FzVElOVk45QkRVdVVaSHVad2RvRTBudlpmaUdwOE9ZV2R6WGI2K014TkpQNm5HdzhpYVJ1N1IxdVdLenh1Z2VrVW1NQzVjRnd4OWZhK3VlR2VGVUxiSVJINy9DWUtWYlBwTmJnc0gyWGNPWW...

422 B
715 B

207ms
24ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WHrCdnwxdzZFZmF4MUVQc3FzVElOVk45QkRVdVVaSHVad2RvRTBudlpmaUdwOE9ZV2R6WGI2K014TkpQNm5HdzhpYVJ1N1IxdVdLenh1Z2VrVW1NQzVjRnd4OWZhK3VlR2VGVUxiSVJINy9DWUtWYlBwTmJnc0gyWGNPWWF6YnRpY3JvaDJXRVJab1VOU0dpS2YxTU94Z1BQMzNIdlNSWGYxVGw5eTlvVzZ6MndlY1NpNmJqNXlhZU1TUFh1YzNCSFZ0dlRCMjVmaUVmQUtxN0l6c2g5dFVoNGtGZW54QVdxV2liTi9nQndvYnByTkRYUFIzRFl2OHE0QllCY3piMFZDVHFHfA&cppv=2

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

93b46e3225a05e286e04f32da5f8a624ec0e97b23214b84ea0c31458f8f66d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 15 Jul 2020 13:31:22 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1329
content-length: 422
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Wed, 15 Jul 2020 13:31:22 GMT
location: https://mug.criteo.com/sid?cpp=WHrCdnwxdzZFZmF4MUVQc3FzVElOVk45QkRVdVVaSHVad2RvRTBudlpmaUdwOE9ZV2R6WGI2K014TkpQNm5HdzhpYVJ1N1IxdVdLenh1Z2VrVW1NQzVjRnd4OWZhK3VlR2VGVUxiSVJINy9DWUtWYlBwTmJnc0gyWGNPWWF6YnRpY3JvaDJXRVJab1VOU0dpS2YxTU94Z1BQMzNIdlNSWGYxVGw5eTlvVzZ6MndlY1NpNmJqNXlhZU1TUFh1YzNCSFZ0dlRCMjVmaUVmQUtxN0l6c2g5dFVoNGtGZW54QVdxV2liTi9nQndvYnByTkRYUFIzRFl2OHE0QllCY3piMFZDVHFHfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://legalthoughtbd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 988
content-length: 509
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
16 KB 66ms
42ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.trademe.co.nz
URL: https://www.trademe.co.nz/JavaScript/Ads/Init-bdl?v=4FqcpZmLjoYXxCUN_zoRIOHVDP9QJ3ukObF5439b64Q1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b961bde8d193a5ba0a27d6552834ff1580ac914a4f76906c5599280214fd9f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "571 / 65 of 1000 / last-modified: 1594764899"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16412
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:31:23 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 03C3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=dfp&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac

0
0

28ms
8ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9232
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=72507
Expires: Thu, 16 Jul 2020 09:39:50 GMT
Date: Wed, 15 Jul 2020 13:31:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=dfp&endpoint=apac
Date: Wed, 15 Jul 2020 13:31:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=legalthoughtbd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=legalthoughtbd.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020070801.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
89 KB 43ms
43ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 15:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90527
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:31:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
46 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8RZQCW6NQC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee579d16724936c977b275a14ab54bdba4420d813f190e635cd9907f72bfa857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46561
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:31:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMC2M2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 2105
date: Wed, 15 Jul 2020 12:56:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 15 Jul 2020 14:56:18 GMT

GET
H2 200 controltag Show response
cdn.krxd.net/ 24 KB
7 KB 23ms
7ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag?confid=J6xELiDv
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2244e4420d5c8643bfeac7447eaa20793a09c7d19325142950fce443b959bd36

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
age: 1106
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 6830
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5134-BWI, cache-hhn4035-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1594819883.129965,VS0,VE1
etag: "872779106b03a3e660fd2500d494a1bcd0702ef5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-nz.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
22 KB

