Submitted URL: https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs
Effective URL: https://www.uslawshield.com/member-signup/
Submission Tags: phishing malicious Search All
Submission: On March 18 via api from US

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 55 HTTP transactions. The main IP is 2606:4700:10::6814:36d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.uslawshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2020. Valid for: a year.
This is the only time www.uslawshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
14 887340.smushcdn.com www.uslawshield.com
9 service.force.com www.googletagmanager.com
service.force.com
7 www.uslawshield.com 1 redirects www.uslawshield.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com www.uslawshield.com
2 pi.pardot.com www.uslawshield.com
pi.pardot.com
2 www.facebook.com www.uslawshield.com
connect.facebook.net
2 www.google.de www.uslawshield.com
2 www.google.com www.uslawshield.com
2 connect.facebook.net www.uslawshield.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
www.uslawshield.com
2 go.mylawshield.com 1 redirects pi.pardot.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.avmws.com www.uslawshield.com
1 cdn.callrail.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 assets.uslawshield.com www.uslawshield.com
1 www.googletagmanager.com www.uslawshield.com
55 19

This site contains links to these domains. Also see Links.

Domain
members.uslawshield.com
store.uslawshield.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-06-08 -
2021-06-08
a year crt.sh
*.smushcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-22 -
2022-03-22
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.uslawshield.com
GeoTrust RSA CA 2018
2020-01-29 -
2022-02-14
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-01-19 -
2021-07-19
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
cdn.callrail.com
Amazon
2020-04-24 -
2021-05-24
a year crt.sh
*.um4.force.com
DigiCert SHA2 Secure Server CA
2020-05-11 -
2021-04-28
a year crt.sh
avantlink.com
Amazon
2020-05-27 -
2021-06-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
www.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.com
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
*.google.de
GTS CA 1O1
2021-02-23 -
2021-05-18
3 months crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA
2020-12-05 -
2021-12-04
a year crt.sh
go.mylawshield.com
R3
2021-01-19 -
2021-04-19
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.uslawshield.com/member-signup/
Frame ID: D6AACC2BBD3D3DCB9B9ED0D02D6792DC
Requests: 50 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
Frame ID: 49D64FA6D440B7B151FBD46D301BCADF
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9D... HTTP 301
    https://www.uslawshield.com/member-sign-up/ HTTP 301
    https://www.uslawshield.com/member-signup/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

55
Requests

100 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

876 kB
Transfer

2807 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs HTTP 301
    https://www.uslawshield.com/member-sign-up/ HTTP 301
    https://www.uslawshield.com/member-signup/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.uslawshield.com/member-signup/
Redirect Chain
  • https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs
  • https://www.uslawshield.com/member-sign-up/
  • https://www.uslawshield.com/member-signup/
109 KB
20 KB
Document
General
Full URL
https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.17
Resource Hash
86dd133c09e00b2a38ff76a127c57e04a54dcb11707d56c57f07dec5d42f6311

Request headers

:method
GET
:authority
www.uslawshield.com
:scheme
https
:path
/member-signup/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=da9691cd1cdceb2f1c2fc392bc2c30c7c1616081208; AWSALB=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; AWSALBCORS=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:54 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=eTqE4vzPFvnT4JUgQwML8JKwYUYOehv5wTw1BxXjz5FcXrp/pQ+yIGRTRZBn9UHOMni0RTpBCkL0y4GiwUHD/PFoH204mIJlKPeGilCE5+9fmyp0ONJ1h+FBJVLr; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/ AWSALBCORS=eTqE4vzPFvnT4JUgQwML8JKwYUYOehv5wTw1BxXjz5FcXrp/pQ+yIGRTRZBn9UHOMni0RTpBCkL0y4GiwUHD/PFoH204mIJlKPeGilCE5+9fmyp0ONJ1h+FBJVLr; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/; SameSite=None; Secure PHPSESSID=d21p8pem49oo50erqhno87arfk; path=/; secure; HttpOnly
x-powered-by
PHP/7.3.17
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,Cookie,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
08e78b5f6b00004df4b4325000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631f7b457e304df4-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Thu, 18 Mar 2021 15:26:49 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
__cfduid=da9691cd1cdceb2f1c2fc392bc2c30c7c1616081208; expires=Sat, 17-Apr-21 15:26:48 GMT; path=/; domain=.uslawshield.com; HttpOnly; SameSite=Lax AWSALB=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/ AWSALBCORS=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/; SameSite=None; Secure
location
https://www.uslawshield.com/member-signup/
cf-cache-status
DYNAMIC
cf-request-id
08e78b5cdd00004df46ca9d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631f7b416f004df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
icomoon.woff
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/
19 KB
12 KB
Font
General
Full URL
https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b

