clients.clio.com Open in urlscan Pro
50.19.133.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_pass...
Submission: On May 02 via manual (May 2nd 2024, 7:01:25 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 14 HTTP transactions. The main IP is 50.19.133.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is clients.clio.com. The Cisco Umbrella rank of the primary domain is 575850.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 5th 2024. Valid for: a year.

This is the only time clients.clio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	50.19.133.30 50.19.133.30	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:275... 2600:9000:275d:6c00:18:60df:22c0:21	16509 (AMAZON-02) (AMAZON-02)
3	52.217.207.8 52.217.207.8	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
2	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
2	35.160.151.220 35.160.151.220	16509 (AMAZON-02) (AMAZON-02)
14	6

2 50.19.133.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-133-30.compute-1.amazonaws.com

clients.clio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275d:6c00:18:60df:22c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2jai5xo6vhevf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.207.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.151.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-151-220.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	amazonaws.com s3.amazonaws.com	136 KB
3	cloudfront.net d2jai5xo6vhevf.cloudfront.net	216 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1425	347 B
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1845	29 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 797	140 B
2	clio.com clients.clio.com — Cisco Umbrella Rank: 575850	30 KB
14	6

	Domain	Requested by
3	s3.amazonaws.com	clients.clio.com
3	d2jai5xo6vhevf.cloudfront.net	clients.clio.com
2	api.segment.io	d2jai5xo6vhevf.cloudfront.net
2	cdn.segment.com	d2jai5xo6vhevf.cloudfront.net
2	sessions.bugsnag.com	d2jai5xo6vhevf.cloudfront.net
2	clients.clio.com	d2jai5xo6vhevf.cloudfront.net
14	6

This site contains links to these domains. Also see Links.

Domain
www.clio.com
forms.gle

Subject Issuer	Validity	Valid
app.clio.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Frame ID: 667F093786B49B916EE5063070BCF5E5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clio for Clients

Detected technologies

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

412 kB
Transfer

960 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.clio.com/
Title: Clio

Search URL Search Domain Scan URL

URL: https://www.clio.com/clients/
Title: Visit our help page

Search URL Search Domain Scan URL

URL: https://forms.gle/GJEGZcJ6GE4H4pCQ7
Title: Send feedback

Search URL Search Domain Scan URL

URL: https://www.clio.com/privacy/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://www.clio.com/tos/clio-for-clients-user-agreement-web/
Title: Terms of service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request messages Show response
clients.clio.com/810807679/matters/1604673049/ 203 KB
26 KB 1307ms
943ms Document
text/html 50.19.133.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.133.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-133-30.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4a806acdeabddcc1bca317413069732f4b65478d6a575801c0e4b825038bcc92

