www.uslawshield.com Open in urlscan Pro
2606:4700:3108::ac42:2b48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uslawshield.com/
Effective URL:
https://www.uslawshield.com/
Submission Tags: tranco_l324
Submission: On March 05 via api (March 5th 2024, 7:05:07 am UTC) from DE — Scanned from DE

Summary HTTP 100 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 20 domains to perform 100 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b48, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.uslawshield.com.
TLS certificate: Issued by GTS CA 1P5 on February 5th 2024. Valid for: 3 months.

This is the only time www.uslawshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.184.83.239 54.184.83.239	16509 (AMAZON-02) (AMAZON-02)
1 1	54.200.148.234 54.200.148.234	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:310... 2606:4700:3108::ac42:2b48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	41.63.96.130 41.63.96.130	22822 (LLNW) (LLNW)
12	161.71.8.41 161.71.8.41	14340 (SALESFORCE) (SALESFORCE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1	99.84.88.103 99.84.88.103	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.53 99.84.88.53	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	18.202.142.190 18.202.142.190	16509 (AMAZON-02) (AMAZON-02)
2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
2	13.110.63.224 13.110.63.224	14340 (SALESFORCE) (SALESFORCE)
1	34.237.219.119 34.237.219.119	14618 (AMAZON-AES) (AMAZON-AES)
100	32

1 54.184.83.239 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-83-239.us-west-2.compute.amazonaws.com

uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.148.234 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-148-234.us-west-2.compute.amazonaws.com

uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3108::ac42:2b48 (United States)

ASN13335 (CLOUDFLARENET, US)

www.uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 41.63.96.130 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-130.hhn.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 161.71.8.41 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr4.um1-lo3.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

13324458.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-103.muc50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-53.muc50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.142.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-142-190.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.125.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

go.uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.110.63.224 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg1-c5-iad4.la4-c2-ia4.salesforceliveagent.com

d.la4-c2-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.219.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-219-119.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	uslawshield.com 2 redirects uslawshield.com — Cisco Umbrella Rank: 882051 www.uslawshield.com go.uslawshield.com	767 KB
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	1 MB
12	force.com service.force.com — Cisco Umbrella Rank: 3918	42 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 13324458.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 259	3 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2330 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7531 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7790 tracking.crazyegg.com — Cisco Umbrella Rank: 4465	36 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	93 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	521 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 92	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 jnn-pa.googleapis.com — Cisco Umbrella Rank: 218	41 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	75 KB
2	salesforceliveagent.com d.la4-c2-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 24025	5 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 5729	267 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	216 B
2	google.de www.google.de — Cisco Umbrella Rank: 6744	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
1	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5113	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	32 KB
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 11738	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
100	20

	Domain	Requested by
16	www.uslawshield.com	www.uslawshield.com static.cloudflareinsights.com
15	www.youtube.com	www.uslawshield.com www.youtube.com
12	service.force.com	www.googletagmanager.com service.force.com
6	www.googletagmanager.com	www.uslawshield.com www.googletagmanager.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	connect.facebook.net	www.uslawshield.com connect.facebook.net
2	d.la4-c2-ia4.salesforceliveagent.com	service.force.com
2	go.uslawshield.com	www.uslawshield.com go.uslawshield.com
2	pixel.sitescout.com	www.uslawshield.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.facebook.com	www.uslawshield.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	www.uslawshield.com www.youtube.com
2	13324458.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.de	www.uslawshield.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	uslawshield.com	2 redirects
1	pi.pardot.com	go.uslawshield.com
1	tracking.crazyegg.com	script.crazyegg.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	13324458.fls.doubleclick.net
1	up.pixel.ad	www.googletagmanager.com
1	static.cloudflareinsights.com	www.uslawshield.com
1	fonts.googleapis.com	www.uslawshield.com
100	32

This site contains links to these domains. Also see Links.

Domain
members.uslawshield.com
www.facebook.com
www.youtube.com
twitter.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.uslawshield.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
script.crazyegg.com E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.pixel.ad GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
*.um1.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-26` - `2024-10-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh
go.uslawshield.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
la4-c2-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-04` - `2024-07-01`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-07-23`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.uslawshield.com/
Frame ID: 3A2534EC8FB8587647EBB87F2F227F95
Requests: 70 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
Frame ID: 67A9099D3F1D982E445629C4EDCB4CB0
Requests: 27 HTTP requests in this frame

Frame: https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F
Frame ID: 5A0753BE2E4BE70158BE4CF3C7713699
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 00E10F49ABE1D919BA756A969DBFC908
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
Frame ID: 40E1FB408EE0304D1D8C12AE0F28F796
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legal Defense for Self Defense - USLawShield

Page URL History Show full URLs

http://uslawshield.com/ HTTP 301
https://uslawshield.com/ HTTP 302
https://www.uslawshield.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

100
Requests

97 %
HTTPS

64 %
IPv6

20
Domains

32
Subdomains

32
IPs

5
Countries

2946 kB
Transfer

10937 kB
Size

32
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://members.uslawshield.com/
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/USLawShield

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCzD8X6Dr-tBEy0Y_WiXlvmQ

Search URL Search Domain Scan URL

URL: https://twitter.com/uslawshield

Search URL Search Domain Scan URL

URL: https://www.instagram.com/uslawshield/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/us-law-shield/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uslawshield.com/ HTTP 301
https://uslawshield.com/ HTTP 302
https://www.uslawshield.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://13324458.fls.doubleclick.net/activityi;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F HTTP 302
https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F

Request Chain 64

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.uslawshield.com/
Redirect Chain

http://uslawshield.com/
https://uslawshield.com/
https://www.uslawshield.com/

157 KB
22 KB

2563ms
2486ms

Document
text/html

2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.15
Resource Hash: 4d8abbbdd016b83c38fbcb91978ef6e12bcc28c020c5132c8f77a1d44f6c3cf2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 85f84141eb1118da-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 07:05:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/8.2.15