Request headers

Origin
https://www.uslawshield.com
Referer
https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:54 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 12 Mar 2020 15:59:31 GMT
server
cloudflare
etag
W/"4c68-5a0aa70359ec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff
cache-control
max-age=2592000, public
cf-ray
631f7b642bc84df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e78b729d00004df4a20d6000000001
x-robots-tag
googlebot: nofollow, otherbot: noindex, nofollow
fa-solid-900.woff2
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/
74 KB
75 KB
Font
General
Full URL
https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6

Request headers

Origin
https://www.uslawshield.com
Referer
https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:54 GMT
cf-cache-status
BYPASS
last-modified
Thu, 12 Mar 2020 15:59:31 GMT
server
cloudflare
etag
"12944-5a0aa70359ec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
x-robots-tag
googlebot: nofollow, otherbot: noindex, nofollow
accept-ranges
bytes
cf-ray
631f7b642bc94df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76100
cf-request-id
08e78b729d00004df4b4082000000001
autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
www.uslawshield.com/wp-content/cache/autoptimize/css/
1 MB
220 KB
Stylesheet
General
Full URL
https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6edf529b4627f4dcc4b90190a51281c346594cfb5b3013687474737a9f2c9db8

Request headers

Referer
https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:54 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Thu, 18 Mar 2021 02:30:00 GMT
server
cloudflare
etag
"14ff3f-5bdc6604c0916-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=2592000, public
cf-ray
631f7b642bc74df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08e78b729c00004df47ea91000000001
x-robots-tag
googlebot: nofollow, otherbot: noindex, nofollow
expires
Tue, 08 Mar 2022 15:26:54 GMT
jquery.js
www.uslawshield.com/wp-includes/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.uslawshield.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:54 GMT
content-encoding
gzip
cf-cache-status
BYPASS
last-modified
Mon, 08 Jun 2020 01:17:45 GMT
server
cloudflare
etag
"17a69-5a78860d037e4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
631f7b642bca4df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33776
cf-request-id
08e78b729d00004df47798b000000001
USLS-Wide-log375t.png
887340.smushcdn.com/2055187/wp-content/uploads/2019/10/
25 KB
25 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/uploads/2019/10/USLS-Wide-log375t.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
a4c7ef5f2ee272ecbc6544589904774326e46af9b4ddc7de9763722e8e47f856

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Wed, 10 Mar 2021 01:29:27 GMT", rule-id="expire"
last-modified
Mon, 08 Feb 2021 01:29:27 GMT
server
nginx
etag
"1a1c3809e56c6e41f52e949e48c510ae"
x-cache
HIT
smushed
origFmt=png, origSize=42505, smushRatio=40.9, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
25122
expires
Sun, 13 Mar 2022 15:26:55 GMT
USLS-Wide-log258.png
887340.smushcdn.com/2055187/wp-content/uploads/2020/06/
16 KB
16 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/uploads/2020/06/USLS-Wide-log258.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
f253e08ad2f4227896b59cebb0d7751925e3f63cc67e7e5e2151984b08fef009

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Tue, 09 Mar 2021 20:03:04 GMT", rule-id="expire"
last-modified
Sun, 07 Feb 2021 20:03:04 GMT
server
nginx
etag
"e72be08dfd0e363aebd3ab0c50f9b5c6"
x-cache
HIT
smushed
origFmt=png, origSize=25641, smushRatio=36.34, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
16322
expires
Sun, 13 Mar 2022 15:26:55 GMT
membership-card.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
14 KB
15 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/membership-card.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
53bd10dd75a5f3a9eedc6c232a0700b5c78b669699c36c3b5ed1d4d65801af68