29ms
12ms

Script
application/javascript

2600:9000:21f3:f200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
etag: "485e22c0ad60bcb2677b2f8f9b011e61"
age: 72977
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 21675
last-modified: Mon, 04 May 2020 13:03:46 GMT
server: AmazonS3
date: Tue, 14 Jul 2020 17:15:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: lGs_id1vJa6GrIIrSGLnJ2CJYJaljo16cIAmF_RTRS2pw9G7xxXm4w==

Redirect headers

status: 301
date: Wed, 15 Jul 2020 13:31:23 GMT
server: awselb/2.0
content-length: 150
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-type: text/html

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
920 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1448
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 15 Jul 2020 14:07:15 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=193588389&t=pageview&_s=1&dl=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&ul=en-us&de=UTF-8&dt=-Verify%20Email-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=1219987700&gjid=1866099031&cid=1623658167.1594819883&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&tid=UA-10222729-2&_gid=971167797.1594819883&gtm=2wg783KMC2M2&cd6=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&cd32=&cd98=a4bb8c46-d96e-45c1-ab64-b72577053544&cd111=1594819883109.83jajbl&cd134=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&cd90=1623658167.1594819883&z=1433171510

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Jul 2020 16:59:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 333142
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&gjid=1866099031&...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058&slf_rd=1&random=919034037

42 B
106 B

17ms
16ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058&slf_rd=1&random=919034037

Requested by

Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10222729-2&cid=1623658167.1594819883&jid=1219987700&_v=j83&z=1992881058&slf_rd=1&random=919034037
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 7ms
7ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag?confid=J6xELiDv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
age: 10881249
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 1261803
content-length: 81295
x-served-by: cache-hhn4035-HHN
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1594819883.139800,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 8C7A 0
0 7ms
6ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 15 Jul 2020 13:31:23 GMT
via: 1.1 varnish
age: 33314646
x-served-by: cache-hhn4035-HHN
x-cache: HIT
x-cache-hits: 366914
x-timer: S1594819883.186129,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

POST
H2 204 collect
www.google-analytics.com/g/ 0
110 B 13ms
13ms Other
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8RZQCW6NQC&gtm=2oe783&_p=193588389&sr=1600x1200&ul=en-us&cid=1623658167.1594819883&_s=1&dl=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&dr=&dt=-Verify%20Email-&uid=fMho68TM5EmyEQB5Qny5NyrbDq0YjNA7ajBAO%2BmDJjE%3D&sid=1594819883&sct=1&seg=0&en=page_view&_fv=2&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZQCW6NQC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:23 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://legalthoughtbd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 39 B
502 B 27ms
8ms XHR
application/json 13.225.78.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=trademe&url=https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Requested by

Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.40 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

998663e0e19f3ee6372475d80eef684e9d6125adc9ff16361cb288109b4308ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 03:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35665
x-cache: Hit from cloudfront
status: 200
vary: Accept-Encoding
content-length: 61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-frame-options: DENY
strict-transport-security: max-age=25920000; includeSubDomains
content-type: application/json; charset=utf-8
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jvXO62GuMAayUfk62r2TNCaCHOhHbmrflvCB4J4lMcRJmHiA_HqXpA==

GET
H2 200 storageframe.html
secure-nz.imrworldwide.com/ Frame 4AF0 0
0 29ms
28ms Document
text/html 52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-nz.imrworldwide.com/storageframe.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-nz.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
date: Wed, 15 Jul 2020 13:31:23 GMT
content-type: text/html
content-length: 3489
server: nginx
last-modified: Wed, 08 Jul 2020 13:40:45 GMT
etag: "5f05ccdd-da1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:f200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76812ec085f003144677579efef7025ec438fd0e5234416a1f9b43e30772a650

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: WAMYMvWVgoeX5EF3YU12FfQGcEoxiJ.j
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 11:20:50 GMT
server: AmazonS3
age: 3535
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400,s-maxage=86400
date: Wed, 15 Jul 2020 13:29:40 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CpqQ7LDOiDMnWYg-DRdyV6DNdiApxV_I7AQEHGui-r2BgKI9ed1lnw==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