Redirect headers

content-length: 212
content-type: text/html; charset=iso-8859-1
date: Tue, 05 Mar 2024 07:04:57 GMT
location: https://www.uslawshield.com/
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8

GET
H2 200 d4b2bf1825b0342521ca7f09a81c1a16.min.css
www.uslawshield.com/wp-content/uploads/fusion-styles/ 744 KB
110 KB 53ms
52ms Stylesheet
text/css 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/uploads/fusion-styles/d4b2bf1825b0342521ca7f09a81c1a16.min.css?ver=3.11.3
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5a45da49cc36bfea1f88b50a4d0288d6a9d7b66dc1bdf2fa76210858b64e6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 48551
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 15:53:35 GMT
server: cloudflare
etag: W/"b9f8b-6129b60f12629-gzip"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
access-control-max-age: *
cache-control: public, max-age=31536000
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841517c2018da-FRA

GET
H2 200 jquery.min.js Show response
www.uslawshield.com/wp-includes/js/jquery/ 86 KB
31 KB 41ms
40ms Script
application/javascript 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 48551
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Feb 2024 02:06:42 GMT
server: cloudflare
etag: W/"15601-611b28b78c319-gzip"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: *
cache-control: public, max-age=31536000
cf-ray: 85f841517c2418da-FRA
access-control-allow-headers: *

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
www.uslawshield.com/wp-content/uploads/fusion-gfonts/ 32 KB
33 KB 33ms
32ms Font
font/woff2 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/uploads/fusion-gfonts/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Request headers

Referer: https://www.uslawshield.com/
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 48271
alt-svc: h3=":443"; ma=86400
content-length: 33092
last-modified: Fri, 01 Mar 2024 15:53:31 GMT
server: cloudflare
etag: "8144-6129b60b55578"
vary: User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841517c2718da-FRA

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
981 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@700&display=swap

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

350782cf30c54fdd0e12bbcfa291a4da65ad1548a55b8a97958e00f26438919f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 06:45:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 USLS-color-logo-150px.png
www.uslawshield.com/wp-content/uploads/2023/03/ 15 KB
15 KB 639ms
639ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/03/USLS-color-logo-150px.png
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de3b6c7bcc990bf7b8e34cc9f4ac8cbfc7f1ef4d2ec16c47bcadf9bdbd426965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15100
last-modified: Tue, 07 Mar 2023 15:34:13 GMT
server: cloudflare
etag: "3afc-5f65124cdc46b"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841518c2918da-FRA
expires: Sat, 01 Mar 2025 15:53:54 GMT

GET
H2 200 f773ce03822d6ce3d4495b2b1c67c49c.min.js Show response
www.uslawshield.com/wp-content/uploads/fusion-scripts/ 524 KB
163 KB 235ms
234ms Script
application/javascript 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/uploads/fusion-scripts/f773ce03822d6ce3d4495b2b1c67c49c.min.js?ver=3.11.3
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ac268e59a8cb9a6b5b4cef7e9f21cbb8ac79f24f094dc0cc6a8ef964e6b67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 15:53:36 GMT
server: cloudflare
etag: W/"82f9b-6129b60f56beb-gzip"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: *
cache-control: max-age=2592000, public
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841518c2b18da-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 152ms
88ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.uslawshield.com/
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85f841529d1439bc-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 381 KB
111 KB 96ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

737c6836ac5335f22c7a2b41bbe69c6c9c8abc24976867f6b4bda1ec28ccda0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113416
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 WjSy9JYCtvk Show response
www.youtube.com/embed/ Frame 67A9 93 KB
40 KB 158ms
113ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f3a139511e96dfcc236b726153689832a12521cea149d5f24ca54574b5b8db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 07:05:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c76f3801654dc1c467e4ed14c31309b20cdb790e8aa9acf9817f1f50e2ffaf2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13a70056df35aa71386775407ef5af1beaf080144d63d496b4ede8b37d844603

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b73d3d790bbfa11c7abc08de86879493d4e4853f4d13ae88431c5816a250eed0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23dcc60dc30810d9ba4391298a0cc4f03180c3a6bd31da30a9e4a5d981acb8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a3e7892d2850f165570e6ae368375f7c5ea5f8a66824b624405017c40881d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dc7708d6f9236905f8a206e9ca57d0d2318331110400ac8807daf803e0b1526

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 34ms
34ms Font
font/woff2 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/uploads/fusion-styles/d4b2bf1825b0342521ca7f09a81c1a16.min.css?ver=3.11.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://www.uslawshield.com/wp-content/uploads/fusion-styles/d4b2bf1825b0342521ca7f09a81c1a16.min.css?ver=3.11.3
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 243517
alt-svc: h3=":443"; ma=86400
content-length: 78212
last-modified: Thu, 27 May 2021 02:59:26 GMT
server: cloudflare
etag: "13184-5c346f278b3b8"
vary: User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841524cbf5d6b-FRA

GET
H3 200 awb-icons.woff
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
21 KB 74ms
74ms Font
font/woff 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/uploads/fusion-styles/d4b2bf1825b0342521ca7f09a81c1a16.min.css?ver=3.11.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

Request headers

Referer: https://www.uslawshield.com/wp-content/uploads/fusion-styles/d4b2bf1825b0342521ca7f09a81c1a16.min.css?ver=3.11.3
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 243517
alt-svc: h3=":443"; ma=86400
content-length: 20884
last-modified: Mon, 19 Feb 2024 02:06:27 GMT
server: cloudflare
etag: "5194-611b28a9d39ae"
vary: User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: font/woff
access-control-allow-origin: *
access-control-max-age: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f841524cc25d6b-FRA

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 63ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:05:30 GMT
x-content-type-options: nosniff
age: 25170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15240
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:45:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 00:05:30 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 284 KB
94 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-DC5DKX7H3Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbe4a90933e7e74c10d2df2f43a955899eff19849241614ae6f9d2fba76d1672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
94 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DC5DKX7H3Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d355920ae446375bc93ea030273eb0a116c109eff59466f942b6be59704cf56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-841268444&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