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:16:59 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:16:59 GMT
server
nginx
etag
"0106314cb75c60b6302e7d17947426d3"
x-cache
HIT
smushed
origFmt=png, origSize=22097, smushRatio=33.07, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
14790
expires
Sun, 13 Mar 2022 15:26:55 GMT
checkmark-rev.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
658 B
983 B
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/checkmark-rev.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
a1290a8ce5663fa52e0e74756ced32c5b2f0d1a260fae724d5dd76cbb8f7102b

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:16:59 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:16:59 GMT
server
nginx
etag
"20a9d5b23112b1950a0636d1149d6ef2"
x-cache
MISS
smushed
origFmt=png, origSize=1996, smushRatio=67.03, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
658
expires
Sun, 13 Mar 2022 15:26:55 GMT
membership-card-dual.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
14 KB
15 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/membership-card-dual.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
f6ae74b97bdbf24e02d6cb3d502d37644a6b1e8726859b4147d88eb3709dd1fd

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:17:00 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:17:00 GMT
server
nginx
etag
"17311397be65b43b8aaf431d0920a8a1"
x-cache
MISS
smushed
origFmt=png, origSize=22735, smushRatio=35.66, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
14628
expires
Sun, 13 Mar 2022 15:26:55 GMT
icon-coverage-multi-state.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
2 KB
3 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-coverage-multi-state.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
8a531cb849fcf45225c9f8085787fb0031fd2b0af4d810e4e0a3283f36f95950

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Sat, 10 Apr 2021 18:06:10 GMT", rule-id="expire"
last-modified
Thu, 11 Mar 2021 18:06:10 GMT
server
nginx
etag
"e410b6620231317658904e6b101feaf1"
x-cache
MISS
smushed
origFmt=png, origSize=5582, smushRatio=55.54, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
2482
expires
Sun, 13 Mar 2022 15:26:55 GMT
icon-gitc-go-id.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
2 KB
3 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-gitc-go-id.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
639f70a332aef4f1f1b7d19bc4d488a6d387ccc3dbcdf2be347bbeec497442d1

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:17:00 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:17:00 GMT
server
nginx
etag
"8f7d62acf8c8b6f4b37262b751c49af3"
x-cache
MISS
smushed
origFmt=png, origSize=6821, smushRatio=64.49, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
2422
expires
Sun, 13 Mar 2022 15:26:55 GMT
icon-huntershield.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
4 KB
4 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-huntershield.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
524f29d24ed1bffe4c359e17c19ce802f2108a971b66a16c6b179ce0718538db

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:17:01 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:17:01 GMT
server
nginx
etag
"92a80cc84ded96aac19a90cdcc3927a9"
x-cache
MISS
smushed
origFmt=png, origSize=9282, smushRatio=56.13, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
4072
expires
Sun, 13 Mar 2022 15:26:55 GMT
icon-bail-bonds.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
2 KB
3 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-bail-bonds.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
dade2dcd89b6a4a6f9da0e74d32137481d9726ad4aa91b520a589b29c33eeabd

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
last-modified
Thu, 11 Mar 2021 21:44:29 GMT
server
nginx
x-cache
HIT
smushed
origFmt=png, origSize=5543, smushRatio=54.97, originCache=MISS
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
2496
expires
Sun, 13 Mar 2022 15:26:55 GMT
icon-minor-children.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
2 KB
2 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-minor-children.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
df7f9a972d0ddc29417ac48e0432453da2d54c08df0bcc3ec0079204194be898

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 14:18:40 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 14:18:40 GMT
server
nginx
etag
"bc7dad28fd6468148df04a542fbcba2c"
x-cache
MISS
smushed
origFmt=png, origSize=4954, smushRatio=64.68, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
1750
expires
Sun, 13 Mar 2022 15:26:55 GMT
padlock.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
836 B
1 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/padlock.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
cad04572ea3e9fc8e04e18d3d768fd7728b0483f40cb0fe16df4c8b01aaad265