GET
H2 200 5660da52-17e3-4f8d-b874-22185ed740ef Show response
consumer.krxd.net/consent/get/ 220 B
250 B 21ms
21ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5660da52-17e3-4f8d-b874-22185ed740ef?idt=device&dt=kxcookie&callback=Krux.ns.trademe.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19ff84acbba694ceccfdb99410b8d47ad035230d1ca9f1e793608b6cf0914d27

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:23 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4053-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1594819883.280064,VS0,VE14
content-length: 179
via: 1.1 varnish
x-cache-hits: 0, 1

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 169 KB
48 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:f200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _TBFRDn7APMbcIQKhNYOaYN.Z7QDvCXX
content-encoding: gzip
last-modified: Mon, 18 May 2020 13:14:44 GMT
server: AmazonS3
age: 2078
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Wed, 15 Jul 2020 13:17:53 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 5dQNP1C9nXefOzstOzVDKPtWfW0I1jrni8A49VpwaPvRLhEyKmAa8w==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

GET
H2

200

m
secure-nz.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytr...
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytr...

44 B
332 B

30ms
29ms

Image
image/gif

52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-98354644bec6ea1982f8d5a8c50e37d2&tz=2&ja=1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:23 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:23 GMT
server: nginx
status: 302
location: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1594819883297&ci=trademe&js=1&cg=0&ts=Ads5.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&sr=1600x1200&id=lstrg-98354644bec6ea1982f8d5a8c50e37d2&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 7669 0
0 7ms
6ms Document
text/html 2600:9000:21f3:f200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=79c206c0-c69f-11ea-9de4-5b15166cad0a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
content-type: text/html
last-modified: Mon, 18 May 2020 13:14:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: t0iAJ.us3seneTWybK060JuRB0ic7IIo
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Jul 2020 13:06:40 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: U5LED58jytdYqJs0n_tb0h4zILF5RoY60J8vypy68jSo-3f3gjs6rQ==
age: 1484

GET

LogJavaScriptError.ashx
www.legalthoughtbd.com/API/Ajax/
Redirect Chain

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884976
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884976

0
0

GET

LogJavaScriptError.ashx
www.legalthoughtbd.com/API/Ajax/
Redirect Chain

https://legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884980
https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884980

0
0

GET
H/1.1 404
Not Found LoadAudienceSegs-bdl
www.trademe.co.nz/Javascript/ 0
0 351ms
351ms Script
text/html 122.252.191.120
TRADEME-AS-NZ Tra...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trademe.co.nz/Javascript/LoadAudienceSegs-bdl?v=l9tA7PYZ7x0WrVx2o5LvusZBqGHDRaaftsF5Yq6fbaY1
Requested by: Host: legalthoughtbd.com
URL: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 122.252.191.120 , New Zealand, ASN9834 (TRADEME-AS-NZ Trade Me Limited, NZ),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
545 B 88ms
30ms XHR
application/json 52.212.184.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.184.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7232c2e4233350e6901387e51b3183cb0e104447aece4c47e20efccd8bd3ddfd

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Jul 2020 13:31:25 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://legalthoughtbd.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 14 Aug 2020 13:31:25 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 57ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 15 Jul 2020 13:31:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://legalthoughtbd.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
748 B 54ms
19ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:31:27 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid: 33c021e7-9b14-4700-9222-91900c5035bc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 350 B
3 KB 162ms
117ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10998&site_id=178620&zone_id=1048818&size_id=2%3B9&tpid_tdid=f2fed278-d6b9-4eea-ad4d-b9d908080909&rf=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&tk_flint=pbjs_lite_v3.14.0&x_source.tid=dbd35ac6-68f1-4043-ad68-1fd78573fd91%3B986057c5-7229-4a48-9427-c631c57bb5bd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=2&rand=0.3105053009524845
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f28c0179985676b7b83cefff2f58635c8d2f305a2980f371a1a28995dd29c9a7

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:31:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 350
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
239 B 98ms
31ms Script
text/javascript 34.248.199.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.trademe.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.199.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 70149c755e120b29af12e870e869e3de55f56615693dbeb5f00f3dc2572a484e