744ba5d7a7fb8fd28f6b2882cf1f8cfde912c11a45f016b5b7ecdb0d12fcfd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79376
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 05:38:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5177
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 07:38:43 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 190 KB
69 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-13324458&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4f33f3878827b8763f7b048950a7cd0ce6a1cd24834d1e9d413007fab0e4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71052
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11250114112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88fa60912c15ebb7fba9298d96f5739ee77c8d128b705b4a3225dd98a7b9b79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76192
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 07:05:00 GMT

GET
H2 200 9211.js Show response
script.crazyegg.com/pages/scripts/0121/ 6 KB
2 KB 82ms
30ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0121/9211.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa312257600bf7962bcf3701e64e6f3d821115b5eaad80b3762084742715fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 42261
cf-polished: origSize=6112
ce-version: 11.5.193
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 19:20:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 85f841539c2b39be-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 07:05:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: ISNHzZ9EC/Nyu5hbzeVyO3ZKJsoxNemJZiRn1C6zgAc11Pf0DPbYqIBPtSkf0gUDpEKmQlQoh8iRigXrXk9W4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 120ms
25ms Script
application/javascript 41.63.96.130
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 41.63.96.130 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-41-63-96-130.hhn.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 241057
vary: accept-encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 3dedd2f09d6129746b8ef64c14ee8c1c

GET
H2 200 www-player.css
www.youtube.com/s/player/31eb286a/ Frame 67A9 366 KB
47 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47553
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 18:15:51 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 67A9 53 KB
17 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 16:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16861
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 16:16:28 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame 67A9 319 KB
95 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 21:42:20 GMT

GET
H2 200 base.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 67A9 2 MB
0 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796820
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Mar 2025 03:26:40 GMT

GET
H3 200 USLScolorlogonotagwhite400-200x133.png
www.uslawshield.com/wp-content/uploads/2022/09/ 20 KB
21 KB 35ms
34ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2022/09/USLScolorlogonotagwhite400-200x133.png
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83d3350aaa741727c2c7df76470879f552a427722de7fc3057348434eb57afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 34262
alt-svc: h3=":443"; ma=86400
content-length: 20684
last-modified: Fri, 02 Sep 2022 18:27:04 GMT
server: cloudflare
etag: "50cc-5e7b5e0747d21"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f84153be275d6b-FRA
expires: Sat, 01 Mar 2025 15:53:55 GMT

GET
H3 200 Home-diagram.jpg
www.uslawshield.com/wp-content/uploads/2023/04/ 19 KB
19 KB 667ms
667ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/04/Home-diagram.jpg
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01b5d4f2746cb084ed40117250025cdd817413bcb8e280e9bbb6ad5fd4c070e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 19152
last-modified: Thu, 13 Apr 2023 18:51:21 GMT
server: cloudflare
etag: "4ad0-5f93c35e59803"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f84153be2a5d6b-FRA
expires: Sat, 01 Mar 2025 15:54:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A9 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 41561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A9 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?wmode=transparent&autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 405510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 hero-scaled.jpg
www.uslawshield.com/wp-content/uploads/2023/04/ 44 KB
44 KB 279ms
279ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/04/hero-scaled.jpg
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bd2fee4c5e1a2eae8ae708f53262965b1c226fbfe65354ee8c6b4d4979294e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 44744
last-modified: Thu, 13 Apr 2023 18:50:34 GMT
server: cloudflare
etag: "aec8-5f93c331e59ab"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f84153be2e5d6b-FRA
expires: Sat, 01 Mar 2025 15:54:00 GMT

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 212ms
48ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding: gzip
Age: 38840
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8455
Expires: Tue, 05 Mar 2024 20:17:40 GMT

GET
H3 200 WjSy9JYCtvk Show response
www.youtube.com/embed/ Frame 67A9 93 KB
39 KB 87ms
86ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

385e9b387af40c48037d65f53aebfef435b08d65da4702163d6ef10bf1e05e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 07:05:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe_api Show response
www.youtube.com/ 993 B
517 B 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/uploads/fusion-scripts/f773ce03822d6ce3d4495b2b1c67c49c.min.js?ver=3.11.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 05 Mar 2024 07:05:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 74ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DC5DKX7H3Z&gtm=45je42t1v878331416z877303349za200&_p=1709622300504&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=515755995.1709622301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709622300&sct=1&seg=0&dl=https%3A%2F%2Fwww.uslawshield.com%2F&dt=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&en=qa_session_start&_fv=1&_nsi=1&_ss=1&epn.qa_minute=5&tfd=3992
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC5DKX7H3Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 77ms
25ms Ping
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DC5DKX7H3Z&cid=515755995.1709622301&gtm=45je42t1v878331416z877303349za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC5DKX7H3Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 74ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DC5DKX7H3Z&cid=515755995.1709622301&gtm=45je42t1v878331416z877303349za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=60682578

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dm... Show response
13324458.fls.doubleclick.net/ Frame 5A07
Redirect Chain

https://13324458.fls.doubleclick.net/activityi;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1...
https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe...

528 B
621 B

55ms
54ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-13324458&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

6ecd259a67d1adeb77cd1d48eb8bfd6de0597e04a97c04dc50ce9049bdcd094a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 07:05:01 GMT
expires: Tue, 05 Mar 2024 07:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 07:05:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 25ms
24ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=163162109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uslawshield.com%2F&ul=en-us&de=UTF-8&dt=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1459827205&gjid=144907948&cid=515755995.1709622301&tid=UA-45429226-7&_gid=1399547309.1709622301&_r=1&_slc=1&gtm=45He42t1n81MC2SSRGv77303349za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=312726503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/31eb286a/ Frame 67A9 366 KB
46 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:15:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47553
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 18:15:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 67A9 53 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 16:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16861
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 16:16:28 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame 67A9 319 KB
95 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97346
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 21:42:20 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 67A9 2 MB
778 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796820
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Mar 2025 03:26:40 GMT