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; connect-src * data: blob:; font-src * data:; frame-ancestors 'self' app.eu.pendo.io .office.com .office365.com .live.com outlook.cloud.microsoft teams.cloud.microsoft; frame-src 'self' .app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com account.clio.com accounts.google.com app.box.com bid.g.doubleclick.net embedded.hellosign.com fast.wistia.net www.facebook.com clio-manage-prod-au-a-documents.s3.ap-southeast-2.amazonaws.com clio-manage-prod-au-a-temporary.s3.ap-southeast-2.amazonaws.com clio-manage-prod-ca-a-documents.s3.ca-central-1.amazonaws.com clio-manage-prod-ca-a-temporary.s3.ca-central-1.amazonaws.com iris-production.s3.us-east-1.amazonaws.com iris-production-eu.s3.eu-west-1.amazonaws.com s3.ap-southeast-2.amazonaws.com/clio-manage-prod-au-a-temporary/ s3.ca-central-1.amazonaws.com/clio-manage-prod-ca-a-temporary/ s3.eu-west-1.amazonaws.com/temporary.goclio.eu/ s3.amazonaws.com/clio-manage-prod-au-a-application-objects/ s3.amazonaws.com/clio-manage-prod-ca-a-application-objects/ s3.amazonaws.com/documents.goclio.com/ s3.amazonaws.com/documents.goclio.eu/ s3.amazonaws.com/clio-manage-staging-us-a-application-objects/ s3.us-east-1.amazonaws.com/cdn.hellosign.com/ s3.us-east-1.amazonaws.com/temporary.goclio.com/ s3.amazonaws.com/temporary.goclio.com/; img-src * data: blob:; media-src blob: https:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com; style-src 'self' https: 'unsafe-inline' 'report-sample'; worker-src 'self' blob:; report-uri https://5fc68b7e47ef7c02ddc113c7.endpoint.csper.io
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 22621
Content-Security-Policy: default-src * 'unsafe-inline'; base-uri 'self'; connect-src * data: blob:; font-src * data:; frame-ancestors 'self' app.eu.pendo.io *.office.com *.office365.com *.live.com outlook.cloud.microsoft teams.cloud.microsoft; frame-src 'self' *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com account.clio.com accounts.google.com app.box.com bid.g.doubleclick.net embedded.hellosign.com fast.wistia.net www.facebook.com clio-manage-prod-au-a-documents.s3.ap-southeast-2.amazonaws.com clio-manage-prod-au-a-temporary.s3.ap-southeast-2.amazonaws.com clio-manage-prod-ca-a-documents.s3.ca-central-1.amazonaws.com clio-manage-prod-ca-a-temporary.s3.ca-central-1.amazonaws.com iris-production.s3.us-east-1.amazonaws.com iris-production-eu.s3.eu-west-1.amazonaws.com s3.ap-southeast-2.amazonaws.com/clio-manage-prod-au-a-temporary/ s3.ca-central-1.amazonaws.com/clio-manage-prod-ca-a-temporary/ s3.eu-west-1.amazonaws.com/temporary.goclio.eu/ s3.amazonaws.com/clio-manage-prod-au-a-application-objects/ s3.amazonaws.com/clio-manage-prod-ca-a-application-objects/ s3.amazonaws.com/documents.goclio.com/ s3.amazonaws.com/documents.goclio.eu/ s3.amazonaws.com/clio-manage-staging-us-a-application-objects/ s3.us-east-1.amazonaws.com/cdn.hellosign.com/ s3.us-east-1.amazonaws.com/temporary.goclio.com/ s3.amazonaws.com/temporary.goclio.com/; img-src * data: blob:; media-src blob: https:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com; style-src 'self' https: 'unsafe-inline' 'report-sample'; worker-src 'self' blob:; report-uri https://5fc68b7e47ef7c02ddc113c7.endpoint.csper.io
Content-Type: text/html; charset=utf-8
Date: Thu, 02 May 2024 19:01:20 GMT
ETag: W/"4a806acdeabddcc1bca317413069732f-gzip"
Server: Apache
Strict-Transport-Security: max-age=63072000
Vary: Origin,Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 7998ed30-34d3-43fc-9420-7efdf0022acc
X-Runtime: 0.827568
X-XSS-Protection: 1; mode=block

GET
H2 200 application-78832b54993155f938c7a62688320149.css
d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/css/ 23 KB
5 KB 53ms
8ms Stylesheet
text/css 2600:9000:275d:6c00:18:60df:22c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/css/application-78832b54993155f938c7a62688320149.css
Requested by: Host: clients.clio.com
URL: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6c00:18:60df:22c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e75fe566b8201bda9ac6d134d0a56905a2cb0e8013d693b99f8230bd64530083

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 15:50:13 GMT
content-encoding: gzip
via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
last-modified: Thu, 04 Apr 2024 15:37:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2430668
etag: W/"249a800fc6e237d9d9de4b9274e1d54a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
x-amz-cf-id: SyS6d0RaSIO7ErUyu6MAs7nHqKnT5S9RBNSZ8WHWPhT69egNok65wA==

