www.hbsslaw.com Open in urlscan Pro
2606:4700:10::6816:a81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/ii94IefCdE
Effective URL:
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-rev...
Submission: On May 07 via api (May 7th 2021, 2:09:53 pm UTC) from US

Summary HTTP 113 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 29 domains to perform 113 HTTP transactions. The main IP is 2606:4700:10::6816:a81, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hbsslaw.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 6th 2020. Valid for: a year.

This is the only time www.hbsslaw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
24	2606:4700:10:... 2606:4700:10::6816:a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	104.109.85.134 104.109.85.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.73.12 65.9.73.12	16509 (AMAZON-02) (AMAZON-02)
1	143.204.209.3 143.204.209.3	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.43.144.18 185.43.144.18	199766 (SOVEREIGN) (SOVEREIGN)
1	50.19.224.133 50.19.224.133	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6813:ff58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.118.58 35.201.118.58	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.12.143 151.101.12.143	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
18	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:474a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f008:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f108:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	169.46.32.99 169.46.32.99	36351 (SOFTLAYER) (SOFTLAYER)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
113	30

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:10::6816:a81 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hbsslaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.109.85.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-85-134.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.12 (United States)

ASN16509 (AMAZON-02, US)

apps.form.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-3.fra53.r.cloudfront.net

cdn.form.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.43.144.18 (London, United Kingdom)

ASN199766 (SOVEREIGN, GB)
PTR: www.sovereign-plc.co.uk

iptrack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dashboard.whoisvisiting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.224.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-224-133.compute-1.amazonaws.com

lltrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:ff58 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.118.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.143 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

s.swiftypecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:11::6817:860b (United States)

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:474a (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f008:8:face:b00c:0:1 (Milan, Italy)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f108:83:face:b00c:0:25de (Milan, Italy)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.46.32.99 (Irving, United States)

ASN36351 (SOFTLAYER, US)
PTR: 63.20.2ea9.ip4.static.sl-reverse.com

cc.swiftype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	hbsslaw.com www.hbsslaw.com	6 MB
18	jotfor.ms cdn.jotfor.ms	394 KB
11	termly.io app.termly.io	100 KB
8	jotform.com form.jotform.com www.jotform.com js.jotform.com events.jotform.com	30 KB
6	addthis.com s7.addthis.com api-public.addthis.com	192 KB
5	google-analytics.com www.google-analytics.com	38 KB
4	gstatic.com fonts.gstatic.com	70 KB
3	google.de www.google.de	190 B
3	google.com www.google.com	190 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
3	jotform.io widgets.jotform.io	2 KB
3	swiftypecdn.com s.swiftypecdn.com	148 KB
2	nr-data.net bam.nr-data.net	328 B
2	facebook.com www.facebook.com	176 B
2	facebook.net connect.facebook.net	96 KB
2	cloudflare.com cdnjs.cloudflare.com	3 KB
2	form.io apps.form.io cdn.form.io	31 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	swiftype.com cc.swiftype.com	279 B
1	googleadservices.com www.googleadservices.com	14 KB
1	whoisvisiting.com dashboard.whoisvisiting.com	892 B
1	addthisedge.com v1.addthisedge.com	721 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	lltrck.com lltrck.com
1	iptrack.io iptrack.io	1 KB
1	moatads.com z.moatads.com	1 KB
1	unpkg.com unpkg.com	655 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	t.co t.co	501 B
113	29

	Domain	Requested by
24	www.hbsslaw.com	t.co www.hbsslaw.com
18	cdn.jotfor.ms	form.jotform.com cdn.jotfor.ms
11	app.termly.io	www.hbsslaw.com app.termly.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.hbsslaw.com form.jotform.com
4	fonts.gstatic.com	fonts.googleapis.com
3	api-public.addthis.com	s7.addthis.com
3	www.google.de	www.hbsslaw.com
3	www.google.com	www.hbsslaw.com
3	widgets.jotform.io	form.jotform.com
3	s.swiftypecdn.com	www.hbsslaw.com s.swiftypecdn.com
3	s7.addthis.com	www.hbsslaw.com s7.addthis.com
2	bam.nr-data.net	js-agent.newrelic.com
2	events.jotform.com	form.jotform.com
2	www.facebook.com	www.hbsslaw.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	t.co connect.facebook.net
2	js.jotform.com	form.jotform.com
2	cdnjs.cloudflare.com	form.jotform.com
2	www.jotform.com	form.jotform.com
2	form.jotform.com	www.hbsslaw.com
1	js-agent.newrelic.com	www.hbsslaw.com
1	cc.swiftype.com	www.hbsslaw.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	dashboard.whoisvisiting.com	www.hbsslaw.com
1	v1.addthisedge.com	s7.addthis.com
1	www.googletagmanager.com	www.hbsslaw.com
1	lltrck.com	www.hbsslaw.com
1	iptrack.io	www.hbsslaw.com
1	z.moatads.com	s7.addthis.com
1	unpkg.com	www.hbsslaw.com
1	cdn.form.io	www.hbsslaw.com
1	apps.form.io	www.hbsslaw.com
1	fonts.googleapis.com	www.hbsslaw.com
1	t.co
113	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.justice.gov
www.latimes.com
www.reuters.com
www.hbsslaw.co.uk

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.form.io Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.iptrack.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-01` - `2021-10-31`	a year	crt.sh
lltrck.com Go Daddy Secure Certificate Authority - G2	`2020-09-23` - `2021-09-23`	a year	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2021-04-13` - `2022-05-14`	a year	crt.sh
*.jotform.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-17` - `2021-07-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
s.swiftypecdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.whoisvisiting.com RapidSSL RSA CA 2018	`2020-05-21` - `2021-08-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.swiftype.com DigiCert SHA2 Secure Server CA	`2020-06-25` - `2022-06-30`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Frame ID: 64F29A53F5CCF0DCA11EF8BAEFBD8BBD
Requests: 77 HTTP requests in this frame

Frame: https://form.jotform.com/211194771801150
Frame ID: 8889B0085D3A13F1E4C3C86922F4A234
Requests: 19 HTTP requests in this frame

Frame: https://form.jotform.com/62907196919167
Frame ID: 7AE6F42006EC7431C3A1195C2AC04F00
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/ii94IefCdE Page URL
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-pon... Page URL

Page Statistics

113
Requests

100 %
HTTPS

57 %
IPv6

29
Domains

35
Subdomains

30
IPs

5
Countries

7470 kB
Transfer

18621 kB
Size

10
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hbsslaw

Search URL Search Domain Scan URL

URL: https://twitter.com/classactionlaw

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCt_qVrOsA8YeHKS8vxTSsZw

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hagens-berman-sobol-shapiro-llp/

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-az/pr/neurosurgical-associates-ltd-and-dignity-health-dba-st-josephs-hospital-paid-10-million
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.latimes.com/california/00000179-3ef8-d786-a7ff-7efe550b0000-123
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.reuters.com/business/us-sec-chief-plans-scrutinize-short-sellers-rein-gamification-following-gamestop-2021-05-05/
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/court-authorizes-service-john-doe-summons-seeking-identities-us-taxpayers-who-have-used-1
Title: read more »

Search URL Search Domain Scan URL

URL: https://www.hbsslaw.co.uk/
Title: UK Site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/ii94IefCdE Page URL
https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ii94IefCdE Show response
t.co/ 678 B
501 B 158ms
158ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/ii94IefCdE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

f3d789973acef4842753351229f16dcd3eaf7ee375dec590dde14fb333447959

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /ii94IefCdE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:31 GMT
vary: Origin
server: tsa_devel
expires: Fri, 07 May 2021 14:14:31 GMT
set-cookie: muc=6ebf8312-4fa5-4253-adbf-3fcd83eb06d2; Max-Age=63072000; Expires=Sun, 07 May 2023 14:09:31 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 279
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-connection-hash: 77c71c36451e2ce09fb08ba66a948e36563a7f709cdd4410c330926b3121e605

GET
H2 200 Primary Request whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons Show response
www.hbsslaw.com/blog/ 58 KB
16 KB 847ms
816ms Document
text/html 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Requested by

Host: t.co
URL: https://t.co/ii94IefCdE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c12cc8f673373b997f513c36b41711757530b920e84dc2e7e0a279754724595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.hbsslaw.com
:scheme: https
:path: /blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571; expires=Sun, 06-Jun-21 14:09:31 GMT; path=/; domain=.hbsslaw.com; HttpOnly; SameSite=Lax; Secure
cache-control: max-age=1800, public
x-drupal-dynamic-cache: UNCACHEABLE
link: <https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons>; rel="canonical" <https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 06 May 2021 21:16:25 GMT
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
x-request-id: v-2a29017c-af3d-11eb-a4dd-8bd534f31d5f
x-ah-environment: prod
age: 291
via: varnish
x-cache: HIT
x-cache-hits: 5
cf-cache-status: DYNAMIC
cf-request-id: 09e8c2930a000005c4c690d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 64bb06cb4b6d05c4-FRA
content-encoding: gzip

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@300;400;600;700;800&family=Oswald:wght@300;400;500;600;700&display=swap