GET
H2 200 858511754274339 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 247ms
247ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/858511754274339?v=2.9.148&r=stable&domain=www.uslawshield.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ceef7e40e66510c3059394e6889f5939cdc205d41e5a9da8bb72c7b33447d602

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 07:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: hccnvu1MR9z8snz9aAaIGnn2L1aduO3flN/7ktNQShWoiYPTB83a37suplfmARBKgAwq401VKVffGYTs4na7kA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), clipboard-read=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www.uslawshield.com.json Show response
script.crazyegg.com/pages/data-scripts/0121/9211/site/ 4 KB
2 KB 71ms
34ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0121/9211/site/www.uslawshield.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/9211.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26e5a6d57d72ef57cb60192d731cae811ac25547f370b79bb671e23ba620e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 48548
ce-version: 11.5.193
content-length: 1619
last-modified: Mon, 04 Mar 2024 17:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85f84154ea1e0497-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45429226-7&cid=515755995.1709622301&jid=1459827205&gjid=144907948&_gid=1399547309.1709622301&_u=YADAAEAAAAAAACAAI~&z=1924634713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Mar 2024 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A9 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 41561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 67A9 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 405510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/ 215 KB
67 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68331
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Mar 2025 06:58:31 GMT

GET
H3 200 USLScolor400-drk.png
www.uslawshield.com/wp-content/uploads/2023/11/ 56 KB
57 KB 35ms
35ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/11/USLScolor400-drk.png
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d2783aba1944de98e1d7c75a508e93bd905dbb4199c0fa8129e3327c4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 34267
alt-svc: h3=":443"; ma=86400
content-length: 57644
last-modified: Thu, 30 Nov 2023 02:27:23 GMT
server: cloudflare
etag: "e12c-60b5564530cb3"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f84154bf375d6b-FRA
expires: Sat, 01 Mar 2025 15:53:56 GMT

GET
H3 200 Flagbg-700.png
www.uslawshield.com/wp-content/uploads/2023/11/ 71 KB
71 KB 37ms
37ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/11/Flagbg-700.png
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9f3552ce1bf02b8b18c3ec5faa9282f3cfc84d6909d3037034ae523e222cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
cf-cache-status: HIT
age: 34267
alt-svc: h3=":443"; ma=86400
content-length: 72448
last-modified: Thu, 30 Nov 2023 02:30:40 GMT
server: cloudflare
etag: "11b00-60b5570129f45"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f84154bf395d6b-FRA
expires: Sat, 01 Mar 2025 15:53:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 91ms
46ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45429226-7&cid=515755995.1709622301&jid=1459827205&_u=YADAAEAAAAAAACAAI~&z=212217837

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45429226-7&cid=515755995.1709622301&jid=1459827205&_u=YADAAEAAAAAAACAAI~&z=212217837

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 84a07e3a698688683d493761c9786bde.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 94 KB
31 KB 30ms
30ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0121/9211.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2024 00:31:12 GMT
server: cloudflare
age: 65709
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85f841552def39be-FRA
content-length: 31373

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
2 KB 49ms
49ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 22:04:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding: gzip
Age: 32418
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1918
Expires: Tue, 05 Mar 2024 22:04:43 GMT

GET
H2 200 www.uslawshield.com.json Show response
script.crazyegg.com/pages/data-scripts/0121/9211/sampling/ 164 B
262 B 27ms
27ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0121/9211/sampling/www.uslawshield.com.json?t=474895
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fb98eb8b72ac119cc7763ec189158ecc96ddea5aa0c1db34914b026a4ca32e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 48548
ce-version: 11.5.193
content-length: 152
last-modified: Mon, 04 Mar 2024 17:35:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85f841558aad0497-FRA

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
4 KB 49ms
49ms Stylesheet
text/css 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:48:54 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding: gzip
Age: 36967
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4027
Expires: Tue, 05 Mar 2024 20:48:54 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 99ms
49ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding: gzip
Age: 38864
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5913
Expires: Tue, 05 Mar 2024 20:17:17 GMT

GET
H2 200 dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=*;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
adservice.google.com/ddm/fls/z/ Frame 5A07 42 B
401 B 97ms
53ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=*;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F

Requested by

Host: 13324458.fls.doubleclick.net
URL: https://13324458.fls.doubleclick.net/activityi;dc_pre=CK3jy6_H3IQDFbzMOwIdbzkM0Q;src=13324458;type=pv84h0;cat=allpa0;ord=7396912523425;npa=1;auiddc=1121883048.1709622301;u1=%2F;pscdl=noapi;gtm=45fe42t1z877303349za201;gcd=13l3l3l2l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.uslawshield.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://13324458.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 67A9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

29ms
29ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26b168f9fc626cad2fc34cae4ce7bd0cfadf657668a4b615276e10d2484d24ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Mar 2024 07:05:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 67A9 29 B
495 B 63ms
19ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:52:38 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Mar 2024 07:07:38 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
462 B 89ms
26ms XHR
application/json 99.84.88.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-103.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 a8d866886b5d25a5cfcb0df362279f88.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 14448094
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: DoP6A9zJlQJfiwuvZECJemt84USwpOs9tk_hMWgzzbk6tUPsZ8sCtg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
462 B 86ms
25ms XHR
application/json 99.84.88.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-53.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 843560942e8c8e57a33193254e0a9de6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 6586893
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 1JUjBuIm6OMybFWtKmNULKC3RZRkEoirDSP2mq7b0PttPG5sFQrP8Q==

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
26ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Mar 2024 07:05:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 67A9 86 KB
40 KB 37ms
37ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

edb8aa1f4514a57c660055b1a8195c5fed61b07c4722f9d06671b053ab718ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40856
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/ Frame 67A9 118 KB
33 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bb8e37f2f56e3c68f63f044471b5d20a00b400b205cba87c0c692c2f770454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34023
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:18:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Mar 2025 19:37:39 GMT