GET
H2 200 application-a076e08c19eb9d7d9b518512b5be8f7c.js Show response
d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/ 395 KB
109 KB 54ms
9ms Script
application/javascript 2600:9000:275d:6c00:18:60df:22c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js
Requested by: Host: clients.clio.com
URL: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6c00:18:60df:22c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67f27d490beae511115b302d3dc7637eda0b0ba4098639bb3efc7783976913ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jan 2024 10:38:23 GMT
content-encoding: gzip
via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
last-modified: Fri, 29 Dec 2023 18:37:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 10484578
etag: W/"26beedd6d8ae587798d2200c407f741c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=31536000
x-amz-cf-id: LGANrXLPg9MHCRBNYxJdUU7BlQOQPziOJm4qm5CQnGb9Jldx7zVe8A==

GET
H/1.1 200
OK CC_Horizontal-Standard_large.jpg
s3.amazonaws.com/documents.goclio.com/logos/464991/ 31 KB
31 KB 412ms
189ms Image
image/jpeg 52.217.207.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/documents.goclio.com/logos/464991/CC_Horizontal-Standard_large.jpg?response-content-disposition=attachment%3B%20filename%3D%22CC_Horizontal-Standard_large.jpg%22&X-Amz-Expires=300&X-Amz-Date=20240502T190120Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIKDCZBLQ4MGGPXAQ%2F20240502%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=c50276c99dd92918058fbbeb8f022d92a284ba32d087d23e9aa757edbf546f45
Requested by: Host: clients.clio.com
URL: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.207.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d31798413574c3298da91aa84fb8dd364213fbf15d55d8a8efbd30471a71a573

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 19:01:22 GMT
x-amz-version-id: Teph4tSNz7AnaDu6NBnBXAnNGSQZFItX
Last-Modified: Fri, 13 May 2022 20:39:24 GMT
Server: AmazonS3
x-amz-request-id: 2Q9WVE7DTQ6PZ7V0
ETag: "0f334f7ea9db552bdf274480f63be08f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Content-Disposition: attachment; filename="CC_Horizontal-Standard_large.jpg"
Accept-Ranges: bytes
Content-Length: 31363
x-amz-id-2: Bp1+7n8yniSthPj8jaoHzXfbQO06I9nco4g/K3dku42qyF7mUWqtDos7T2qvoWVBiT9LK/IoWZg=

GET
H/1.1 200
OK TM%202%20360x365_large.jpg
s3.amazonaws.com/documents.goclio.com/avatars/1687131/ 75 KB
76 KB 417ms
195ms Image
image/jpeg 52.217.207.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/documents.goclio.com/avatars/1687131/TM%202%20360x365_large.jpg?response-content-disposition=attachment%3B%20filename%3D%22TM%202%20360x365_large.jpg%22&X-Amz-Expires=86400&X-Amz-Date=20240502T133859Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIKDCZBLQ4MGGPXAQ%2F20240502%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=ef076ccf252ffde6f19ee66a8a5897b59909b7d50e258140bfb83cec240e00ed
Requested by: Host: clients.clio.com
URL: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.207.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 618cd2b855b926b41f6b9d1268f4c87e0f9c5f8e2a547df22b9ac00f7e5571fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 19:01:22 GMT
x-amz-version-id: TE.njLtGiMadvoRwr2yYi1BNF4yNbm5.
Last-Modified: Thu, 04 Aug 2022 22:33:23 GMT
Server: AmazonS3
x-amz-request-id: 2Q9MYF40NFKHHPQG
ETag: "2673c72b29b603f9d928aa6e6dd99f0e"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Content-Disposition: attachment; filename="TM 2 360x365_large.jpg"
Accept-Ranges: bytes
Content-Length: 76821
x-amz-id-2: TAA3UEhyiDeiiEHdnpA9zquZbJETzi4rUuczWnsccVpYUOnihJspuD8bgXkVyhwCqW9FgyYRzcM=