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f9999f3d4183415bbb986c0e58b70017384b48e6b0dcb7ccbc1d215002e3b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:09:32 GMT
server: ESF
date: Fri, 07 May 2021 14:09:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 14:09:32 GMT

GET
H2 200 google_tag.script.js Show response
www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/ 348 B
513 B 25ms
23ms Script
application/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16921f2294f01407a6abf25c7ee6cc53809dee4845e147081f0a635ecf41aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4186
x-cache: HIT
x-cache-hits: 54
x-ah-environment: prod
vary: Accept-Encoding
content-length: 283
cf-request-id: 09e8c29644000005c46e164000000001
x-request-id: v-1d383bc0-a2e7-11eb-94a6-d7c44d35f617
last-modified: Wed, 21 Apr 2021 21:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d069f205c4-FRA
expires: Wed, 19 May 2021 21:26:50 GMT

GET
H2 200 css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css
www.hbsslaw.com/sites/default/files/css/ 145 KB
26 KB 45ms
43ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ee8c48760597171c0801694c970aba742d3ba1fbb5a0215ab0da631e772d583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_jujEh2BZcXHAgBaUyXCrp0LTuh-7WgIVqw2mMedy1YM.css
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 680438
x-cache: HIT
x-cache-hits: 31
x-ah-environment: prod
vary: Accept-Encoding
content-length: 26323
cf-request-id: 09e8c29645000005c4d18d0000000001
x-request-id: v-84734266-a748-11eb-b325-4ba2453fced0
last-modified: Wed, 21 Apr 2021 21:18:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d069fd05c4-FRA
expires: Tue, 11 May 2021 11:05:46 GMT

GET
H2 200 css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
www.hbsslaw.com/sites/default/files/css/ 4 MB
145 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

549f8e7bfc250bc9c79034b4ce4ad860e70bc8edc6eb5281f79d6189f6f29c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 171
x-ah-environment: prod
vary: Accept-Encoding
content-length: 147871
cf-request-id: 09e8c29646000005c484363000000001
x-request-id: v-ad1a9876-9c45-11eb-929c-33af94059ed0
last-modified: Tue, 30 Mar 2021 21:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d06a0005c4-FRA
expires: Tue, 11 May 2021 17:46:53 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 123ms
48ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Fri, 07 May 2021 14:09:32 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 formio-full.min.css
apps.form.io/hagensberman/view/ 15 KB
15 KB 184ms
49ms Stylesheet
text/css 65.9.73.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.form.io/hagensberman/view/formio-full.min.css
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84302a4f6522169b946e88e5c0548533f8bb7d9c5b9d76ab87192571a77405a9

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 21:18:15 GMT
via: 1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified: Wed, 24 Mar 2021 20:55:57 GMT
server: AmazonS3
age: 60678
etag: "d4d9be825fe1cd6dc4afc9f9c671b32b"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: AMS1-C1
content-length: 15347
x-amz-cf-id: n8NT7bP5A4CqtcOLo996B_RooReuWq32ugI9G6pqjzXsrnj_BF4vhw==

GET
H2 200 flatpickr.min.css
cdn.form.io/flatpickr/ 16 KB
16 KB 184ms
52ms Stylesheet
text/css 143.204.209.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.form.io/flatpickr/flatpickr.min.css
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-3.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 16:11:31 GMT
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified: Mon, 03 May 2021 23:40:57 GMT
server: AmazonS3
age: 79082
etag: "6e17f044632a398d3ee196a1ef289b27"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA53-C1
content-length: 16081
x-amz-cf-id: jXsTFzuoKh9_UAkSXpPGjnbvyt1o_CSVj6IK-_R89z2v68WUrwUAOA==

GET
H2 200 formio.full.js Show response
unpkg.com/formiojs@4.9.24/dist/ 4 MB
655 KB 59ms
40ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/formiojs@4.9.24/dist/formio.full.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3287389dbe681975c1266c77ab0d39476855742c683ee57f7b78c39352b5f3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1218589
fly-request-id: 01F3Z8EGMSJZX3EKZTA5BJ6JJY
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09e8c2965800002bf6dc015000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"46e87e-MQLgs0WP4+AlxbB+S9+93Op0BiM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 64bb06d0880c2bf6-FRA

GET
H2 200 logo.svg
www.hbsslaw.com/sites/all/themes/law/ 6 KB
2 KB 21ms
17ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcef3b9770287ff1b935dd9c3b0c42513aa9bafd43197e315ecd8a2c6657060c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/all/themes/law/logo.svg
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 179
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298eb000005c4843ba000000001
x-request-id: v-471b4380-a759-11eb-b5af-6f3e1c03acb6
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4ae4205c4-FRA
expires: Tue, 11 May 2021 13:05:45 GMT

GET
H2 200 Whistle_0.jpeg
www.hbsslaw.com/sites/default/files/2021-02/ 5 MB
5 MB 50ms
47ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/2021-02/Whistle_0.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d18426eac41a1eee3a3a5b04d62e6160172d2f94e1d9237fbe6e7098584e9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2021-02/Whistle_0.jpeg
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 290
x-cache: HIT
last-modified: Thu, 25 Feb 2021 17:00:35 GMT
x-cache-hits: 4
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 5086579
cf-request-id: 09e8c298ed000005c461170000000001
x-request-id: v-c1bcc68c-ad8e-11eb-80c0-73ff85baacd7
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae4805c4-FRA
expires: Wed, 19 May 2021 10:43:41 GMT

GET
H2 200 100-most-influential-lawyers-in-america.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 23 KB
23 KB 51ms
47ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/100-most-influential-lawyers-in-america.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0202e3eb351a553c0a62ec12b357425f66494259fea5e3f5aee204b6321f5d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/100-most-influential-lawyers-in-america.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 141
x-ah-environment: prod
vary: Accept-Encoding
content-length: 23879
cf-request-id: 09e8c298ed000005c4ae922000000001
x-request-id: v-48689788-9c4b-11eb-9665-632251ecf232
last-modified: Tue, 26 May 2020 14:05:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae4905c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 500-leading-lawyers-in-america.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 26 KB
26 KB 48ms
45ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/500-leading-lawyers-in-america.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a485f2ef59b9c933fed06c3440b12ee98b50f7e42065064a586da8232cff19f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/500-leading-lawyers-in-america.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 169
x-ah-environment: prod
vary: Accept-Encoding
content-length: 26793
cf-request-id: 09e8c298ee000005c4a4063000000001
x-request-id: v-12947e08-9c53-11eb-85c2-7b367373e9c1
last-modified: Tue, 26 May 2020 14:07:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae4c05c4-FRA
expires: Tue, 11 May 2021 12:40:51 GMT

GET
H2 200 titans-of-the-plaintiffs-bar.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 11 KB
11 KB 55ms
52ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/titans-of-the-plaintiffs-bar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a75c450e483b341b83ace34bd3cf3663d96d1fe54aa435eabe7e3c29b4aa2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/titans-of-the-plaintiffs-bar.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 158
x-ah-environment: prod
vary: Accept-Encoding
content-length: 11457
cf-request-id: 09e8c298ee000005c481b24000000001
x-request-id: v-e4722bf8-9c5f-11eb-8351-a3fca6deb1a0
last-modified: Tue, 26 May 2020 14:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae4e05c4-FRA
expires: Tue, 11 May 2021 15:48:16 GMT

GET
H2 200 elite-trial-lawyers.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 21 KB
21 KB 56ms
53ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/elite-trial-lawyers.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b7dd11934e86e14b0c123680875ce066e6daa4d16a0bfb28c1aa95e08a983f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/elite-trial-lawyers.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 158
x-ah-environment: prod
vary: Accept-Encoding
content-length: 21016
cf-request-id: 09e8c298ee000005c487061000000001
x-request-id: v-eb3bfafe-9c7d-11eb-bdcd-f320938a55dc
last-modified: Tue, 26 May 2020 13:59:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae5005c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 trailblazers.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 16 KB
16 KB 60ms
57ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/trailblazers.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683565ce7a9bce8dab8f70b9ea025f589c6948edc6ee3ca8ccf7271ca6922c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/trailblazers.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 179
x-ah-environment: prod
vary: Accept-Encoding
content-length: 16083
cf-request-id: 09e8c298ef000005c49fb41000000001
x-request-id: v-933d6988-9c36-11eb-ad84-13aaecd61aab
last-modified: Tue, 26 May 2020 14:07:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae5505c4-FRA
expires: Tue, 11 May 2021 12:41:00 GMT

GET
H2 200 plaintiffs-hot-list.png
www.hbsslaw.com/sites/default/files/awards/2020-05/ 17 KB
17 KB 47ms
44ms Image
image/png 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/awards/2020-05/plaintiffs-hot-list.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61df852b3a88cd42ae75991239f54c87cbb7e57f96b5973abe8068b409803fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/awards/2020-05/plaintiffs-hot-list.png
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 180
x-ah-environment: prod
vary: Accept-Encoding
content-length: 17079
cf-request-id: 09e8c298ef000005c49b3d2000000001
x-request-id: v-12970218-9c53-11eb-a8d1-77806106e842
last-modified: Tue, 26 May 2020 14:00:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae5805c4-FRA
expires: Tue, 11 May 2021 13:53:05 GMT