GET
H2 200 yHiuAayzh7ZXFXvbIOrPkyv85wwmgA2suXoAI6Ktxww.js Show response
www.google.com/js/th/ Frame 67A9 50 KB
20 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/yHiuAayzh7ZXFXvbIOrPkyv85wwmgA2suXoAI6Ktxww.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c878ae01acb387b657157bdb20eacf932bfce70c26800dacb97a0023a2adc70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 21:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19795
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Mar 2025 21:43:47 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/WjSy9JYCtvk/ Frame 67A9 31 KB
32 KB 81ms
33ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WjSy9JYCtvk/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGD4gVyhlMA8=&rs=AOn4CLAU2C2FZR4UxGbmuiqd59lZ-FfDwA

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f39cb815426084d988d3a0fb316192748da084592dcda0b1833aebf8f059882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32231
x-xss-protection: 0
server: sffe
etag: "1682004312"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Mar 2024 09:05:01 GMT

GET
DATA 200
OK truncated
/ Frame 67A9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OoNAA53_2dTRPdT8iscbAXJW7jt8W5LapuEQoskpgZInQAgTW1Pa9QSuROAdMDXU3QxDIuz-Fw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 67A9 3 KB
3 KB 64ms
19ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/OoNAA53_2dTRPdT8iscbAXJW7jt8W5LapuEQoskpgZInQAgTW1Pa9QSuROAdMDXU3QxDIuz-Fw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9a5bf2a591871d1a4e078fafb10461f6edb67300f1210f53afe99e7729911f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:37:53 GMT
x-content-type-options: nosniff
age: 5228
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3075
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Mar 2024 05:37:53 GMT

GET
BLOB 200
OK bf9eb34b-1912-4434-9caf-c7f7253ce229
https://www.uslawshield.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.uslawshield.com/bf9eb34b-1912-4434-9caf-c7f7253ce229
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H3 200 229261933369411 Show response
connect.facebook.net/signals/config/ 26 KB
4 KB 154ms
154ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/229261933369411?v=2.9.148&r=stable&domain=www.uslawshield.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

201fd7e6f5abf8c66fd556791c43c93fb5b06162d488aa1310c1a890c119664e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 07:05:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: KDdk9QbC3StRu1bF0uqtM7vEJRj7gGQCCk6DghzuAyKEFTtNovm1LCwFGgxXPj5hvoQQIjuliGBEPqIeK5HwAA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=858511754274339&ev=PageView&dl=https%3A%2F%2Fwww.uslawshield.com%2F&rl=&if=false&ts=1709622301175&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709622301174.684955177&cs_est=true&ler=empty&cdl=API_unavailable&it=1709622300902&coo=false&rqm=GET

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 07:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 67A9 4 KB
2 KB 106ms
60ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 07:05:01 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 67A9 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?izMj6A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 clock Show response
tracking.crazyegg.com/ 40 B
147 B 154ms
60ms XHR
text/plain 18.202.142.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1709622301213&tk=88cd90664e812152e5f2dc39b703c2c1&s=437592&p=%2F&u=1219211&v=5214c95ef05a7dbd289d2118bfb2de79506817d2&f=uslawshield.com&ul=https%3A%2F%2Fwww.uslawshield.com%2F
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/84a07e3a698688683d493761c9786bde.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.142.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-142-190.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: ea23298b4f3dab10e34a2100d815482d2347b3c94f180d6339bdca247597d7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 07:05:01 GMT
cache-control: no-store
server: awselb/2.0
content-length: 40
content-type: text/plain

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Mar 2024 07:05:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 67A9 90 B
134 B 30ms
30ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6091d96af1c1040d42c3f34571d4adb16971e3f2a38140cd6832d7e849e7e4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame 67A9 50 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 06 Mar 2024 05:37:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 18ms
18ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=229261933369411&ev=PageView&dl=https%3A%2F%2Fwww.uslawshield.com%2F&rl=&if=false&ts=1709622301334&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709622301174.684955177&ler=empty&cdl=API_unavailable&ic=fbpixel&it=1709622300902&coo=false&rqm=GET

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 07:05:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
BLOB 200
OK 32835880-8060-4817-9c0e-81c2c6ca4362
https://www.uslawshield.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.uslawshield.com/32835880-8060-4817-9c0e-81c2c6ca4362
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 00E1 0
0 116ms
41ms Document
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://www.uslawshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 05 Mar 2024 07:05:01 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A
via: 1.1 google

GET
H2 200 06ea7e84e7c88722
pixel.sitescout.com/up/ 43 B
267 B 112ms
37ms Image
image/gif 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/06ea7e84e7c88722?cntr_url=https%3A%2F%2Fwww.uslawshield.com%2F
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:01 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 200
OK pd.js Show response
go.uslawshield.com/ 5 KB
2 KB 359ms
115ms Script
application/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.uslawshield.com/pd.js
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 07:05:01 GMT
content-encoding: gzip
X-Pardot-Route: e8229a0ff18ebffc83a98010d2521dd5
last-modified: Mon, 04 Mar 2024 15:33:24 GMT
etag: "15f4-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1988
expires: Thu, 05 Mar 2026 07:05:01 GMT

GET
H/1.1 200
OK esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 40E1 379 B
1 KB 52ms
52ms Document
text/html 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

f0fd989d3d400af9d0e449aecf31cef85e4ed7394306b79f8d8fde69bc907750

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Tue, 05 Mar 2024 07:05:01 GMT
Expires: Wed, 06 Mar 2024 07:05:01 GMT
Last-Modified: Thu, 14 Sep 2023 00:07:46 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none

POST
H3 204 rum Show response
www.uslawshield.com/cdn-cgi/ 0
144 B 24ms
22ms XHR
text/plain 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.uslawshield.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.uslawshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Mar 2024 07:05:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.uslawshield.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85f84158db295d6b-FRA

