URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTn...
Submission: On January 27 via manual from US — Scanned from DE

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 199.255.231.164, located in Lake Saint Louis, United States and belongs to NETAS-STL, US. The main domain is cportal.cordelllaw.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 6th 2023. Valid for: a year.
This is the only time cportal.cordelllaw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
11 cordelllaw.com
cportal.cordelllaw.com
466 KB
3 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 570
region1.google-analytics.com — Cisco Umbrella Rank: 2029
18 KB
2 visualstudio.com
dc.services.visualstudio.com
204 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
153 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
337 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383
22 KB
19 6
Domain Requested by
11 cportal.cordelllaw.com cportal.cordelllaw.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 ssl.google-analytics.com 1 redirects cportal.cordelllaw.com
2 www.googletagmanager.com cportal.cordelllaw.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net cportal.cordelllaw.com
1 az416426.vo.msecnd.net cportal.cordelllaw.com
19 7

This site contains no links.

Subject Issuer Validity Valid
cportal.cordelllaw.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-06 -
2024-04-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2023-05-05 -
2024-04-28
a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08
2023-11-16 -
2024-11-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Frame ID: 9B6D5BD759F22E4ED8F8C740D01A1AA0
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Cordell Client Intake Form

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

659 kB
Transfer

1054 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2135306179&utmhn=cportal.cordelllaw.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Cordell%20Client%20Intake%20Form&utmhid=426732354&utmr=-&utmp=%2Fintake%2FIntakeForm.aspx%3Foffice%3D163%26consult%3DXfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu&utmht=1706378194258&utmac=UA-8867604-3&utmcc=__utma%3D76040135.1616150906.1706378194.1706378194.1706378194.1%3B%2B__utmz%3D76040135.1706378194.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=130607597&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8867604-3&cid=1616150906.1706378194&jid=130607597&_v=5.7.2&z=2135306179

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request IntakeForm.aspx
cportal.cordelllaw.com/intake/
101 KB
101 KB
Document
General
Full URL
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6f49b1d59fb7731c19aff3bfad58bac4cf73fc7d9620b407f233f15b3ab2a697
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
no-cache, no-store
content-length
102985
content-type
text/html; charset=utf-8
date
Sat, 27 Jan 2024 17:56:12 GMT
expires
-1
pragma
no-cache
request-context
appId=cid-v1:257a38f5-500f-49f8-a736-ca6dadaf8c9c
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
bootstrap_3.3.6.min.css
cportal.cordelllaw.com/intake/css/lib/
118 KB
119 KB
Stylesheet
General
Full URL
https://cportal.cordelllaw.com/intake/css/lib/bootstrap_3.3.6.min.css
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4be77fb2a6ae4ecfa4675de4288f129d872edb9f6789cde73a9196b466061a0e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
121267
bootstrap-datepicker_1.6.1.min.css
cportal.cordelllaw.com/intake/css/lib/
15 KB
15 KB
Stylesheet
General
Full URL
https://cportal.cordelllaw.com/intake/css/lib/bootstrap-datepicker_1.6.1.min.css
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ed79175455a744d21946c457b524feecd9792d93b89208aa634524a764cffe1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
15804
intake-form.css
cportal.cordelllaw.com/intake/css/
3 KB
3 KB
Stylesheet
General
Full URL
https://cportal.cordelllaw.com/intake/css/intake-form.css
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b644a28c1dc8a442c6aadae9950df63403fb3f8055623ddc9487e30041740e1a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
2665
modernizr_2.8.3.min.js
cportal.cordelllaw.com/intake/js/lib/
11 KB
11 KB
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/lib/modernizr_2.8.3.min.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
563c8643d305615f7d28223d43e00e21b5af99ab8cf9982165fece1736f474ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
11086
MainLogo.png
cportal.cordelllaw.com/images/
11 KB
12 KB
Image
General
Full URL
https://cportal.cordelllaw.com/images/MainLogo.png
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5bb9d8d005ed5f2079ca27726a5ebf1ba504bdebed283abc295a4289f9a9b31f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
11765
gtm.js
www.googletagmanager.com/
172 KB
62 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MLB8R75T
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a30b48a7384a81d6fa42631834442e0e1e4365fef733d98f5eca45e149cb1544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62811
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Jan 2024 17:56:34 GMT
jquery_1.12.4.min.js
cportal.cordelllaw.com/intake/js/lib/
95 KB
95 KB
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/lib/jquery_1.12.4.min.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
97168
jquery-deparam.min.js
cportal.cordelllaw.com/intake/js/lib/
886 B
927 B
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/lib/jquery-deparam.min.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94391d85716ca75bb3b64cf7411e1df235306cad1b986414a2d429381262431f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
886
bootstrap_3.3.6.min.js
cportal.cordelllaw.com/intake/js/lib/
36 KB
36 KB
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/lib/bootstrap_3.3.6.min.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
214c9901e85e6b004c8dc82dfb8af5c399d14a04649f3ca815eee1c65c9b34ba
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
36876
bootstrap-datepicker_1.6.1.min.js
cportal.cordelllaw.com/intake/js/lib/
33 KB
33 KB
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/lib/bootstrap-datepicker_1.6.1.min.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
53b28249b3275e0e221a997da22bc44d158efc7c920b5fab97ad2c5d81f54a5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
34139
intake-form.js
cportal.cordelllaw.com/intake/js/
40 KB
40 KB
Script
General
Full URL
https://cportal.cordelllaw.com/intake/js/intake-form.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.255.231.164 Lake Saint Louis, United States, ASN27240 (NETAS-STL, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c4ec66c500e93a9e00832a08a3a23d3d2731831bf65e54c8a4dbefa471c4a20
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:12 GMT
last-modified
Wed, 20 Dec 2023 13:50:20 GMT
server
Microsoft-IIS/10.0
etag
"0769d784b33da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
40973
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 27 Jan 2024 17:49:54 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
400
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 27 Jan 2024 19:49:54 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 17:56:34 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
359
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5ff37747-401e-0062-1749-518cad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 27 Jan 2024 18:26:34 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2135306179&utmhn=cportal.cordelllaw.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8867604-3&cid=1616150906.1706378194&jid=130607597&_v=5.7.2&z=2135306179
35 B
337 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8867604-3&cid=1616150906.1706378194&jid=130607597&_v=5.7.2&z=2135306179
Requested by
Host: cportal.cordelllaw.com
URL: https://cportal.cordelllaw.com/intake/IntakeForm.aspx?office=163&consult=XfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu
Protocol
H2
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 27 Jan 2024 17:56:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 17:56:34 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8867604-3&cid=1616150906.1706378194&jid=130607597&_v=5.7.2&z=2135306179
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
277 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-79NK4JYHT6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLB8R75T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f082ebbfd38225ed9e9ec1acd52dddca3120aac3c8379611bdc172e707f3585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:56:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93719
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 17:56:34 GMT
collect
region1.google-analytics.com/g/
0
259 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-79NK4JYHT6&gtm=45je41o0v9146050614z89145868517&_p=1706378193757&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1422052273.1706378194&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706378194&sct=1&seg=0&dl=https%3A%2F%2Fcportal.cordelllaw.com%2Fintake%2FIntakeForm.aspx%3Foffice%3D163%26consult%3DXfgVvBD94WAQonGIknR8MDlziDgF9lPB9mwvwNrhdj48Qf3toIPmTnOqMqnDPuNu&dt=Cordell%20Client%20Intake%20Form&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2279
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-79NK4JYHT6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cportal.cordelllaw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 17:56:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cportal.cordelllaw.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
266 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
dc.services.visualstudio.com/v2/
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://cportal.cordelllaw.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sat, 27 Jan 2024 17:56:37 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/
96 B
204 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 -, , ASN (),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
87c19f8b94da453287d25f49d19e78635ea3ce6739ba2f2c9e4cb7b87b900df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://cportal.cordelllaw.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 17:56:37 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-length
96
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| html5 object| Modernizr object| _gaq object| appInsights object| intake function| $ function| jQuery object| _gat object| gaGlobal object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| jQuery1124001395185814739297