GET
H2 200 uk-flag-30.jpg
www.hbsslaw.com/sites/default/files/graphics/ 1 KB
2 KB 60ms
57ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/graphics/uk-flag-30.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2909d4f73e40d0a57c97bc900cf5c1b135abea34872dd860a6707705cb442b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/graphics/uk-flag-30.jpg
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
last-modified: Mon, 21 Sep 2020 02:37:31 GMT
x-cache-hits: 168
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 1460
cf-request-id: 09e8c298ef000005c458251000000001
x-request-id: v-933cc960-9c36-11eb-9787-eba2820fdbdd
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae5905c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 email-decode.min.js Show response
www.hbsslaw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
823 B 10ms
9ms Script
application/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 09:06:15 GMT
server: cloudflare
etag: W/"608bc887-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 64bb06d1fe5e05c4-FRA
vary: Accept-Encoding
cf-request-id: 09e8c29739000005c465bca000000001
expires: Sun, 09 May 2021 14:09:32 GMT

GET
H2 200 js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js Show response
www.hbsslaw.com/sites/default/files/js/ 1 MB
289 KB 26ms
26ms Script
text/javascript 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/js/js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d66d6164a77d7b507bfa1362be533f4506c894f17ac309c4ff251b88b052492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/js/js_LWbWFkp317UHv6E2K-Uz9FBsiU8XrDCcT_JRuIsFJJI.js
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 136
x-ah-environment: prod
vary: Accept-Encoding
content-length: 295712
cf-request-id: 09e8c297a3000005c49b3a9000000001
x-request-id: v-931a1622-9c36-11eb-9d10-1bc91c20952a
last-modified: Tue, 30 Mar 2021 21:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d2985205c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css
www.hbsslaw.com/sites/default/files/css/ 4 KB
1 KB 59ms
58ms Stylesheet
text/css 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hbsslaw.com/sites/default/files/css/css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d01aacb9837a1b4cfb80ea22424285a630747175a3309675447bd0da616ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/css/css_E9AarLmDehtM-4DqIkJChaYwdHF1ozCWdUR70Nphbdw.css
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8126
x-cache: HIT
x-cache-hits: 135
x-ah-environment: prod
vary: Accept-Encoding
content-length: 1081
cf-request-id: 09e8c298f0000005c4a8956000000001
x-request-id: v-933b58dc-9c36-11eb-b7ea-5f2fcba1b506
last-modified: Wed, 24 Mar 2021 04:45:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: varnish
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4ae5a05c4-FRA
expires: Tue, 11 May 2021 12:41:24 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 146ms
58ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43256
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 wiv.js Show response
iptrack.io/api/v1/ 2 KB
1 KB 147ms
41ms Script
text/javascript 185.43.144.18
SOVEREIGN

General

Check archive.org

Show headers Download Go to

Full URL: https://iptrack.io/api/v1/wiv.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.43.144.18 London, United Kingdom, ASN199766 (SOVEREIGN, GB),
Reverse DNS: www.sovereign-plc.co.uk
Software: Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash: 60892bdfb246e60441d0e15ea35c220ad27de1cbfdb57f6f6efa931c5ed1046e

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET, ARR/3.0, ASP.NET
content-length: 1243
vary: Accept-Encoding
content-type: text/javascript

GET
H2 403 lt-v2.min.js
lltrck.com/ 0
0 349ms
99ms Script
text/html 50.19.224.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lltrck.com/lt-v2.min.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.224.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-224-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.min.js Show response
app.termly.io/ 41 KB
16 KB 68ms
16ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed4d34b5d65315493af1084d5e41925b678c46e8d51ba37ff69fc1f232472fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3540
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-a38f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8c2991e00004e97881b8000000001
cf-ray: 64bb06d4fa674e97-FRA

GET
H2 200 211194771801150 Show response
form.jotform.com/ Frame 8889 58 KB
10 KB 243ms
170ms Document
text/html 35.201.118.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/211194771801150
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2 /
Resource Hash: 84af298a88498d364cdbbf8d1ad819ecdaaf03a131c9148760ee4997599394e7

Request headers

:method: GET
:authority: form.jotform.com
:scheme: https
:path: /211194771801150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hbsslaw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hbsslaw.com/

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2
vary: Accept-Encoding
date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 facebook.svg
www.hbsslaw.com/sites/all/themes/law/images/ 1 KB
714 B 56ms
54ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/facebook.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c623cb4efad1539745030ae09338a4933de102c0fdb3794fb7945b62206577bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/facebook.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8124
x-cache: HIT
x-cache-hits: 226
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f6000005c4ac055000000001
x-request-id: v-3625b102-9c35-11eb-9367-c7d4cd96df0b
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be5e05c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 twitter.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
1 KB 48ms
47ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/twitter.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a0e806e84b38c432b4d3849972f62b585a1a729b446b070ba0e57c0e819600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/twitter.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8124
x-cache: HIT
x-cache-hits: 305
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f0000005c4abad7000000001
x-request-id: v-69aa0f44-a759-11eb-a9de-634229b7270b
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be6005c4-FRA
expires: Tue, 11 May 2021 13:06:43 GMT

GET
H2 200 youtube.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
940 B 48ms
47ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/youtube.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd2f280c8d3474c71c57445945a40009013ff9e4e3081fcfe4b03fde7011a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/youtube.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8124
x-cache: HIT
x-cache-hits: 199
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f1000005c46b88e000000001
x-request-id: v-1248ee92-9c5e-11eb-97e1-afa86a5a8cb2
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be6405c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 linkedin.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
982 B 49ms
47ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/linkedin.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9478fbc901b65171eb9f640768880e86928545cc44dc8f4ca672a85e612e69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/linkedin.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106875
x-cache: HIT
x-cache-hits: 249
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f2000005c47d065000000001
x-request-id: v-f1321d56-a73d-11eb-b303-eff48ed0eba9
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be6505c4-FRA
expires: Tue, 11 May 2021 09:50:04 GMT

GET
H2 200 search.svg
www.hbsslaw.com/sites/all/themes/law/images/ 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/search.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e5cf9ed950c66e71444d25b87a9efe55970bd13f13a1cf99208dbee0ffb500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/search.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8124
x-cache: HIT
x-cache-hits: 253
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f1000005c4a6beb000000001
x-request-id: v-99d9256c-a757-11eb-b6f0-470928fcc5dd
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be6905c4-FRA
expires: Tue, 11 May 2021 12:53:45 GMT

GET
H2 200 close.svg
www.hbsslaw.com/sites/all/themes/law/images/ 1 KB
704 B 43ms
43ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/close.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47f0d3c8a81b972403831aa33843c4dffb5f95ac4078c2cce1328d8c11665498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
:path: /sites/all/themes/law/images/close.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 106875
x-cache: HIT
x-cache-hits: 209
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c298f2000005c465800000000001
x-request-id: v-d1d38004-a755-11eb-bff4-0b00491245b2
last-modified: Sat, 03 Oct 2020 04:18:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06d4be6a05c4-FRA
expires: Tue, 11 May 2021 12:40:59 GMT

GET
H2 200 BLOG-HERO.jpg
www.hbsslaw.com/sites/default/files/2020-05/ 61 KB
61 KB 57ms
56ms Image
image/jpeg 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/default/files/2020-05/BLOG-HERO.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fa0404437de19a0c6e3e649e87a7916f95a5d2c9e143efcfb075d2710d7428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /sites/default/files/2020-05/BLOG-HERO.jpg
pragma: no-cache
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:32 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54749
x-cache: HIT
last-modified: Tue, 26 May 2020 13:22:14 GMT
x-cache-hits: 28
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 62507
cf-request-id: 09e8c298f5000005c461172000000001
x-request-id: v-9c7a9888-ab2a-11eb-975a-83a446a7e38f
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 64bb06d4be8405c4-FRA
expires: Sun, 16 May 2021 09:41:46 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&family=Open+Sans:wght@300;400;600;700;800&family=Oswald:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 22:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 230720
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 04 May 2022 22:04:12 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 20ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 446754
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 23ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 303535
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 04 May 2022 01:50:37 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 21ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.hbsslaw.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:17:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:19 GMT
server: sffe
age: 309110
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18988
x-xss-protection: 0
expires: Wed, 04 May 2022 00:17:42 GMT

GET
H2 200 62907196919167 Show response
form.jotform.com/ Frame 7AE6 30 KB
6 KB 165ms
164ms Document
text/html 35.201.118.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/62907196919167
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2 /
Resource Hash: 828f3770e29f965612ea39410bc9f76107c0ee1fea6472893941d2afe84a11b1

Request headers

:method: GET
:authority: form.jotform.com
:scheme: https
:path: /62907196919167
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hbsslaw.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.hbsslaw.com/

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2
vary: Accept-Encoding
date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK st.js Show response
s.swiftypecdn.com/install/v2/ 415 KB
110 KB 183ms
30ms Script
text/javascript 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/install/v2/st.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d5d204d662ae2f90464bee6d1e1d645169851dfab39948b23a18da5a8584585