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 15 Jul 2020 13:31:25 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=26 t=1594819885
content-type: text/javascript
x-served-by: beacon-n013-dub-prod.krxd.net

GET
H2

200

k33spt.js Show response
www.staticcdn.co.nz/m87/
Redirect Chain

https://d3f5l8ze0o4j2m.cloudfront.net/m87/k33spt.js
https://www.staticcdn.co.nz/m87/k33spt.js

2 KB
1 KB

140ms
12ms

Script
application/javascript

13.225.78.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.staticcdn.co.nz/m87/k33spt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bd9b6b83dfe8d6fa47ba53b4e2fe84e0aab75407eea6fbe7c1dcddc4a2ed74

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mhtNXPp7ZB6KB1iLzLUUK14FA2zj0Cz9
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 05:00:59 GMT
server: AmazonS3
age: 131291
date: Tue, 14 Jul 2020 01:03:14 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ETqdPvyt1GOLMPqlAPTbqI7xUFBSaEPtnOMv-zA-kKvuT0ehW9Kd5A==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

Redirect headers

date: Wed, 15 Jul 2020 06:43:43 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
server: AmazonS3
age: 24463
status: 301
x-cache: Hit from cloudfront
location: https://www.staticcdn.co.nz/m87/k33spt.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: 9vX0mKghAnXgHPHxCw1JzQGA_vvNJo9XuDQrvba0LGimYzrE2YcUKQ==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
15 KB 456ms
456ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4484523146033770&correlator=2705547214472012&output=ldjh&impl=fifs&adsid=NT&hxva=1&scor=1168988010559604&vrg=2020070801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200715&iu_parts=150718986%2Ctm-web%2Cmy-trade-me&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=728x90%2C160x600&fsfs=1%2C1&fsbs=1%2C1&ppid=bf979a9a2bcd42a8b797655cf58dae5a&prev_scp=pos%3D1%26pwtsid_pubmatic%3D77d9317743a102%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpos%3D1%26pwtsid_pubmatic%3D8eeaf58a5014c5%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cust_params=p%3D2%26env%3Dproduction%26c%3D15%26dd%3D2140%26i%3D4%26e%3Dc%26q%3D6%26dm%3D4%26jc%3D2%26ptype%3Dmtm%26altcat%3Dmy-trade-me%26domain%3Dlegalthoughtbd.com%26pageurl%3Dwp-admin%252Cmaint%252Cmytrademe%252Ce4hul.htm%26querystring%3D%26protocol%3Dhttps%26pwtuid%3D%257B%2522pubcid%2522%253A%252297840142-bfba-4e49-a6ed-59c9b236bf28%2522%252C%2522tdid%2522%253A%2522f2fed278-d6b9-4eea-ad4d-b9d908080909%2522%257D&cookie_enabled=1&bc=31&abxe=1&lmt=1594437030&dt=1594819885541&dlt=1594819879277&idt=3936&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C331&adys=13%2C642&adks=1833385390%2C4199633226&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&dssz=45&icsg=567111843840&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C180x626&msz=728x-1%7C160x-1&ga_vid=1623658167.1594819883&ga_sid=1594819886&ga_hid=193588389&fws=0%2C0&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5feeefaf8098143338384d1513b4590ee264b6e156361476d946ed686c72e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14921
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://legalthoughtbd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 33ms
13ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CE75 0
0 447ms
427ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 15 Jul 2021 13:31:25 GMT
Date: Wed, 15 Jul 2020 13:31:25 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 20CA 0
0 9ms
9ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=120115
Expires: Thu, 16 Jul 2020 22:53:20 GMT
Date: Wed, 15 Jul 2020 13:31:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame D8CC 0
0 9ms
9ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KCNEKZ8F-1M-5MJ; rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhLqCtjDNRTpP3Ow53wYWQO2qPRMedZb7lho/RRR2s2jWpYWaqeROXM3r9QV20o10JuQw19gMkasvdREJwzG6oEKZcU6zjSqm3MjDFVf/xlH9h; ses2=; vis2=178620^1; audit=1|hLZGFuTafB3CkWBfsSz7y/vNZcUr9Gqcgy/ha6BR92tQ4E/aK3iZYEfTiWE5SUubzzepYJTMuJ8mGweUluV0N7QzwyhhPHL4pmvllXEtYN4=; ses9=; vis9=178620^1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9232
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=72505
Expires: Thu, 16 Jul 2020 09:39:50 GMT
Date: Wed, 15 Jul 2020 13:31:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 container.html
12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AD11 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jul 2020 13:31:25 GMT
expires: Thu, 15 Jul 2021 13:31:25 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012006300332000/ 20 KB
7 KB 52ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012006300332000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8b09df3da5b5d3ff191e657a4612f27241e4ddfb5a9dd488923b159eb954ab