10 Cookies

Domain/Path Name / Value
cportal.cordelllaw.com/ Name: ASP.NET_SessionId
Value: 5y3td5gmnkgesaadrmzwa01y
.cportal.cordelllaw.com/ Name: __utma
Value: 76040135.1616150906.1706378194.1706378194.1706378194.1
.cportal.cordelllaw.com/ Name: __utmc
Value: 76040135
.cportal.cordelllaw.com/ Name: __utmz
Value: 76040135.1706378194.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.cportal.cordelllaw.com/ Name: __utmt
Value: 1
.cportal.cordelllaw.com/ Name: __utmb
Value: 76040135.1.10.1706378194
cportal.cordelllaw.com/ Name: ai_user
Value: rKOmp|2024-01-27T17:56:34.261Z
.cordelllaw.com/ Name: _ga_79NK4JYHT6
Value: GS1.1.1706378194.1.0.1706378194.0.0.0
.cordelllaw.com/ Name: _ga
Value: GA1.1.1422052273.1706378194
cportal.cordelllaw.com/ Name: ai_session
Value: hobuL|1706378194368.7|1706378194368.7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cportal.cordelllaw.com
dc.services.visualstudio.com
region1.google-analytics.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.googletagmanager.com
199.255.231.164
20.50.88.241
2001:4860:4802:32::36
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:810::2008
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
214c9901e85e6b004c8dc82dfb8af5c399d14a04649f3ca815eee1c65c9b34ba
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
3c4ec66c500e93a9e00832a08a3a23d3d2731831bf65e54c8a4dbefa471c4a20
3f082ebbfd38225ed9e9ec1acd52dddca3120aac3c8379611bdc172e707f3585
4be77fb2a6ae4ecfa4675de4288f129d872edb9f6789cde73a9196b466061a0e
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53b28249b3275e0e221a997da22bc44d158efc7c920b5fab97ad2c5d81f54a5d
563c8643d305615f7d28223d43e00e21b5af99ab8cf9982165fece1736f474ce
5bb9d8d005ed5f2079ca27726a5ebf1ba504bdebed283abc295a4289f9a9b31f
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6f49b1d59fb7731c19aff3bfad58bac4cf73fc7d9620b407f233f15b3ab2a697
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c19f8b94da453287d25f49d19e78635ea3ce6739ba2f2c9e4cb7b87b900df6
94391d85716ca75bb3b64cf7411e1df235306cad1b986414a2d429381262431f
9ed79175455a744d21946c457b524feecd9792d93b89208aa634524a764cffe1
a30b48a7384a81d6fa42631834442e0e1e4365fef733d98f5eca45e149cb1544
b644a28c1dc8a442c6aadae9950df63403fb3f8055623ddc9487e30041740e1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855