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:09:33 GMT
Content-Encoding: gzip
Age: 289
X-Cache: HIT
Connection: keep-alive
Content-Length: 112086
X-Served-By: cache-fra19149-FRA
Access-Control-Allow-Origin: *
X-Timer: S1620396574.565136,VS0,VE0
ETag: "5fb57a29-1b5d6"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=300, public, max-age=300, public
Accept-Ranges: bytes
X-Cache-Hits: 27

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
38 KB 83ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/google_tag/primary_hbss_container/google_tag.script.js?qrxn6i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9975cac05aa6ba85d571892ad82eb8efab98b671a6c99dab8476beb5a2ef3e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38463
x-xss-protection: 0
last-modified: Fri, 07 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 May 2021 14:09:33 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e47494d5792b5b4/ 2 KB
721 B 195ms
193ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e47494d5792b5b4/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-85-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8426a5b2572b374f61df0fcfe38c7a57ee0ed672d68be9a47434f434af872b9b

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: gzip
etag: 1685711743--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 545

GET
H3-29 200 379.embed.min.js Show response
app.termly.io/ 155 KB
47 KB 124ms
32ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/379.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ad0389f416cbef5a0417c7123a02a66482fd042491e765bf0c00aff099df6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3527
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-26bd3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8c29bdb000005cc2eacf000000001
cf-ray: 64bb06d959f605cc-FRA

GET
H3-29 200 644.embed.min.js Show response
app.termly.io/ 161 KB
33 KB 136ms
45ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/644.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84a304dc1078de8464ae8dcc657310754618d4df3a51ec2de038c0f209c29de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3527
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 05 May 2021 14:32:34 GMT
server: cloudflare
etag: W/"6092ac82-28512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09e8c29bdb000005cc3031a000000001
cf-ray: 64bb06d959fa05cc-FRA

GET
H2 200 who.ashx
dashboard.whoisvisiting.com/ 631 B
892 B 127ms
35ms Image
image/jpg 185.43.144.18
SOVEREIGN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashboard.whoisvisiting.com/who.ashx?Type=Hit&Data=1600|1200|https%3A%2F%2Ft.co%2F|5690634ca5654a84ab271c78a2a27412|https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons|Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.43.144.18 London, United Kingdom, ASN199766 (SOVEREIGN, GB),
Reverse DNS: www.sovereign-plc.co.uk
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:33 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 631
expires: -1

GET
H2 200 formCss.css
cdn.jotfor.ms/static/ Frame 8889 66 KB
15 KB 271ms
196ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/formCss.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca40000d6cdc68ce000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-1070a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HsYSki3%2FA5K5JHP0IjLR%2F27GEPBxZfZNxtk1kkyICfHhrCUqRCZVRtAk4fiE12gLejPioBDJK%2BFV41b0mUAu%2BpMMQFcrkfuSo8kiTajsj59iz4PILIm9FILi"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06da9ec6d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nova.css
cdn.jotfor.ms/css/styles/ Frame 8889 31 KB
7 KB 222ms
147ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca50000d6cd7d80f000000001
last-modified: Mon, 22 Mar 2021 06:51:34 GMT
server: cloudflare
etag: W/"60583e76-7cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B9lhbgGogSaektUaxKRQatfa6uCYIVwCZvPCUypPNA1%2F9Cw8fyMlvG5o5yRKu4zROzJvH4zqJDQLXV69GOw3eQC%2FRMCp6Vq4WO2SLFWwL%2BJrp69JuR8uQdXW"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06daaec7d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ Frame 8889 13 KB
3 KB 223ms
149ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?themeRevisionID=59fb4852cf3bfe589c6c6f21
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9e007b97c4a9244efb5159e59341907269eca4a4e0071eeac001f271c6c00a

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
cf-request-id: 09e8c29ca50000d6cd72bf9000000001
pragma: no-cache
last-modified: Thu, 02 Nov 2017 16:31:14 GMT
server: cloudflare
etag: W/"bc25fa0db8eacbae384c894de4d31e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8xyn47lXjYjUbFADAod42VkF%2Bxal6AR3zdliQVdhfejqr%2FqsUEHPt45rn8Fc8s0tRfKfqvY1g9svUwRggw1EGYRYtQ7g4sy16kfJzC3ecte0AD50um1RCmsb"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 64bb06daaecbd6cd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_feature.css
cdn.jotfor.ms/css/styles/payment/ Frame 8889 36 KB
6 KB 211ms
137ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/payment/payment_feature.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca50000d6cd6b385000000001
last-modified: Wed, 05 May 2021 12:54:28 GMT
server: cloudflare
etag: W/"60929584-8efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2QPNnJgqkb2kKkU5Pnp0y3jyWdV2Hx%2Bp4F2Dp79m9LGMv1WydcRa3u4O8uOee%2FS%2Bg%2FnjCkLP%2F8H%2Fg9QR4%2F24m3f2Xu2dBjp6bJw3h%2FJK1O%2BDM7KB3Goqg3t6"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06daaecdd6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-submit-button-simple_blue.css
www.jotform.com/themes/css/buttons/ Frame 8889 2 KB
635 B 213ms
139ms Stylesheet
text/css 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/themes/css/buttons/form-submit-button-simple_blue.css
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815b4d0911bf35897ca426c27905c5dd1cc0d5e7757a0095ad4a9206e44e7aa6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29ca300004aa9bf37b000000001
last-modified: Mon, 15 Jun 2020 10:31:25 GMT
server: cloudflare
etag: W/"5ee74dfd-8ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64bb06da9bfc4aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.min.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 8889 3 KB
2 KB 67ms
66ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/211194771801150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1278382
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1365
cf-request-id: 09e8c29c5b000032406f318000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xKnst8jPx4Fw%2B%2BgKOhkNoKT0R%2F8hs8GUTYldS2bsckQHqa0rMlfgfAOLgjo4a1vW14tqTHfbPdWtnB5GVb8wMk6w2AqUm27%2BB9ithS9DdVyK62V5Ho2Z2sGDrH7CMS2hZg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64bb06da2bc33240-FRA
expires: Wed, 27 Apr 2022 14:09:33 GMT

GET
H2 200 prototype.forms.js Show response
cdn.jotfor.ms/static/ Frame 8889 126 KB
32 KB 99ms
25ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/prototype.forms.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3949636
content-encoding: br
cf-request-id: 09e8c29ca70000d6cd80229000000001
last-modified: Mon, 22 Mar 2021 18:53:31 GMT
server: cloudflare
etag: W/"6058e7ab-1f8b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pmMcxesGOsaXvui%2FdgNycRBWrfHROEJYkijvvCS0LgLP9NwtLuvilTAYQLQmp0s2gkIY81RN56eMdY1dlPrANBhlBRpiAV%2F70nrEEYixLnmc0zNGVheu7jKs"}],"max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 64bb06daaed5d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn.jotfor.ms/static/ Frame 8889 508 KB
126 KB 212ms
138ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/jotform.forms.js?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca80000d6cda8bf1000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-7f1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U1xvbwM9YVprlYBBjumQB3DUIMRQPuUuI%2FSuy26mo6%2Bz7qkwAb4j4XVEx6G%2Fo1EWYi%2BasZYXA8u7eBy%2BO%2FUMYaHT8hWy1mxMWW8tutry30AlTXJRPNqXURpo"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64bb06daaed6d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 postMessage.js Show response
js.jotform.com/vendor/ Frame 8889 6 KB
2 KB 185ms
165ms Script
application/x-javascript 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/vendor/postMessage.js?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29c7000004a6dcc10f000000001
x-static: 1
last-modified: Fri, 03 May 2019 10:43:50 GMT
server: cloudflare
etag: W/"5ccc1b66-16bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64bb06da4eb24a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WidgetsServer.js Show response
js.jotform.com/ Frame 8889 30 KB
10 KB 264ms
247ms Script
application/x-javascript 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.jotform.com/WidgetsServer.js?v=1620145059364
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de45a20fdccbf0c273572cac4ff78ac5b8727cf90ce4d58333b33c6d62895de

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29c6e00004a6da401b000000001
x-static: 1
last-modified: Sun, 18 Apr 2021 18:17:58 GMT
server: cloudflare
etag: W/"607c77d6-781e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64bb06da4eb54a6d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/getReferrer/min/ Frame 8889 898 B
716 B 164ms
142ms Script
application/x-javascript 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b61a86f5bf77e90dc8ed1697213fc409ba249ff7793614804c64adccf166105