GET
H/1.1 200
OK TM%202%20360x365_small.jpg
s3.amazonaws.com/documents.goclio.com/avatars/1687131/ 29 KB
30 KB 435ms
219ms Image
image/jpeg 52.217.207.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/documents.goclio.com/avatars/1687131/TM%202%20360x365_small.jpg?response-content-disposition=attachment%3B%20filename%3D%22TM%202%20360x365_small.jpg%22&X-Amz-Expires=86400&X-Amz-Date=20240502T133859Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIKDCZBLQ4MGGPXAQ%2F20240502%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=868a875a41ed954e35c29fbc0395633ad7f5bfa58035915d8719ffc42b6b36da
Requested by: Host: clients.clio.com
URL: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.207.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cedde4dde4c198f0d709f842e868aed5da1889eec921e80b09a353decf6d7b2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 19:01:22 GMT
x-amz-version-id: 55FZXVfvihY6RibgJJvUKsuzsYhh5GFk
Last-Modified: Thu, 04 Aug 2022 22:33:23 GMT
Server: AmazonS3
x-amz-request-id: 2Q9NZHDXZXB5SW3Q
ETag: "ccc346f0b34fdd579aca76341a995fdc"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
x-amz-replication-status: COMPLETED
Content-Disposition: attachment; filename="TM 2 360x365_small.jpg"
Accept-Ranges: bytes
Content-Length: 29857
x-amz-id-2: Y/m9YWMMe9POG61a2G4ixuLj3q7ytczHl+8nJ8VHwKWBXkGtTqA0+0ROXtX/EF928bgKJ0ZI9OI=

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 191ms
156ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://clients.clio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 02 May 2024 19:01:21 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 159ms
158ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Bugsnag-Api-Key: 318179f20c268fc79e5d694e2e814fbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Bugsnag-Payload-Version: 1
Referer: https://clients.clio.com/
Bugsnag-Sent-At: 2024-05-02T19:01:20.995Z
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Thu, 02 May 2024 19:01:21 GMT
via: 1.1 google
bugsnag-session-uuid: e1f4f8d4-e8b6-48f0-a302-6b1614677e8d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/RPFaa6knpXf1Uw3cG6oyqX5XDAxQNgLH/ 103 KB
28 KB 623ms
598ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/RPFaa6knpXf1Uw3cG6oyqX5XDAxQNgLH/analytics.min.js
Requested by: Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d768eec8021a4d507eb78407b4edf6412831cc47fd8b28d34aa308bb4e4aed84

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: IFCR7.cq5w6NwhzJSIk7o4osauvvov7A
content-encoding: br
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
date: Thu, 02 May 2024 19:01:22 GMT
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Apr 2024 20:42:15 GMT
server: AmazonS3
etag: W/"850bf031d545db19fe90c60d4d6f49ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: XrNmox1xB7d1udl6QC7TGjeyIufeUcOClS2lrkyBFsiuVMBBzFVy6g==

GET
H/1.1 200
OK check_session_timeout Show response
clients.clio.com/ 3 B
4 KB 126ms
126ms XHR
text/plain 50.19.133.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://clients.clio.com/check_session_timeout

Requested by

Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.133.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-133-30.compute-1.amazonaws.com