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Sat, 10 Apr 2021 21:44:29 GMT", rule-id="expire"
last-modified
Thu, 11 Mar 2021 21:44:29 GMT
server
nginx
etag
"485f3db3f16df12cafb4444d67b7fdf3"
x-cache
MISS
smushed
origFmt=png, origSize=2455, smushRatio=65.95, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
836
expires
Sun, 13 Mar 2022 15:26:55 GMT
digicert-seal.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
6 KB
6 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/digicert-seal.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
44d88ba3bfd0adde25e287ae840b4c802e4b021155194cf5c00ce17d7cb69cfd

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Sat, 10 Apr 2021 21:44:30 GMT", rule-id="expire"
last-modified
Thu, 11 Mar 2021 21:44:30 GMT
server
nginx
etag
"e0ddcf8dd8f6ded4be7b63cba4c0227b"
x-cache
MISS
smushed
origFmt=png, origSize=9977, smushRatio=40.28, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
5958
expires
Sun, 13 Mar 2022 15:26:55 GMT
cc-visa-active.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/cc_icons/
812 B
1 KB
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/cc_icons/cc-visa-active.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
3e5d77ba32f77bc87f1601b1824a5c47e6b00090fa762d60580937d31137237f

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:17:01 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:17:01 GMT
server
nginx
etag
"5d4097e6a098030155459567d0ea4862"
x-cache
MISS
smushed
origFmt=png, origSize=2119, smushRatio=61.68, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
812
expires
Sun, 13 Mar 2022 15:26:55 GMT
checkmark.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/
658 B
984 B
Image
General
Full URL
https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/checkmark.png?lossy=1&strip=1&webp=1
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
33bf358c9e48bf7750bf2193e7d55451419928af1a1f6621aad8c9dcecf1c6cf

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration
expiry-date="Fri, 09 Apr 2021 12:17:04 GMT", rule-id="expire"
last-modified
Wed, 10 Mar 2021 12:17:04 GMT
server
nginx
etag
"745b247bb76a05e2a49ec96313b9bb98"
x-cache
MISS
smushed
origFmt=png, origSize=2103, smushRatio=68.71, originCache=HIT
cache-control
max-age=31104000
accept-ranges
bytes
content-type
image/webp
content-length
658
expires
Sun, 13 Mar 2022 15:26:55 GMT
autoptimize_09d81659764881ad2ba4c814c1cba12f.js
www.uslawshield.com/wp-content/cache/autoptimize/js/
164 KB
38 KB
Script
General
Full URL
https://www.uslawshield.com/wp-content/cache/autoptimize/js/autoptimize_09d81659764881ad2ba4c814c1cba12f.js
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d67a94653f5f716302fd92b153744ba088febb3d45c09d6f613aabcaf37063d2

Request headers

Referer
https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
gzip
cf-cache-status
BYPASS
cf-ray
631f7b6d896c4df4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38058
cf-request-id
08e78b787200004df4dfb37000000001
last-modified
Thu, 18 Mar 2021 02:29:54 GMT
server
cloudflare
etag
"29102-5bdc65ffa8db2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
x-robots-tag
googlebot: nofollow, otherbot: noindex, nofollow
expires
Tue, 08 Mar 2022 15:26:56 GMT
gtm.js
www.googletagmanager.com/
153 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c2c6db2f21d63c05097664a91c7d3c89505a0010c411d3393034f76c6b01560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44969
x-xss-protection
0
last-modified
Thu, 18 Mar 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Mar 2021 15:26:56 GMT
subheader-sky-bg1.2.jpg
assets.uslawshield.com/web/2020/
80 KB
80 KB
Image
General
Full URL
https://assets.uslawshield.com/web/2020/subheader-sky-bg1.2.jpg
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.17.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-17-137.us-west-2.compute.amazonaws.com
Software
Apache/2.4.34 () OpenSSL/1.0.2k-fips /
Resource Hash
e657b6b291ae0ec0a68f9845ff9bbb59cb945d7baa5f2e008778b174f7ba1294