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29c7300002c52f89d9000000001
x-static: 1
last-modified: Thu, 02 May 2019 12:29:42 GMT
server: cloudflare
etag: W/"5ccae2b6-382"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QsgFvqTC3A59xxJNlKecRnULntyRNUfdFGGmn4eM6lEMQfpBvYBWAgGujcq%2FL%2FwB4HtXVeT5MynvY3v8kB1ggXRw5f7uBAAEAATCYAi8P6kWNbjQcWkQuDCNkU63%2B44%3D"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64bb06da5f662c52-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/getParentUrl/min/ Frame 8889 1 KB
1 KB 163ms
141ms Script
application/x-javascript 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29c7300002c52de9ff000000001
x-static: 1
last-modified: Mon, 09 Nov 2020 08:34:18 GMT
server: cloudflare
etag: W/"5fa8ff0a-497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VzQaa5IK%2BLzhe%2FySwfW6mNIjeWB8taWEJoIvTUe%2BSjn4oO3qBlrX5tcKN%2FYha6O4r0HYPMRbOuMhMeg6pcPr1sld3JSQzfMXCPDM8ZDkNt%2BfErxriXielu30nXDriUU%3D"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64bb06da5f672c52-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scripts.js Show response
widgets.jotform.io/googleanalytics/ Frame 8889 194 B
446 B 163ms
141ms Script
application/x-javascript 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/googleanalytics/scripts.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29c7400002c52151af000000001
x-static: 1
last-modified: Thu, 02 May 2019 12:29:42 GMT
server: cloudflare
etag: W/"5ccae2b6-c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fyHLUfxte4tdUxwKpTSfT319GK1OEjyHaglMHJB9buPPAfHf%2BAtkTRs9Z6BaUwB06MTXdVDHYFvuaRu4AQ3m2gJ3u%2FHqnXtvylEI0NOcbdHGQVkwyuWZAprlAhiU8yI%3D"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64bb06da5f692c52-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 printForm.css
cdn.jotfor.ms/css/ Frame 8889 456 B
519 B 172ms
172ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/printForm.css?3.3.25266
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29e4c0000d6cdb8962000000001
last-modified: Thu, 16 May 2019 07:50:58 GMT
server: cloudflare
etag: W/"5cdd1662-1c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EiL4XWJYgqBb0sEuJqlWyUSD1%2BU5oDpw3rQnEVX2wXOyULumE4HtufLOvK3OwTTBKTqnEOPWkLiVDWjMOlQp3YPjMjf1OovgtnvXZ9lvvC%2Bmjg48H%2BAcO2S7"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dd4c31d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 formCss.css
cdn.jotfor.ms/static/ Frame 7AE6 66 KB
15 KB 205ms
146ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/formCss.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca60000d6cd63a8b000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-1070a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=66yyJK4vCSXahWEO04KnG3QMMzudzpARRAcxf6Bieqcl0YcNgTPRd5T7gGzViqnqM7pOY6Px5P6nuJrGp6S7Am8uYVJqRgIcWdMAW%2B0hENY0xZDfzXNKDwsl"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06daaecfd6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nova.css
cdn.jotfor.ms/css/styles/ Frame 7AE6 31 KB
6 KB 206ms
148ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca70000d6cdbf368000000001
last-modified: Mon, 22 Mar 2021 06:51:34 GMT
server: cloudflare
etag: W/"60583e76-7cc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kFJJyhyLn9gXjOqlPoGYu1qzdKiqkLWgOQV2S8kcbEQbYmaG3j51ysjNOM4MCB3kAz2pfp38XALeTTXlZV0QdJECLO40RtiJcpHw3WZu%2Fyj8IETNnN2%2BV1k9"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06daaed1d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ Frame 7AE6 13 KB
3 KB 204ms
146ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
cf-request-id: 09e8c29ca70000d6cd5cb6f000000001
pragma: no-cache
last-modified: Thu, 24 Sep 2020 07:36:35 GMT
server: cloudflare
etag: W/"cbc5f2f3554f28da655f17836110d89a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MveXdF5qhfZF%2FB7ITJbqJFH131U5r1Pq%2FlTIeTQt6PlHSoHPYhAJwdmQ%2F6uyF3FoIFUfTahg6Q9LYRAzR0z6a5HHSPtXheEbJcLhEj%2FQrbZaFZ5HAqA1VVkR"}],"max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 64bb06daaed3d6cd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_feature.css
cdn.jotfor.ms/css/styles/payment/ Frame 7AE6 36 KB
6 KB 206ms
148ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/payment/payment_feature.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca70000d6cdbf986000000001
last-modified: Wed, 05 May 2021 12:54:28 GMT
server: cloudflare
etag: W/"60929584-8efa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BLwo0fwYLogY0YSafOm%2F%2BZv3sI%2FdHPfEN6xqDmyu5KnKvk1XEJTR4%2FG7o4RwpmL6%2BvQVnpwkNj1AU28az0RMFE4z741sbUIzmdYB6AkkXL1qcyMhJRfyt94b"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06daaed2d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 form-submit-button-simple_orange.css
www.jotform.com/themes/css/buttons/ Frame 7AE6 2 KB
1 KB 190ms
133ms Stylesheet
text/css 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/themes/css/buttons/form-submit-button-simple_orange.css
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ef139510911c487b640972a830e47cf6626be0322694e085cd8e547295eac0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29ca400004aa906381000000001
last-modified: Mon, 15 Jun 2020 10:31:25 GMT
server: cloudflare
etag: W/"5ee74dfd-8a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
cf-ray: 64bb06da9bfd4aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.min.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 7AE6 3 KB
2 KB 51ms
51ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/62907196919167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1278382
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1365
cf-request-id: 09e8c29c6e0000324047b55000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U%2Bd9ZoY4fpHYrCG6%2FyiQu%2F3ZtHlAZn46p69YxcmXRarUmFKrDzXTB4zfD8ojmEZDY8lA80NCftaHpkQpzOeUMRIiW%2Ft9p88Ik%2BFI2AemecxAznqVVHYhrWT0TxHJdmPnew%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 64bb06da4c1f3240-FRA
expires: Wed, 27 Apr 2022 14:09:33 GMT

GET
H2 200 prototype.forms.js Show response
cdn.jotfor.ms/static/ Frame 7AE6 126 KB
32 KB 92ms
35ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/prototype.forms.js
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3949636
content-encoding: br
cf-request-id: 09e8c29cad0000d6cd8286d000000001
last-modified: Mon, 22 Mar 2021 18:53:31 GMT
server: cloudflare
etag: W/"6058e7ab-1f8b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xt7VWGkK5XfU6VYfHuhQIiLIsAnzDRn0TBIMEWp0G1Z7q9vxbNV4ZCGCix3VhzaHCgCw0%2Bq%2BDsA0q%2BFqhg8FrqhOUO5gn7Q28oCaQx0s4rEdnstWxw3mEF1%2F"}],"max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 64bb06daaedad6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn.jotfor.ms/static/ Frame 7AE6 508 KB
125 KB 250ms
192ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/static/jotform.forms.js?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29ca90000d6cd92291000000001
last-modified: Fri, 07 May 2021 11:31:03 GMT
server: cloudflare
etag: W/"609524f7-7f1f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kCafUoufyv2WFObhqoUw8xdRZf3wz%2FVhoN1RjX1sXaVWbdqg7FV6ViuVxtemZ6Faqnv2hTpRI%2FWcWlMYLk1rds8%2FjwpZcTR7%2BroVf5rJTNCOovk6i60sKILE"}],"max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 64bb06daaedcd6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 printForm.css
cdn.jotfor.ms/css/ Frame 7AE6 456 B
661 B 130ms
129ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/printForm.css?3.3.22569
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29e490000d6cdd3242000000001
last-modified: Thu, 16 May 2019 07:50:58 GMT
server: cloudflare
etag: W/"5cdd1662-1c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vlb18d%2FGNs4455Kpcj4ZQSO0lOMgflCVeZNoqAjPAKp5l5gD6YOgx84PIEH1Smv8SI5q3Q1EbAGCnx62st8JpToeZlbpnpCrBTruj%2Bl6Q%2BKIXf2HQdlPMR%2F7"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dd3c29d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 49ms
49ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 07 May 2021 14:09:33 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6161
date: Fri, 07 May 2021 12:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 14:26:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 41ms
41ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MVR447J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13939
x-xss-protection: 0
server: cafe
etag: 16751590114636182394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 May 2021 14:09:33 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/ii94IefCdE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: NLEANi51Arcz7wOeYaJL30MaGAp3ErnsknMrc+zStGLjpjTod+QICbuzo5KEbUzUTnkR6FnpIA4QU+M/PpUgCA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 07 May 2021 14:09:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H3-29 200 ab4d583d-82bd-4178-a4e5-4026a78e016d
app.termly.io/api/v1/snippets/websites/ Frame 0
0 204ms
189ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d

Protocol

H3-29

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8c29cd00000e00b23160000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bb06daeb00e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 ab4d583d-82bd-4178-a4e5-4026a78e016d Show response
app.termly.io/api/v1/snippets/websites/ 3 KB
2 KB 287ms
228ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f66b6b2cfb9dbf8f7f809afea348897644ca3601b68b8e9efa3aba8387f980

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cf078976-1004-4bf4-a131-cbb4c43fe916
x-runtime: 0.003875
server: cloudflare
etag: W/"21f66b6b2cfb9dbf8f7f809afea34889"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=10
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8c29dcb0000e00bbcbeb000000001
cf-ray: 64bb06dc7ec1e00b-FRA
access-control-expose-headers

GET
H3-29 200 ip Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ 116 B
858 B 194ms
186ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ip?random-uuid=69d279f7-1360-1cb6-69d5-4439aa27d7e4

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738b01ef9417ef6b60f75afb32bdacae4b4215db0ab62e83489ca014ec89e836

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0e6e0944-7e91-49b3-86bd-e81f4706503e
x-runtime: 0.002569
server: cloudflare
etag: W/"738b01ef9417ef6b60f75afb32bdacae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=3600
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8c29dd40000e00be91eb000000001
cf-ray: 64bb06dc8ef0e00b-FRA
access-control-expose-headers