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 584574
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7252
x-xss-protection: 0
server: sffe
date: Wed, 08 Jul 2020 19:08:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d09580ada292c83d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jul 2021 19:08:32 GMT

GET
H2 200 container.html
12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 16D0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 15 Jul 2020 13:31:25 GMT
expires: Thu, 15 Jul 2021 13:31:25 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8822e68b638fdf628618044e276158a8ccf593edc6c2f48c5bc6fe1c805695e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Jul 2020 13:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5608
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 13:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 15 Jul 2020 13:31:26 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame F97D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 15 Jul 2020 12:32:28 GMT
expires: Thu, 15 Jul 2021 12:32:28 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3538
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=4484523146033770&bg=!YWKlYnpYFHpoGWYQwckCAAAATVIAAAARmQGDZrjQ5uCSDRucLBkGwBEe4DSDCKn9ry0Wk9butoh7DYjBJimsGWJNB5Y5x09Lv7Uqw0QsV-6d40KfNcrZKXGIpScvqj-OPotP3tctJ3FniGzNl_ADxHS1q0zIYgyMi-MfXiSjB_Ig0NAl7AAWp_umpvYbZiaBMaOKl1N0JjRnpRN4nTZkliDQnDniVR6aCvl_Wj766u7QTsbhxm_SRSv7d7VlKrlmKP9a3H0e_REaQ3WSnayESorLwLHvnRZ_LjF0g-Qx8xWMEiJ1gIkcI4MJO-AiTWapbG1ud_5CPYXCRoYIxxHgGawjFsIiuOeCduM9lv5EFd0jqm5Eb6M44RcAbIgokNrCModaFkLGc0ZesTJGxH-j05g9GTH8aCROd8pbSA6W_Q-QYMM601Zul_07aeI8oIISpXmzCfNZhMLghyteRTKNyVgeJb2Tffq1sLCpE32pvMfEeS9KGdiyln1PsyidvPsJDnogaC4PIsk1KQTevypc9lRLj33KuSVN0yOiACDl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-nz.imrworldwide.com/cgi-bin/ 44 B
524 B 31ms
31ms Image
image/gif 52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910615&ch=nz-910615_b99_0&sessionId=56QxSjINq7AW9driOjGTEtWAvSHgO1594819883&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,FdSQUnSSDDqZx4FiPk0VlF9jqqOwX1594819885&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,15948198833337992&c30=bldv,6.0.0.506&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Flegalthoughtbd.com%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1594819887&rnd=442536
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Jul 2020 13:31:27 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
337 B 56ms
14ms XHR
text/plain 185.64.189.244
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156692
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://legalthoughtbd.com/wp-admin/maint/mytrademe/e4hul.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 15 Jul 2020 13:31:28 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://legalthoughtbd.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.legalthoughtbd.com
URL: https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884976

Domain: www.legalthoughtbd.com
URL: https://www.legalthoughtbd.com/API/Ajax/LogJavaScriptError.ashx?referrer=%2Fwp-admin%2Fmaint%2Fmytrademe%2Fe4hul.htm&error=Script+error.&line=0&_=1594819884980

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Trademe (Online)