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 40E1 5 KB
2 KB 50ms
50ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding: gzip
Age: 38864
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2002
Expires: Tue, 05 Mar 2024 20:17:17 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 40E1 2 KB
1 KB 49ms
49ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding: gzip
Age: 38842
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 882
Expires: Tue, 05 Mar 2024 20:17:39 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 40E1 2 KB
1 KB 41ms
41ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding: gzip
Age: 38863
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 779
Expires: Tue, 05 Mar 2024 20:17:18 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 40E1 23 KB
6 KB 49ms
49ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:48:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 01 Feb 2023 22:50:32 GMT
Content-Encoding: gzip
Age: 36987
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5265
Expires: Tue, 05 Mar 2024 20:48:34 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la4-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 19 KB
4 KB 718ms
185ms Script
text/javascript 13.110.63.224
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00Di0000000aVIW&EmbeddedServiceConfig.configName=USLS_Web_Chat&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.63.224 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg1-c5-iad4.la4-c2-ia4.salesforceliveagent.com

Software

Resource Hash

9186451247fd8efac3e535e9fd556ef5b26232a27e0af11293b303aa2c48360d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 41ms
41ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding: gzip
Age: 38841
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4540
Expires: Tue, 05 Mar 2024 20:17:40 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://service.force.com/
Origin: https://www.uslawshield.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H/1.1 200
OK Settings.jsonp Show response
d.la4-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/ 346 B
680 B 650ms
161ms Script
text/javascript 13.110.63.224
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la4-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735A000000YE7R]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725A000000YDfO&org_id=00Di0000000aVIW&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.63.224 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg1-c5-iad4.la4-c2-ia4.salesforceliveagent.com

Software

Resource Hash

25b8de6e01dbb98c4ba1972a30a4616e88872eb89586210426698515edbe6312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 41ms
41ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:48:32 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Age: 36989
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 2469
Expires: Tue, 05 Mar 2024 20:48:32 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 40E1 473 B
712 B 49ms
49ms Script
application/x-javascript 161.71.8.41
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.8.41 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr4.um1-lo3.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 20:17:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding: gzip
Age: 38862
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 231
Expires: Tue, 05 Mar 2024 20:17:19 GMT

GET
H/1.1 200
OK analytics Show response
go.uslawshield.com/ 1 KB
2 KB 494ms
494ms Script
text/javascript 18.208.125.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.uslawshield.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=220422&title=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&url=https%3A%2F%2Fwww.uslawshield.com%2F&referrer=
Requested by: Host: go.uslawshield.com
URL: https://go.uslawshield.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-125-13.compute-1.amazonaws.com
Software: /
Resource Hash: e3db767f66153f728ea44cc279920a4d8ae2c1ccae3199cfef565e6ea4d9d124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 05 Mar 2024 07:05:02 GMT
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 547
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 50 B
1 KB 435ms
210ms Script
text/javascript 34.237.219.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?conly=true&visitor_id=1203992234&visitor_id_sign=753c85aea40a393e9f1a0112edb8489d84be33a6fce0ac35c82a5469e36dd67efb4c6b847e157a5d40ea5c0d814f686069d24b26&pi_opt_in=&campaign_id=382796&account_id=220422&title=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&url=https%3A%2F%2Fwww.uslawshield.com%2F&referrer=

Requested by

Host: go.uslawshield.com
URL: https://go.uslawshield.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=null&account_id=220422&title=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&url=https%3A%2F%2Fwww.uslawshield.com%2F&referrer=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-219-119.compute-1.amazonaws.com

Software

Resource Hash

dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 05 Mar 2024 07:05:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
vary: User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 50
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Home-educate1.jpg
www.uslawshield.com/wp-content/uploads/2023/04/ 23 KB
24 KB 217ms
217ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/04/Home-educate1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f022e91499117a3145435d095e83434c32878e450ad85bd0a2c70425d42d5ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:02 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 23764
last-modified: Thu, 13 Apr 2023 18:52:48 GMT
server: cloudflare
etag: "5cd4-5f93c3b1e632d"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f8415fc9365d6b-FRA
expires: Sat, 01 Mar 2025 15:54:00 GMT