OPTIONS
H3-29 200 ip
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ Frame 0
0 264ms
250ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ip?random-uuid=69d279f7-1360-1cb6-69d5-4439aa27d7e4

Protocol

H3-29

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8c29cd10000e00be50a9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bb06daeb03e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK XVSXgYsTzzyPUxL3M5An.json Show response
s.swiftypecdn.com/install/v2/config/ 19 KB
5 KB 139ms
67ms XHR
application/json 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://s.swiftypecdn.com/install/v2/config/XVSXgYsTzzyPUxL3M5An.json

Requested by

Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22fbee4a9b5eb45c3849b5181c8323fe16e1e0606c8c962b0cadb9bb7bd33a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Swiftype-Backend-Region: dal
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 291
X-Cache: HIT
Status: 200 OK
Connection: keep-alive
Vary: Accept-Encoding, Origin
Content-Length: 4085
X-XSS-Protection: 1; mode=block
X-Request-Id: 160d210973b9d66884b260a9ccdcc5b5
X-Swiftype-Backend-Datacenter: dal12
X-Runtime: 0.188312
Access-Control-Allow-Origin: *
Last-Modified: Mon, 02 Oct 2017 15:44:25 GMT
X-Swiftype-Backend-Node: app-website02b.dal12
X-Timer: S1620396574.993770,VS0,VE1
X-Frame-Options: SAMEORIGIN
Date: Fri, 07 May 2021 14:09:33 GMT
X-Served-By: cache-fra19154-FRA
Access-Control-Max-Age: 7200
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Via: 1.1 varnish
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Access-Control-Allow-Credentials: true
ETag: W/"026ceecc73fbc49f186f179739d4bcc9"
Accept-Ranges: bytes
X-Rack-Cache: pass
X-Cache-Hits: 1

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1037040763&gjid=404622784&_gid=1266755141.1620396574&_u=YGBAgAABAAAAAE~&z=1801933981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 May 2021 14:09:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
30 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1170298857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=1210763667&gjid=772625433&cid=2060612376.1620396574&tid=UA-2307371-2&_gid=1266755141.1620396574&_r=1&gtm=2wg4s0MVR447J&z=1635465534

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
60 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1170298857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1037040763&gjid=404622784&cid=2060612376.1620396574&tid=UA-2307371-2&_gid=1266755141.1620396574&gtm=2wg4s0MVR447J&z=618544415

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 04:21:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35278
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
60 B 8ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1170298857&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=2060612376.1620396574&tid=UA-2307371-2&_gid=1266755141.1620396574&gtm=2wg4s0MVR447J&z=1227106938

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 04:21:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35278
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
61ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1037040763&_u=YGBAgAABAAAAAE~&z=1791007027

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
64ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1037040763&_u=YGBAgAABAAAAAE~&z=1791007027

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 17ms
17ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1210763667&gjid=772625433&_gid=1266755141.1620396574&_u=YGDAAEABAAAAAG~&z=731074971

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 May 2021 14:09:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 515415048606248 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 56ms
56ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515415048606248?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d775fdf09e5e69833bf0efd07cad8489bb287d64ff77ae1a6d684cbba907c0c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74035
x-fb-rlafr: 0
pragma: public
x-fb-debug: Tcl4Ot1vo1/gk7TyyElN3WWeuNpeUrtng1KnISZTIFXRmFhTtoULEsrOxUqSIcCiKBAfQ9AfXMZ0RWBlBVrGhA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 07 May 2021 14:09:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 76.f5e4c5ee6c10bf566157.js Show response
s7.addthis.com/static/ 576 B
609 B 92ms
88ms Script
application/javascript 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/76.f5e4c5ee6c10bf566157.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d4c129101af92fc044d9bc487a90fac991546374fccca5d60b38ba5fca37188f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-240"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 07 May 2021 14:09:34 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 369

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
362 B 190ms
188ms XHR
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:00:00 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:09:34 GMT
content-type: application/json
access-control-allow-origin: https://www.hbsslaw.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
388 B 190ms
189ms Script
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&callback=_ate.cbs.rcb_ab5u0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

3c45241388a1e4c6b2341b04b1301913f89e3e70680e1407a2b1c662c14a3b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:09:34 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:09:34 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
388 B 189ms
188ms Script
application/json 104.109.85.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&callback=_ate.cbs.rcb_8rdo0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.85.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-85-134.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6922d98774a0a69e265c6488c184c96a1f4f78f5b4439a21e3a38df22a757a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
last-modified: Fri, 07 May 2021 14:09:34 GMT
server: nginx/1.15.8
date: Fri, 07 May 2021 14:09:34 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072104079/ 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072104079/?random=1620396574071&cv=9&fst=1620396574071&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d03df856d6430de9d2b5a3e2a28147db7511e95fa30c410e2c945ae55724ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 appointmentSlots.css
cdn.jotfor.ms/css/styles/ Frame 8889 19 KB
5 KB 176ms
175ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/appointmentSlots.css?v=0.13
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29d7d0000d6cdd8216000000001
last-modified: Tue, 30 Mar 2021 17:24:41 GMT
server: cloudflare
etag: W/"60635ed9-4dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h1sPy7Q9uceeVxfyZbqpcWzXnDi5yw8qLljlOXg%2BbWQGLdW5qM7jMiIGkMvylYxpOwdiZ1nxgjMsxTfD065FZS09MSgC0xXguijNeEHX8JP2HrPBzFlNKlj%2F"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dbf999d6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ Frame 8889 26 KB
4 KB 174ms
174ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/control_inline/control_inline.css?v=0.3
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.25266
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29d7e0000d6cd630ce000000001
last-modified: Fri, 19 Mar 2021 07:01:04 GMT
server: cloudflare
etag: W/"60544c30-69e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JDIqbA%2Fd0bMu5hXGQWfUUk%2FrjWAB%2BKVWtO731%2FXBj4aUX7YBj0aLvX9vmojy1oOTLUg2QklW%2BI6Ofn8h%2FKsKzRtfHvVxfoQwuNHoFg3lRdFbX3xc6t9Qtn5x"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dbf99ad6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 appointmentSlots.css
cdn.jotfor.ms/css/styles/ Frame 7AE6 19 KB
5 KB 174ms
173ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/appointmentSlots.css?v=0.13
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29d7e0000d6cd922a2000000001
last-modified: Tue, 30 Mar 2021 17:24:41 GMT
server: cloudflare
etag: W/"60635ed9-4dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R7FjaCme8KZ3Xh6o1tD%2FyVCdXl7mN%2BmOIW3TUPB%2FAvIP4VIuVvla9qs%2FzSmSOxWyOAWTuHsEWxZwNFPJFCICMovYf%2BFvnDvPZEgR8AWZ%2BUcEGEqBomQCs4By"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dbf99cd6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ Frame 7AE6 26 KB
4 KB 172ms
172ms Stylesheet
text/css 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/css/styles/control_inline/control_inline.css?v=0.3
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d

Request headers

Referer: https://cdn.jotfor.ms/css/styles/nova.css?3.3.22569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
content-encoding: br
cf-request-id: 09e8c29d7f0000d6cd5cb84000000001
last-modified: Fri, 19 Mar 2021 07:01:04 GMT
server: cloudflare
etag: W/"60544c30-69e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RWrRsYAolZFIM%2Frl09kB8Bqt6KBv2KdjlLJTD8ighYlkbIgFkMJSIA4O2U%2F3yuwv62xea%2B2aVx53LC9vth9uqMLDEjBNPYFMvcc112gAh%2BtURy57V0VKeXna"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 64bb06dbf99fd6cd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1210763667&_u=YGDAAEABAAAAAG~&z=1009694323

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2307371-2&cid=2060612376.1620396574&jid=1210763667&_u=YGDAAEABAAAAAG~&z=1009694323

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK new_embed-20cee04df5c6e7e2687598f076a0147d.css
s.swiftypecdn.com/assets/ 89 KB
34 KB 69ms
69ms Stylesheet
text/css 151.101.12.143
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.swiftypecdn.com/assets/new_embed-20cee04df5c6e7e2687598f076a0147d.css
Requested by: Host: s.swiftypecdn.com
URL: https://s.swiftypecdn.com/install/v2/st.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.143 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 291b8f746f5fb8ef8dff392fee9cfabc7921aec0335fc4e15cd2633aeb383db2

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:09:34 GMT
Content-Encoding: gzip
Age: 62622
X-Cache: HIT
X-Cache-Hits: 1488
Connection: keep-alive
Content-Length: 33977
X-Served-By: cache-fra19149-FRA
Access-Control-Allow-Origin: *
X-Timer: S1620396574.093492,VS0,VE0
ETag: "5d5f00b5-84b9"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
Expires: Fri, 06 May 2022 20:45:52 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 74ms
73ms Image
image/gif 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515415048606248&ev=PageView&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1620396574180&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620396574176.1952842823&it=1620396574000&coo=false&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 07 May 2021 14:09:34 GMT

GET
H/1.1 200
OK cc.js
cc.swiftype.com/ 43 B
279 B 733ms
138ms Image
image/gif 169.46.32.99
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.swiftype.com/cc.js?engine_key=zsuMgixDyE-pE8gMn2NN&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&r=https%3A%2F%2Ft.co%2F
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 169.46.32.99 Irving, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 63.20.2ea9.ip4.static.sl-reverse.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 14:09:34 GMT
Cache-Control: no-cache
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 14:09:33 GMT