Software

Apache /

Resource Hash

1bde41ce9b4fccbf7dde0dc315d1aea5fa03f78c56feb1ba744be9e37fab2dce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; connect-src * data: blob:; font-src * data:; frame-ancestors 'self' app.eu.pendo.io .office.com .office365.com .live.com outlook.cloud.microsoft teams.cloud.microsoft; frame-src 'self' .app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com account.clio.com accounts.google.com app.box.com bid.g.doubleclick.net embedded.hellosign.com fast.wistia.net www.facebook.com clio-manage-prod-au-a-documents.s3.ap-southeast-2.amazonaws.com clio-manage-prod-au-a-temporary.s3.ap-southeast-2.amazonaws.com clio-manage-prod-ca-a-documents.s3.ca-central-1.amazonaws.com clio-manage-prod-ca-a-temporary.s3.ca-central-1.amazonaws.com iris-production.s3.us-east-1.amazonaws.com iris-production-eu.s3.eu-west-1.amazonaws.com s3.ap-southeast-2.amazonaws.com/clio-manage-prod-au-a-temporary/ s3.ca-central-1.amazonaws.com/clio-manage-prod-ca-a-temporary/ s3.eu-west-1.amazonaws.com/temporary.goclio.eu/ s3.amazonaws.com/clio-manage-prod-au-a-application-objects/ s3.amazonaws.com/clio-manage-prod-ca-a-application-objects/ s3.amazonaws.com/documents.goclio.com/ s3.amazonaws.com/documents.goclio.eu/ s3.amazonaws.com/clio-manage-staging-us-a-application-objects/ s3.us-east-1.amazonaws.com/cdn.hellosign.com/ s3.us-east-1.amazonaws.com/temporary.goclio.com/ s3.amazonaws.com/temporary.goclio.com/; img-src * data: blob:; media-src blob: https:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com; style-src 'self' https: 'unsafe-inline' 'report-sample'; worker-src 'self' blob:; report-uri https://5fc68b7e47ef7c02ddc113c7.endpoint.csper.io
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/810807679/matters/1604673049/messages?email=lauren.aguilar%40gr-financialgroup.com&one_time_password=802885c3a90ee486cdbe3096013f44fc
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 19:01:21 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src * 'unsafe-inline'; base-uri 'self'; connect-src * data: blob:; font-src * data:; frame-ancestors 'self' app.eu.pendo.io *.office.com *.office365.com *.live.com outlook.cloud.microsoft teams.cloud.microsoft; frame-src 'self' *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com account.clio.com accounts.google.com app.box.com bid.g.doubleclick.net embedded.hellosign.com fast.wistia.net www.facebook.com clio-manage-prod-au-a-documents.s3.ap-southeast-2.amazonaws.com clio-manage-prod-au-a-temporary.s3.ap-southeast-2.amazonaws.com clio-manage-prod-ca-a-documents.s3.ca-central-1.amazonaws.com clio-manage-prod-ca-a-temporary.s3.ca-central-1.amazonaws.com iris-production.s3.us-east-1.amazonaws.com iris-production-eu.s3.eu-west-1.amazonaws.com s3.ap-southeast-2.amazonaws.com/clio-manage-prod-au-a-temporary/ s3.ca-central-1.amazonaws.com/clio-manage-prod-ca-a-temporary/ s3.eu-west-1.amazonaws.com/temporary.goclio.eu/ s3.amazonaws.com/clio-manage-prod-au-a-application-objects/ s3.amazonaws.com/clio-manage-prod-ca-a-application-objects/ s3.amazonaws.com/documents.goclio.com/ s3.amazonaws.com/documents.goclio.eu/ s3.amazonaws.com/clio-manage-staging-us-a-application-objects/ s3.us-east-1.amazonaws.com/cdn.hellosign.com/ s3.us-east-1.amazonaws.com/temporary.goclio.com/ s3.amazonaws.com/temporary.goclio.com/; img-src * data: blob:; media-src blob: https:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com; style-src 'self' https: 'unsafe-inline' 'report-sample'; worker-src 'self' blob:; report-uri https://5fc68b7e47ef7c02ddc113c7.endpoint.csper.io
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 23
X-XSS-Protection: 1; mode=block
X-Request-Id: 86779345-7927-4e40-93a7-2c76dd0539fd
X-Runtime: 0.012419
Server: Apache
Etag
Vary: Accept,Origin,Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/RPFaa6knpXf1Uw3cG6oyqX5XDAxQNgLH/ 603 B
1 KB 22ms
8ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/RPFaa6knpXf1Uw3cG6oyqX5XDAxQNgLH/settings
Requested by: Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0602a008d2e2fb4705d6380939e7550af2f98b1158f65f04560bcf8a9e494e8f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: RzgIhmooergJoOS9VUAeKxxvEZgufQfk
date: Thu, 02 May 2024 18:17:30 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2749
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 603
last-modified: Tue, 14 Jun 2022 22:42:10 GMT
server: AmazonS3
etag: "7e16033c2f56d27001a8dc366d004872"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: birJktWoMvhCAVcm2fi3WyUOPqfLonALsaTtROkdYjo27KvfDskwdQ==