GET
H3 200 USLScolor400-drk.png
www.uslawshield.com/wp-content/uploads/2023/11/ 56 KB
57 KB 37ms
37ms Image
image/webp 2606:4700:3108::ac42:2b48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.uslawshield.com/wp-content/uploads/2023/11/USLScolor400-drk.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d2783aba1944de98e1d7c75a508e93bd905dbb4199c0fa8129e3327c4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:05:02 GMT
cf-cache-status: HIT
age: 34269
alt-svc: h3=":443"; ma=86400
content-length: 57644
last-modified: Thu, 30 Nov 2023 02:27:23 GMT
server: cloudflare
etag: "e12c-60b5564530cb3"
vary: Accept,User-Agent, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-max-age: *
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
access-control-allow-headers: *
cf-ray: 85f8415fc9385d6b-FRA
expires: Sat, 01 Mar 2025 15:53:56 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 67A9 28 B
50 B 31ms
31ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time: 1709622303155
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/WjSy9JYCtvk?autoplay=0&rel=0&playlist=WjSy9JYCtvk&loop=1&enablejsapi=1&wmode=opaque
X-YouTube-Client-Version: 1.20240227.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtIbmUzU3ZrM1FHSSiciJuvBjIKCgJERRIEEgAgIg%3D%3D
X-YouTube-Ad-Signals: dt=1709622300976&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C595%2C357&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 05 Mar 2024 07:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DC5DKX7H3Z&gtm=45je42t1v878331416z877303349za200&_p=1709622300504&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=515755995.1709622301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1709622300&sct=1&seg=0&dl=https%3A%2F%2Fwww.uslawshield.com%2F&dt=Legal%20Defense%20for%20Self%20Defense%20-%20USLawShield&_s=2&tfd=9001
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DC5DKX7H3Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uslawshield.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 07:05:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uslawshield.com/	1970-01-20 19:03:47	Name: AWSALB Value: /1pmb3xMUvUjGfipaDe76rZqCKkIL5kCCtC24d6vL6mIbqQtFlhR7FbjzQ3jF5gek4vDnna82OqmSgFBXPlmGYFJFfpH8OxlZmKjwtjV3tc+xmlQ/tmvXd+COiXe
uslawshield.com/	1970-01-20 19:03:47	Name: AWSALBCORS Value: /1pmb3xMUvUjGfipaDe76rZqCKkIL5kCCtC24d6vL6mIbqQtFlhR7FbjzQ3jF5gek4vDnna82OqmSgFBXPlmGYFJFfpH8OxlZmKjwtjV3tc+xmlQ/tmvXd+COiXe
www.uslawshield.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4sdrv36k7th13qb2rvt5edm7ar
www.uslawshield.com/	1970-01-20 19:03:47	Name: AWSALB Value: PMI5ou1EuQCxTvneu7+/PLKkEIx9+y+FVCZ+sGTYXBET3sYzMes+IFZjH/tlCq7FdiMpMgn1mrpJWKukBcMN6gcLQrDMPyxO5xGMSN/8PLPcAbAcpI3+6OE0ID49
www.uslawshield.com/	1970-01-20 19:03:47	Name: AWSALBCORS Value: PMI5ou1EuQCxTvneu7+/PLKkEIx9+y+FVCZ+sGTYXBET3sYzMes+IFZjH/tlCq7FdiMpMgn1mrpJWKukBcMN6gcLQrDMPyxO5xGMSN/8PLPcAbAcpI3+6OE0ID49
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: TSm08m8IwUc
.youtube.com/	1970-01-20 23:12:54	Name: VISITOR_INFO1_LIVE Value: Hne3Svk3QGI
.uslawshield.com/	1970-01-20 21:03:18	Name: _gcl_au Value: 1.1.1121883048.1709622301
.uslawshield.com/	1970-01-21 04:29:42	Name: _ga_DC5DKX7H3Z Value: GS1.1.1709622300.1.1.1709622300.60.0.0
.uslawshield.com/	1970-01-21 04:29:42	Name: _ga Value: GA1.2.515755995.1709622301
.uslawshield.com/	1970-01-20 18:55:08	Name: _gid Value: GA1.2.1399547309.1709622301
.uslawshield.com/	1970-01-20 18:53:42	Name: _gat_UA-45429226-7 Value: 1
www.uslawshield.com/	1970-01-21 03:39:18	Name: qa_cookie Value: 1709622300984
.doubleclick.net/	1970-01-20 18:53:43	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 23:12:54	Name: receive-cookie-deprecation Value: 1
.uslawshield.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.uslawshield.com/	1969-12-31 23:59:59	Name: cebs Value: 1
.uslawshield.com/	1970-01-20 21:03:18	Name: _fbp Value: fb.1.1709622301174.684955177
.uslawshield.com/	1970-01-20 18:55:08	Name: _ce.clock_event Value: 1
.uslawshield.com/	1970-01-20 18:55:08	Name: _ce.clock_data Value: 32%2C217.114.218.22%2C1%2Cd23861f90f98ef1cbb909ba4da09afb4
.uslawshield.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.uslawshield.com/	1970-01-21 03:39:18	Name: _ce.s Value: v~5214c95ef05a7dbd289d2118bfb2de79506817d2~lcw~1709622301372~lva~1709622301096~vpv~0~v11.fhb~1709622301371~v11.lhb~1709622301371~v11.cs~437592~v11.s~af3d0fc0-dabe-11ee-ac84-65e773dc4010~lcw~1709622301372
service.force.com/	1970-01-21 03:39:18	Name: CookieConsentPolicy Value: 0:0
service.force.com/	1970-01-21 03:39:18	Name: LSKey-c$CookieConsentPolicy Value: 0:0
.force.com/	1970-01-21 03:39:18	Name: BrowserId_sec Value: r1-MVtq-Ee6LkJ8LE-sqPg
go.uslawshield.com/	1970-01-21 04:29:42	Name: visitor_id219422 Value: 1203992234
go.uslawshield.com/	1970-01-21 04:29:42	Name: visitor_id219422-hash Value: 753c85aea40a393e9f1a0112edb8489d84be33a6fce0ac35c82a5469e36dd67efb4c6b847e157a5d40ea5c0d814f686069d24b26
go.uslawshield.com/	1970-01-20 18:53:44	Name: lpv219422 Value: aHR0cHM6Ly93d3cudXNsYXdzaGllbGQuY29tLw%3D%3D
www.uslawshield.com/	1970-01-21 04:29:42	Name: visitor_id219422 Value: 1203992234
www.uslawshield.com/	1970-01-21 04:29:42	Name: visitor_id219422-hash Value: 753c85aea40a393e9f1a0112edb8489d84be33a6fce0ac35c82a5469e36dd67efb4c6b847e157a5d40ea5c0d814f686069d24b26
.pardot.com/	1970-01-21 04:29:42	Name: visitor_id219422 Value: 1203992234
.pardot.com/	1970-01-21 04:29:42	Name: visitor_id219422-hash Value: 753c85aea40a393e9f1a0112edb8489d84be33a6fce0ac35c82a5469e36dd67efb4c6b847e157a5d40ea5c0d814f686069d24b26