GET
H2 204 /
events.jotform.com/form/62907196919167/ Frame 7AE6 0
298 B 154ms
143ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/62907196919167/?ref=https%253A%252F%252Fwww.hbsslaw.com%252F&res=1600x1200&eventID=1620396574314_62907196919167_9l4IbTR&loc=undefined
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/62907196919167
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 07 May 2021 10:09:34 GMT
server: cloudflare
access-control-allow-headers: origin, content-type, accept
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 64bb06ddc9664a6d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29e9a00004a6dcc149000000001
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 8889 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/211194771801150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6162
date: Fri, 07 May 2021 12:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 14:26:52 GMT

GET
H2 204 /
events.jotform.com/form/211194771801150/ Frame 8889 0
65 B 134ms
134ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/211194771801150/?ref=https%253A%252F%252Fwww.hbsslaw.com%252F&res=1600x1200&eventID=1620396574404_211194771801150_CbGYYYs&loc=undefined
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/211194771801150
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 07 May 2021 10:09:34 GMT
server: cloudflare
access-control-allow-headers: origin, content-type, accept
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 64bb06de0a494a6d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e8c29ec800004a6daa107000000001
expires: Thu, 1 Jan 1970 00:00:00 GMT

POST
H3-29 201 statistics Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ 3 B
787 B 177ms
176ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8f79e899-eb1c-415f-a471-165037fdd168
x-runtime: 0.008315
server: cloudflare
etag: W/"43974ed74066b207c30ffd0fed514676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
vary: Origin
cache-control: max-age=0, private, must-revalidate
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8c29f8f0000e00b0633c000000001
cf-ray: 64bb06df4cbfe00b-FRA
access-control-expose-headers

GET
H3-29 200 cookies Show response
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/ 405 B
1009 B 29ms
29ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5affb9be9206aff468640e95193d6f6b71f37f81ade49b9567a911acadda449

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Fri, 07 May 2021 14:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 54771
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 738570ce-d743-415e-a49a-2ac1376f51ad
x-runtime: 0.007776
server: cloudflare
etag: W/"e5affb9be9206aff468640e95193d6f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Origin, Accept-Encoding
cache-control: public, max-age=600
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cf-request-id: 09e8c2a1b40000e00bddb6d000000001
cf-ray: 64bb06e2bbe6e00b-FRA
access-control-expose-headers

OPTIONS
H3-29 200 statistics
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/ Frame 0
0 196ms
196ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/statistics

Protocol

H3-29

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8c29ee00000e00bb4b79000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bb06de1a25e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3-29 200 cookies
app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/ Frame 0
0 691ms
691ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/ab4d583d-82bd-4178-a4e5-4026a78e016d/documents/0c46bbec-489c-4a1a-b595-21e1ce78ea99/cookies

Protocol

H3-29

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.hbsslaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 07 May 2021 14:09:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers
access-control-max-age: 600
access-control-allow-headers: content-type
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 09e8c29efc0000e00b24a55000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bb06de5ae2e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 23ms
22ms Image
image/gif 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515415048606248&ev=Microdata&dl=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1620396574853&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.hbsslaw.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Flarge_focal_point%2Fpublic%2F2021-02%2FWhistle_0.jpeg%3Fh%3Dd07d10a6%26itok%3DraeUhkep%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620396574176.1952842823&it=1620396574000&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Fri, 07 May 2021 14:09:34 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1072104079/ 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072104079/?random=1620396574071&cv=9&fst=1620396000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&async=1&fmt=3&is_vtc=1&random=2014472266&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1072104079/ 42 B
64 B 56ms
56ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072104079/?random=1620396574071&cv=9&fst=1620396000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.hbsslaw.com%2Fblog%2Fwhistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ref=https%3A%2F%2Ft.co%2F&tiba=Whistleblower%20News%3A%20%2410M%20False%20Claim%20Act%20Settlement%2C%20Inside%20Hollywood%27s%20Ponzi%20Scheme%2C%20US%20SEC%20Reviewing%20Short-Selling%2C%20IRS%20Kraken%20Cryptocurrency%20Summons%20%7C%20Blog%20%7C%20Hagens%20Berman&async=1&fmt=3&is_vtc=1&random=2014472266&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pdf.svg
www.hbsslaw.com/sites/all/themes/law/images/ 3 KB
2 KB 74ms
74ms Image
image/svg+xml 2606:4700:10::6816:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hbsslaw.com/sites/all/themes/law/images/pdf.svg

Requested by

Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17023a6fee71a9778853f6f21183d79e6e071591537027097c27ea0ebf9e57d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.hbsslaw.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: image
cookie: __cfduid=df204fe3b8dddf808db6bc44335cee0191620396571; __atuvc=1%7C18; __atuvs=60954a1c8a99ed9c000; __atssc=twitter%3B1; _gcl_au=1.1.1161103645.1620396574; _ga=GA1.2.2060612376.1620396574; _gid=GA1.2.1266755141.1620396574; _dc_gtm_UA-2307371-2=1; _gat_UA-2307371-2=1; _fbp=fb.1.1620396574176.1952842823
:path: /sites/all/themes/law/images/pdf.svg
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.hbsslaw.com
referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.hbsslaw.com
Referer: https://www.hbsslaw.com/sites/default/files/css/css_VJ-Oe_wlC8nHkDS0zkrYYOcLyO3G61KB951hifbynDo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 14:09:34 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4177
x-cache: HIT
x-cache-hits: 168
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
cf-request-id: 09e8c2a0b2000005c477158000000001
x-request-id: v-c7c718b0-9c41-11eb-8a07-6738bafcaa05
last-modified: Sat, 03 Oct 2020 04:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 64bb06e11bcf05c4-FRA
expires: Tue, 11 May 2021 13:54:13 GMT

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 31ms
30ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.hbsslaw.com
URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: H29RFTJ79DG6JJEF
x-cache: HIT
content-length: 11777
x-amz-id-2: t9OLrBwfRPNcrJSFz5NXiG0kvPcuxOgw0uG5vmVUMViXRFcO7BoA8LPOd0cGkm+YUr/ARsZdDEs=
x-served-by: cache-hhn4032-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1620396575.085058,VS0,VE0
date: Fri, 07 May 2021 14:09:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 24669

GET
H/1.1 200
OK 1a2a1c6990 Show response
bam.nr-data.net/1/ 57 B
146 B 110ms
110ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1a2a1c6990?a=420215063&v=1208.49599aa&to=YwdWYUBRWkJSB01bDFpNdVZGWVtfHBRYVQZrAVVWWlU%3D&rst=3744&ck=1&ref=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons&ap=20&be=878&fe=3703&dc=2032&perf=%7B%22timing%22:%7B%22of%22:1620396571372,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:15,%22ce%22:31,%22rq%22:31,%22rp%22:847,%22rpe%22:848,%22dl%22:851,%22di%22:2032,%22ds%22:2032,%22de%22:2124,%22dc%22:3703,%22l%22:3703,%22le%22:3704%7D,%22navigation%22:%7B%7D%7D&fp=1798&fcp=1798&at=T0BVFwhLSUw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H/1.1 200
OK 1a2a1c6990 Show response
bam.nr-data.net/events/1/ 24 B
182 B 110ms
110ms XHR
image/gif 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/1a2a1c6990?a=420215063&v=1208.49599aa&to=YwdWYUBRWkJSB01bDFpNdVZGWVtfHBRYVQZrAVVWWlU%3D&rst=13744&ck=1&ref=https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.hbsslaw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.hbsslaw.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hbsslaw.com/	1970-01-19 20:16:12	Name: _fbp Value: fb.1.1620396574176.1952842823
.hbsslaw.com/	1970-01-19 18:06:36	Name: _gat_UA-2307371-2 Value: 1
.hbsslaw.com/	1970-01-19 18:06:36	Name: _dc_gtm_UA-2307371-2 Value: 1
.hbsslaw.com/	1970-01-19 18:08:02	Name: _gid Value: GA1.2.1266755141.1620396574
.hbsslaw.com/	1970-01-20 11:37:48	Name: _ga Value: GA1.2.2060612376.1620396574
www.hbsslaw.com/	1970-01-20 03:36:50	Name: __atssc Value: twitter%3B1
.hbsslaw.com/	1970-01-19 20:16:12	Name: _gcl_au Value: 1.1.1161103645.1620396574
www.hbsslaw.com/	1970-01-19 18:06:38	Name: __atuvs Value: 60954a1c8a99ed9c000
www.hbsslaw.com/	1970-01-20 03:36:50	Name: __atuvc Value: 1%7C18
.hbsslaw.com/	1970-01-19 18:49:48	Name: __cfduid Value: df204fe3b8dddf808db6bc44335cee0191620396571