GET
H2 200 favicon-b692f65cfa2f84c06355f735e6fd1734d047b6097ada2f8e1f2bef4d8b31a655.ico
d2jai5xo6vhevf.cloudfront.net/assets/ 101 KB
101 KB 7ms
7ms Other
image/vnd.microsoft.icon 2600:9000:275d:6c00:18:60df:22c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2jai5xo6vhevf.cloudfront.net/assets/favicon-b692f65cfa2f84c06355f735e6fd1734d047b6097ada2f8e1f2bef4d8b31a655.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:6c00:18:60df:22c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b692f65cfa2f84c06355f735e6fd1734d047b6097ada2f8e1f2bef4d8b31a655

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Dec 2023 12:06:05 GMT
via: 1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 22:54:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 11084117
etag: "b42eb02aaddc00cc3c4976cf02806491"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: public,max-age=31536000
accept-ranges: bytes
content-length: 103117
x-amz-cf-id: xPLfw0Hu4xjOvDlBE2O3myC3g5YNnhr7wXLokIHRigrCulePj4__Tg==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
174 B 532ms
176ms Fetch
application/json 35.160.151.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-151-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clients.clio.com
date: Thu, 02 May 2024 19:01:22 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
173 B 533ms
176ms Fetch
application/json 35.160.151.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: d2jai5xo6vhevf.cloudfront.net
URL: https://d2jai5xo6vhevf.cloudfront.net/assets/client-experience-packs/js/application-a076e08c19eb9d7d9b518512b5be8f7c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.160.151.220 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-151-220.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://clients.clio.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://clients.clio.com
date: Thu, 02 May 2024 19:01:22 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clients.clio.com/	1969-12-31 23:59:59	Name: time_zone_string Value: Europe%2FBerlin
clients.clio.com/	1970-01-20 20:20:31	Name: _client_experience_session_id Value: 3a35d85eda28cf79829c3c98b2174951
.clio.com/	1970-01-21 05:03:32	Name: ajs_anonymous_id Value: 6a8dce96-39e9-4359-b3e1-c0a18cb523ed
.clio.com/	1970-01-21 05:03:32	Name: ajs_user_id Value: 7814390
clients.clio.com/	1970-01-20 20:17:57	Name: _dd_s Value: rum=0&expire=1714677380998