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.uslawshield.com/(Line 236) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://www.uslawshield.com/(Line 499) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/(Line 499) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/858511754274339?v=2.9.148&r=stable&domain=www.uslawshield.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.uslawshield.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13324458.fls.doubleclick.net
adservice.google.com
assets-tracking.crazyegg.com
connect.facebook.net
d.la4-c2-ia4.salesforceliveagent.com
fonts.googleapis.com
fonts.gstatic.com
go.uslawshield.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
pagestates-tracking.crazyegg.com
pi.pardot.com
pixel.sitescout.com
region1.analytics.google.com
script.crazyegg.com
service.force.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
tracking.crazyegg.com
up.pixel.ad
uslawshield.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.uslawshield.com
www.youtube.com
yt3.ggpht.com
13.110.63.224
142.250.186.166
161.71.8.41
18.202.142.190
18.208.125.13
2001:4860:4802:32::36
2606:4700:3108::ac42:2b48
2606:4700::6810:3965
2606:4700::6813:9408
2a00:1450:4001:802::2004
2a00:1450:4001:802::2006
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:400c:c02::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.237.219.119
41.63.96.130
54.184.83.239
54.200.148.234
98.98.134.241
99.84.88.103
99.84.88.53
01b5d4f2746cb084ed40117250025cdd817413bcb8e280e9bbb6ad5fd4c070e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
05b85d2783aba1944de98e1d7c75a508e93bd905dbb4199c0fa8129e3327c4f0
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
13a70056df35aa71386775407ef5af1beaf080144d63d496b4ede8b37d844603
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
201fd7e6f5abf8c66fd556791c43c93fb5b06162d488aa1310c1a890c119664e
23dcc60dc30810d9ba4391298a0cc4f03180c3a6bd31da30a9e4a5d981acb8ae
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
25b8de6e01dbb98c4ba1972a30a4616e88872eb89586210426698515edbe6312
26b168f9fc626cad2fc34cae4ce7bd0cfadf657668a4b615276e10d2484d24ca
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
30bd2fee4c5e1a2eae8ae708f53262965b1c226fbfe65354ee8c6b4d4979294e
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
350782cf30c54fdd0e12bbcfa291a4da65ad1548a55b8a97958e00f26438919f
385e9b387af40c48037d65f53aebfef435b08d65da4702163d6ef10bf1e05e6a
3dc7708d6f9236905f8a206e9ca57d0d2318331110400ac8807daf803e0b1526
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40ac268e59a8cb9a6b5b4cef7e9f21cbb8ac79f24f094dc0cc6a8ef964e6b67b
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
4d8abbbdd016b83c38fbcb91978ef6e12bcc28c020c5132c8f77a1d44f6c3cf2
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cc2ce62ac6120c9603ccf6aa97b996e11b061d0d9361fe5662946bfefaeb8f1
5f3a139511e96dfcc236b726153689832a12521cea149d5f24ca54574b5b8db3
5fb98eb8b72ac119cc7763ec189158ecc96ddea5aa0c1db34914b026a4ca32e5
6091d96af1c1040d42c3f34571d4adb16971e3f2a38140cd6832d7e849e7e4fa
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bb8e37f2f56e3c68f63f044471b5d20a00b400b205cba87c0c692c2f770454b
6ecd259a67d1adeb77cd1d48eb8bfd6de0597e04a97c04dc50ce9049bdcd094a
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
737c6836ac5335f22c7a2b41bbe69c6c9c8abc24976867f6b4bda1ec28ccda0b
744ba5d7a7fb8fd28f6b2882cf1f8cfde912c11a45f016b5b7ecdb0d12fcfd15
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7aa312257600bf7962bcf3701e64e6f3d821115b5eaad80b3762084742715fc4
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7c76f3801654dc1c467e4ed14c31309b20cdb790e8aa9acf9817f1f50e2ffaf2
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
88fa60912c15ebb7fba9298d96f5739ee77c8d128b705b4a3225dd98a7b9b79c
8f39cb815426084d988d3a0fb316192748da084592dcda0b1833aebf8f059882
9186451247fd8efac3e535e9fd556ef5b26232a27e0af11293b303aa2c48360d
98a3e7892d2850f165570e6ae368375f7c5ea5f8a66824b624405017c40881d4
9a5bf2a591871d1a4e078fafb10461f6edb67300f1210f53afe99e7729911f11
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
a83d3350aaa741727c2c7df76470879f552a427722de7fc3057348434eb57afa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
b26e5a6d57d72ef57cb60192d731cae811ac25547f370b79bb671e23ba620e79
b547f4dc3a641ea60877e88584f394b904243083e5bc9b576cfd86711c9f823c
b73d3d790bbfa11c7abc08de86879493d4e4853f4d13ae88431c5816a250eed0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5a45da49cc36bfea1f88b50a4d0288d6a9d7b66dc1bdf2fa76210858b64e6b6
c878ae01acb387b657157bdb20eacf932bfce70c26800dacb97a0023a2adc70c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbe4a90933e7e74c10d2df2f43a955899eff19849241614ae6f9d2fba76d1672
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
cd9f3552ce1bf02b8b18c3ec5faa9282f3cfc84d6909d3037034ae523e222cbf
ceef7e40e66510c3059394e6889f5939cdc205d41e5a9da8bb72c7b33447d602
d355920ae446375bc93ea030273eb0a116c109eff59466f942b6be59704cf56f
d4f33f3878827b8763f7b048950a7cd0ce6a1cd24834d1e9d413007fab0e4c24
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de3b6c7bcc990bf7b8e34cc9f4ac8cbfc7f1ef4d2ec16c47bcadf9bdbd426965
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e2b3c5e1e1986c9c9f79f6635c0449c0cd5a6f68e51940557f2c986bdb23f7ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db767f66153f728ea44cc279920a4d8ae2c1ccae3199cfef565e6ea4d9d124
ea23298b4f3dab10e34a2100d815482d2347b3c94f180d6339bdca247597d7a9
ec50e4861ef5d6b8ea90d3679b6e95ea5b29195e702045b8dcd3750e5ddd36e1
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
edb8aa1f4514a57c660055b1a8195c5fed61b07c4722f9d06671b053ab718ee0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f022e91499117a3145435d095e83434c32878e450ad85bd0a2c70425d42d5ff8
f0fd989d3d400af9d0e449aecf31cef85e4ed7394306b79f8d8fde69bc907750
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6

www.uslawshield.com Open in urlscan Pro 2606:4700:3108::ac42:2b48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

64 %IPv6

20 Domains

32 Subdomains

32 IPs

5 Countries

2946 kBTransfer

10937 kBSize

32 Cookies

6 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.uslawshield.com Open in urlscan Pro
2606:4700:3108::ac42:2b48 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

64 %
IPv6

20
Domains

32
Subdomains

32
IPs

5
Countries

2946 kB
Transfer

10937 kB
Size

32
Cookies

100 HTTP transactions
8 data transactions