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: Iframe embed detected - cant access parent, waiting for postmessage
console-api	log	URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js(Line 1) Message: Iframe embed detected - cant access parent, waiting for postmessage
console-api	debug	URL: https://app.termly.io/644.embed.min.js(Line 1) Message: [Termly] Region %o has consent_mode set to %o global opt_out
console-api	log	URL: https://app.termly.io/644.embed.min.js(Line 1) Message: TERMLY_BANNER_RENDER_FINISH:0.572s
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	log	URL: https://widgets.jotform.io/getReferrer/min/scripts.min.js(Line 1) Message: [object MessageEvent]
console-api	log	URL: https://widgets.jotform.io/getParentUrl/min/scripts.min.js(Line 1) Message: Parent URL: https://www.hbsslaw.com/blog/whistleblower-news-10m-false-claim-act-settlement-inside-hollywoods-ponzi-scheme-us-sec-reviewing-short-selling-irs-kraken-cryptocurrency-summons

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-public.addthis.com
app.termly.io
apps.form.io
bam.nr-data.net
cc.swiftype.com
cdn.form.io
cdn.jotfor.ms
cdnjs.cloudflare.com
connect.facebook.net
dashboard.whoisvisiting.com
events.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
googleads.g.doubleclick.net
iptrack.io
js-agent.newrelic.com
js.jotform.com
lltrck.com
s.swiftypecdn.com
s7.addthis.com
stats.g.doubleclick.net
t.co
unpkg.com
v1.addthisedge.com
widgets.jotform.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hbsslaw.com
www.jotform.com
z.moatads.com
104.109.85.134
104.244.42.69
142.250.186.130
143.204.209.3
151.101.114.110
151.101.12.143
162.247.242.21
169.46.32.99
185.43.144.18
2.18.235.40
2606:4700:10::6816:a81
2606:4700:11::6817:860b
2606:4700:20::681a:786
2606:4700:20::ac43:474a
2606:4700::6810:125e
2606:4700::6810:7eaf
2606:4700::6813:ff58
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a03:2880:f008:8:face:b00c:0:1
2a03:2880:f108:83:face:b00c:0:25de
35.201.118.58
50.19.224.133
65.9.73.12
0202e3eb351a553c0a62ec12b357425f66494259fea5e3f5aee204b6321f5d7d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d03df856d6430de9d2b5a3e2a28147db7511e95fa30c410e2c945ae55724ac0
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
124792b9cde1780baadb0bddc62b77f8534bbf9804306b243951b66ca2e3ab5f
13d01aacb9837a1b4cfb80ea22424285a630747175a3309675447bd0da616ddc
13ef139510911c487b640972a830e47cf6626be0322694e085cd8e547295eac0
17023a6fee71a9778853f6f21183d79e6e071591537027097c27ea0ebf9e57d0
1d5d204d662ae2f90464bee6d1e1d645169851dfab39948b23a18da5a8584585
1ed4d34b5d65315493af1084d5e41925b678c46e8d51ba37ff69fc1f232472fb
21f66b6b2cfb9dbf8f7f809afea348897644ca3601b68b8e9efa3aba8387f980
22fbee4a9b5eb45c3849b5181c8323fe16e1e0606c8c962b0cadb9bb7bd33a4a
2395ce599bba81b7b031207d511f3ccb41a68898bd02c41c0b352903f3013670
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
291b8f746f5fb8ef8dff392fee9cfabc7921aec0335fc4e15cd2633aeb383db2
2b61a86f5bf77e90dc8ed1697213fc409ba249ff7793614804c64adccf166105
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d66d6164a77d7b507bfa1362be533f4506c894f17ac309c4ff251b88b052492
2d775fdf09e5e69833bf0efd07cad8489bb287d64ff77ae1a6d684cbba907c0c
2f9999f3d4183415bbb986c0e58b70017384b48e6b0dcb7ccbc1d215002e3b63
3287389dbe681975c1266c77ab0d39476855742c683ee57f7b78c39352b5f3fd
36e5cf9ed950c66e71444d25b87a9efe55970bd13f13a1cf99208dbee0ffb500
3b7dd11934e86e14b0c123680875ce066e6daa4d16a0bfb28c1aa95e08a983f1
3c45241388a1e4c6b2341b04b1301913f89e3e70680e1407a2b1c662c14a3b31
3d18426eac41a1eee3a3a5b04d62e6160172d2f94e1d9237fbe6e7098584e9e6
3e4474d3912598121f120d315a5ba56e0434177c714cd58205c69210e6f7eacf
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
41056fd19785be571630d6e0f4175cd8324bcd6bd92d581804bb31aa60ef0572
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4573c0cb11d5c8c2f16f44d808cd8e5b947819691c0ded368dd620c99a78d4e5
47f0d3c8a81b972403831aa33843c4dffb5f95ac4078c2cce1328d8c11665498
549f8e7bfc250bc9c79034b4ce4ad860e70bc8edc6eb5281f79d6189f6f29c3a
57a0e806e84b38c432b4d3849972f62b585a1a729b446b070ba0e57c0e819600
592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
60892bdfb246e60441d0e15ea35c220ad27de1cbfdb57f6f6efa931c5ed1046e
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61df852b3a88cd42ae75991239f54c87cbb7e57f96b5973abe8068b409803fc3
62a75c450e483b341b83ace34bd3cf3663d96d1fe54aa435eabe7e3c29b4aa2b
683565ce7a9bce8dab8f70b9ea025f589c6948edc6ee3ca8ccf7271ca6922c46
6922d98774a0a69e265c6488c184c96a1f4f78f5b4439a21e3a38df22a757a24
738b01ef9417ef6b60f75afb32bdacae4b4215db0ab62e83489ca014ec89e836
7a9e007b97c4a9244efb5159e59341907269eca4a4e0071eeac001f271c6c00a
800a257ea95048ab24479e4bcd1d1642e7b8a896319afcf04f862982302adefc
815b4d0911bf35897ca426c27905c5dd1cc0d5e7757a0095ad4a9206e44e7aa6
828f3770e29f965612ea39410bc9f76107c0ee1fea6472893941d2afe84a11b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8426a5b2572b374f61df0fcfe38c7a57ee0ed672d68be9a47434f434af872b9b
84302a4f6522169b946e88e5c0548533f8bb7d9c5b9d76ab87192571a77405a9
84af298a88498d364cdbbf8d1ad819ecdaaf03a131c9148760ee4997599394e7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
89fa0404437de19a0c6e3e649e87a7916f95a5d2c9e143efcfb075d2710d7428
8de45a20fdccbf0c273572cac4ff78ac5b8727cf90ce4d58333b33c6d62895de
8ee8c48760597171c0801694c970aba742d3ba1fbb5a0215ab0da631e772d583
9328ff0fc94f93cdf8e0d0d980c7d2b62a2aac398b168b0d63237362f2648b3c
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9975cac05aa6ba85d571892ad82eb8efab98b671a6c99dab8476beb5a2ef3e68
9c12cc8f673373b997f513c36b41711757530b920e84dc2e7e0a279754724595
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a1841aabc8cd2c1544b6a42c9d02d53f4284c1bcb9882e97690fe3bf9378b97d
a2c1644b18a5956c877056ced0f545ef534e959d80c566f0e8c6cbbe75c5f095
a485f2ef59b9c933fed06c3440b12ee98b50f7e42065064a586da8232cff19f8
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a880bd834d9154c43af000edf9ce579f9dbd886c97b830c15b675c35acbb9926
ab9241a07a70085385b3b30dbf081ad3296f8a95a48bbf524c5eb74f0fc030a4
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
adc1075a4fc80b4562e539ad52c03f936caeba1ea8346a608ac074ebd20163d1
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7
b84a304dc1078de8464ae8dcc657310754618d4df3a51ec2de038c0f209c29de
b9478fbc901b65171eb9f640768880e86928545cc44dc8f4ca672a85e612e69c
b9ad0389f416cbef5a0417c7123a02a66482fd042491e765bf0c00aff099df6a
bb06133bba79a84f6dd09551c7e938c34e22452433ef71ca6a57c93c3a8fc6f0
c16921f2294f01407a6abf25c7ee6cc53809dee4845e147081f0a635ecf41aca
c623cb4efad1539745030ae09338a4933de102c0fdb3794fb7945b62206577bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4c129101af92fc044d9bc487a90fac991546374fccca5d60b38ba5fca37188f
dcef3b9770287ff1b935dd9c3b0c42513aa9bafd43197e315ecd8a2c6657060c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2909d4f73e40d0a57c97bc900cf5c1b135abea34872dd860a6707705cb442b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5affb9be9206aff468640e95193d6f6b71f37f81ade49b9567a911acadda449
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d789973acef4842753351229f16dcd3eaf7ee375dec590dde14fb333447959
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fcd2f280c8d3474c71c57445945a40009013ff9e4e3081fcfe4b03fde7011a10

www.hbsslaw.com Open in urlscan Pro 2606:4700:10::6816:a81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

113 Requests

100 %HTTPS

57 %IPv6

29 Domains

35 Subdomains

30 IPs

5 Countries

7470 kBTransfer

18621 kBSize

10 Cookies

9 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hbsslaw.com Open in urlscan Pro
2606:4700:10::6816:a81 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

100 %
HTTPS

57 %
IPv6

29
Domains

35
Subdomains

30
IPs

5
Countries

7470 kB
Transfer

18621 kB
Size

10
Cookies

113 HTTP transactions
0 data transactions