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline'; base-uri 'self'; connect-src * data: blob:; font-src * data:; frame-ancestors 'self' app.eu.pendo.io .office.com .office365.com .live.com outlook.cloud.microsoft teams.cloud.microsoft; frame-src 'self' .app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com account.clio.com accounts.google.com app.box.com bid.g.doubleclick.net embedded.hellosign.com fast.wistia.net www.facebook.com clio-manage-prod-au-a-documents.s3.ap-southeast-2.amazonaws.com clio-manage-prod-au-a-temporary.s3.ap-southeast-2.amazonaws.com clio-manage-prod-ca-a-documents.s3.ca-central-1.amazonaws.com clio-manage-prod-ca-a-temporary.s3.ca-central-1.amazonaws.com iris-production.s3.us-east-1.amazonaws.com iris-production-eu.s3.eu-west-1.amazonaws.com s3.ap-southeast-2.amazonaws.com/clio-manage-prod-au-a-temporary/ s3.ca-central-1.amazonaws.com/clio-manage-prod-ca-a-temporary/ s3.eu-west-1.amazonaws.com/temporary.goclio.eu/ s3.amazonaws.com/clio-manage-prod-au-a-application-objects/ s3.amazonaws.com/clio-manage-prod-ca-a-application-objects/ s3.amazonaws.com/documents.goclio.com/ s3.amazonaws.com/documents.goclio.eu/ s3.amazonaws.com/clio-manage-staging-us-a-application-objects/ s3.us-east-1.amazonaws.com/cdn.hellosign.com/ s3.us-east-1.amazonaws.com/temporary.goclio.com/ s3.amazonaws.com/temporary.goclio.com/; img-src * data: blob:; media-src blob: https:; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' blob: *.app.clio.com app.clio.com api.segment.io app.eu.pendo.io cdn.affinipay.com cdn.eu.pendo.io cdn.plaid.com cdn.segment.com clio.uservoice.com connect.facebook.net data.eu.pendo.io fast.wistia.com fonts.gstatic.com googleads.g.doubleclick.net js.stripe.com munchkin.marketo.net pendo-eu-extensions.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5065845963096064.storage.googleapis.com privacy-policy.truste.com player.vimeo.com recaptcha.google.com/recaptcha/ snap.licdn.com static.zdassets.com stats.g.doubleclick.net widget-mediator.zopim.com www.googleadservices.com www.googletagmanager.com www.google.com/recaptcha/ www.gstatic.com/recaptcha/ d384xlc27tuqx4.cloudfront.net d16fnvcdkazl6d.cloudfront.net d1z9ara1acwrvo.cloudfront.net d2jai5xo6vhevf.cloudfront.net d3erqgaey65nt8.cloudfront.net stackpath.bootstrapcdn.com appsforoffice.microsoft.com ajax.aspnetcdn.com login.microsoftonline.com waconatm.officeapps.live.com; style-src 'self' https: 'unsafe-inline' 'report-sample'; worker-src 'self' blob:; report-uri https://5fc68b7e47ef7c02ddc113c7.endpoint.csper.io
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
clients.clio.com
d2jai5xo6vhevf.cloudfront.net
s3.amazonaws.com
sessions.bugsnag.com
2600:1901:0:7a0b::
2600:9000:275d:6c00:18:60df:22c0:21
35.160.151.220
50.19.133.30
52.217.207.8
99.86.8.175
0602a008d2e2fb4705d6380939e7550af2f98b1158f65f04560bcf8a9e494e8f
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1bde41ce9b4fccbf7dde0dc315d1aea5fa03f78c56feb1ba744be9e37fab2dce
4a806acdeabddcc1bca317413069732f4b65478d6a575801c0e4b825038bcc92
618cd2b855b926b41f6b9d1268f4c87e0f9c5f8e2a547df22b9ac00f7e5571fe
67f27d490beae511115b302d3dc7637eda0b0ba4098639bb3efc7783976913ec
b692f65cfa2f84c06355f735e6fd1734d047b6097ada2f8e1f2bef4d8b31a655
cedde4dde4c198f0d709f842e868aed5da1889eec921e80b09a353decf6d7b2e
d31798413574c3298da91aa84fb8dd364213fbf15d55d8a8efbd30471a71a573
d768eec8021a4d507eb78407b4edf6412831cc47fd8b28d34aa308bb4e4aed84
e75fe566b8201bda9ac6d134d0a56905a2cb0e8013d693b99f8230bd64530083

clients.clio.com Open in urlscan Pro 50.19.133.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

412 kBTransfer

960 kBSize

5 Cookies

5 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

clients.clio.com Open in urlscan Pro
50.19.133.30 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

412 kB
Transfer

960 kB
Size

5
Cookies

14 HTTP transactions
0 data transactions