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-19 20:21:55	Name: IMRID Value: 79c206c0-c69f-11ea-9de4-5b15166cad0a
.krxd.net/	1970-01-19 15:19:31	Name: _kuid_ Value: Nhk6yNw2
legalthoughtbd.com/	1970-01-19 12:26:43	Name: PubMatic-UnifiedId Value: %7B%22TDID%22%3A%22f2fed278-d6b9-4eea-ad4d-b9d908080909%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222020-07-15T13%3A31%3A25%22%7D
legalthoughtbd.com/	1970-01-19 20:22:03	Name: cto_bundle Value: 10YUL19WRXpHd0VBWkh0JTJCUTQ5ZDZwZWd6OW12aGJDNGlWRWdVbHZUSU1ZbUxrZGpVTUw0NzdEQlFiTEE4OFUzbm1GRlozQkklMkJvJTJCRE9jQWNuQTN4YnRrdnVCUUc4YkxzN05TU1ZIRE15USUyRkc4UFZMNEMlMkJpdGJnaHk3U210SHV6JTJGUjE1aHUyaXNITkJ3SDN1UE1OQnB3JTJCU2dmZyUzRCUzRA
.legalthoughtbd.com/	1970-01-19 11:00:19	Name: _dc_gtm_UA-10222729-2 Value: 1
.legalthoughtbd.com/	1970-01-19 11:01:46	Name: _gid Value: GA1.2.971167797.1594819883
.legalthoughtbd.com/	1970-01-20 04:31:31	Name: _ga_8RZQCW6NQC Value: GS1.1.1594819883.1.0.1594819883.0
.legalthoughtbd.com/	1970-01-20 04:31:31	Name: _ga Value: GA1.1.1623658167.1594819883
legalthoughtbd.com/	1970-01-19 15:19:31	Name: _pubcid Value: 97840142-bfba-4e49-a6ed-59c9b236bf28
.imrworldwide.com/	1970-01-19 20:21:55	Name: SSCVER Value: v1
legalthoughtbd.com/	1970-01-19 20:22:03	Name: cto_bidid Value: FgB93V9KWDdDQTZ2MlpZQ2JVNE5lVnR6TExrcUJwWDNyeXhHcHBFRlY1S2hncXclMkZzNWtIUjdNQ0FqWmd4d1B1NEl0VU9NJTJGeUhOU0R4TmpJSTM5dHRCa2twVHJsUSUyRlJ6V2YwNCUyRkwyWU4wYWVvMzEwJTNE
.legalthoughtbd.com/	1970-01-19 13:09:55	Name: _gcl_au Value: 1.1.899594042.1594819883

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/156692/1002/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12bca64b3526d82532df36a840d9ffd8.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.trademe.co.nz
adservice.google.com
adservice.google.de
beacon.krxd.net
bee.imrworldwide.com
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
consumer.krxd.net
d3f5l8ze0o4j2m.cloudfront.net
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
legalthoughtbd.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
secure-assets.rubiconproject.com
secure-nz.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.pubmatic.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.legalthoughtbd.com
www.staticcdn.co.nz
www.trademe.co.nz
www.legalthoughtbd.com
104.111.230.142
104.193.142.80
122.252.191.120
13.224.186.208
13.225.78.39
13.225.78.40
151.101.114.133
178.250.0.157
185.33.221.13
185.64.189.112
185.64.189.244
202.162.72.3
216.58.212.162
23.210.249.83
23.210.249.92
23.5.109.251
2600:9000:21f3:f200:2:42d9:3100:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:814::2001
2a00:1450:4001:815::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c00::9b
2a02:2638::1c
34.248.199.171
52.212.184.249
52.49.227.144
69.173.144.140
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f5cbbdad3af0f77b8cbe51a04dde86296379329d8c987a15526422a6a41fa9
06021d8aec850fc5a07f583db1bcad20bbb67cbac61107e509481fafd3d484a8
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c63b3065b61139291e48ed29dd61228e25edb7b4c82c789c53e21ecaf0404c8
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
122f5c14d70f3c5bef8416cf35536281cfe4611334637aa0ead43041e42cf14e
16ec8c024b49dd5463a80c83d3c85857d7b360a1add4e9845b241eb9d2f374e4
19ff84acbba694ceccfdb99410b8d47ad035230d1ca9f1e793608b6cf0914d27
2244e4420d5c8643bfeac7447eaa20793a09c7d19325142950fce443b959bd36
2a7bbab360397f8fae61498d8ad0895d4e7dcfc66a632e5904c22577770f17e7
36da47385ebce25b47f19117cf48f4739a5aaabde8fc793f274cb051a03fa1e6
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
39d35057a4a2fda91aca7244a784fd8c2a84c056fc99f9130f0f4d1f9b6d288e
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8
54f64036a4ba633bed6f4ad96fdff3633c37f237ad408f79d1be21886858bd78
5573d4a0ecf5dff081f8cf6b3ac301584fd06b900e311280d607cdfe19e38b3a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f857fc7e37732ef3132a9fdc01ecd6a4c614eb7d5f7a2c1528e4e4cb07c9b4d
615ceb6319ee1a7601369300773c65b28505f563890290ad0c6197a9c6753898
70149c755e120b29af12e870e869e3de55f56615693dbeb5f00f3dc2572a484e
723179aa7f40d71a484b10feb58814d6f3e2e535bec1bb1e5d4f047cbef3d884
7232c2e4233350e6901387e51b3183cb0e104447aece4c47e20efccd8bd3ddfd
76812ec085f003144677579efef7025ec438fd0e5234416a1f9b43e30772a650
7b8b09df3da5b5d3ff191e657a4612f27241e4ddfb5a9dd488923b159eb954ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8822e68b638fdf628618044e276158a8ccf593edc6c2f48c5bc6fe1c805695e0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b46e3225a05e286e04f32da5f8a624ec0e97b23214b84ea0c31458f8f66d99
998663e0e19f3ee6372475d80eef684e9d6125adc9ff16361cb288109b4308ed
a1d88b2c952b790f5f23473c63ef99473327d02e11ebe174799ad912db08f629
a46c27a1b49cf19fbe5c512716bb7340cf07ac137413a70cb9a0d409b358236b
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
b3bc9de780c98a68237e0074c506646f4e9c851e8c5c67e24cf32ba549b02017
b482bf27d45738dc0d8f8f36200077b8ee785abe85fd786c42b0d9df1143ff86
b51687b2f65536226234604891a13b26edc7f84cdfc9da91a419a7dc1b59a3b9
b5feeefaf8098143338384d1513b4590ee264b6e156361476d946ed686c72e23
b961bde8d193a5ba0a27d6552834ff1580ac914a4f76906c5599280214fd9f23
bf933e84833a4f9dc896deea8a8a427503c3725df10be0b1a9e0b166ad665921
cdca9397978d82b303eb47c408c5dac18ff79455bc41e67314f264891b4eb9e2
d4557c5d282a49832255aac86f160773c01d5b3c6adac0be1827cab8151bb2c7
df95df4cc58b1f550a44677491e48eff254ed850c54e70a8de08eaf28cb376e0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee579d16724936c977b275a14ab54bdba4420d813f190e635cd9907f72bfa857
eecdeb4349604c7926f8c08ed6992a333f446db6843d5b563e35ba8d1ffb85d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28c0179985676b7b83cefff2f58635c8d2f305a2980f371a1a28995dd29c9a7
f3bd9b6b83dfe8d6fa47ba53b4e2fe84e0aab75407eea6fbe7c1dcddc4a2ed74
f9540da81bf73f6dcb9ac6eae951fcc4160ae76b05cc5232cabf9b1ba3f56464
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

legalthoughtbd.com Open in urlscan Pro 104.193.142.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

38 %IPv6

18 Domains

35 Subdomains

28 IPs

8 Countries

1051 kBTransfer

3107 kBSize

12 Cookies

25 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

legalthoughtbd.com Open in urlscan Pro
104.193.142.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

38 %
IPv6

18
Domains

35
Subdomains

28
IPs

8
Countries

1051 kB
Transfer

3107 kB
Size

12
Cookies

74 HTTP transactions
0 data transactions