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 15:26:56 GMT
Last-Modified
Tue, 12 Nov 2019 17:06:31 GMT
Server
Apache/2.4.34 () OpenSSL/1.0.2k-fips
Upgrade
h2,h2c
ETag
"1402c-59729450593c0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
X-Robots-Tag
googlebot: nofollow, otherbot: noindex, nofollow
Keep-Alive
timeout=5, max=100
Content-Length
81964
jizaRExUiTo99u79D0KEw8OPIDU.woff
fonts.gstatic.com/s/ptsans/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KEw8OPIDU.woff
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.uslawshield.com
Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 18:17:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:12 GMT
server
sffe
age
76179
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14256
x-xss-protection
0
expires
Thu, 17 Mar 2022 18:17:16 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
fonts.gstatic.com/s/montserrat/v15/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.uslawshield.com
Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 23:48:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:51 GMT
server
sffe
age
56296
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16888
x-xss-protection
0
expires
Thu, 17 Mar 2022 23:48:39 GMT
conversion_async.js
www.googleadservices.com/pagead/
34 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13204
x-xss-protection
0
server
cafe
etag
4463060295041814852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Mar 2021 15:26:56 GMT
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
7111
date
Thu, 18 Mar 2021 13:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 18 Mar 2021 15:28:25 GMT
bat.js
bat.bing.com/
28 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:55 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref
Ref A: 9BD44DB901A0444AAE44F3830555ECA7 Ref B: FRAEDGE1320 Ref C: 2021-03-18T15:26:56Z
etag
"804e75f6fd11d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8562
fbevents.js
connect.facebook.net/en_US/
91 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
O1UL3XzeUQ1rfXOO2JktWuDQdhQ9nfcT/WDqc7dPiqoSV+bSf1Kj2k9n/pnFAzHtKJhWhNeji7OzxF+1x1tXfQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 18 Mar 2021 15:26:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
swap.js
cdn.callrail.com/companies/711538876/399ccc9452556937830d/12/
32 B
312 B
Script
General
Full URL
https://cdn.callrail.com/companies/711538876/399ccc9452556937830d/12/swap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.38.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-38-21.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime
0.005593
date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
etag
W/"d18beba8a6db32dd84b24258cf6542ac"
content-type
text/javascript; charset=utf-8
status
200 OK
cache-control
max-age=3600, public
timing-allow-origin
*
x-request-id
679fe543-ac1b-4d13-976a-cca2319ebf9c
esw.min.js
service.force.com/embeddedservice/5.0/
29 KB
8 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 14:51:41 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 25 Feb 2021 23:50:58 GMT
Age
2115
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8189
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 14:51:41 GMT
/
cdn.avmws.com/1017369/
4 KB
2 KB
Script
General
Full URL
https://cdn.avmws.com/1017369/
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-47.dus51.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
cab65733e246e68a5c038ac55119349cb9711ef251b163a15f8419a1fcaa58c9

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 14:31:32 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 16:36:55 GMT
server
Apache/2.4.29 (Ubuntu)
age
3324
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
content-length
1598
x-amz-cf-id
emJuklvlDAIRe0lgPdqjnnCterDrCKovf-Mx1mWB3NtDO_hscw-KOQ==
collect
www.google-analytics.com/j/
2 B
129 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=976742417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&ul=en-us&de=UTF-8&dt=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=2052767689&gjid=1230133266&cid=481555827.1616081216&tid=UA-45429226-7&_gid=777636308.1616081216&_r=1&gtm=2wg3a0MC2SSRG&z=307904888
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.uslawshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
90 KB
35 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NTW3LM6&t=gtm3&cid=481555827.1616081216
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52cf8985332cf3fafa3b26d9b0c776d16889c25cdb2b227af14b39218daaf884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35986
x-xss-protection
0
expires
Thu, 18 Mar 2021 15:26:56 GMT
collect
stats.g.doubleclick.net/j/
4 B
449 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&gjid=1230133266&_gid=777636308.1616081216&_u=YEBAAEACQAAAAC~&z=893255692
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Mar 2021 15:26:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.uslawshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
858511754274339
connect.facebook.net/signals/config/
241 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/858511754274339?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc0c87ec14bb00fc9f0c9e58947d3d74c6aa3653457f3e644a1691d53fb7d166
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70580
x-fb-rlafr
0
pragma
public
x-fb-debug
zD1s5S4VTnZ4D6+55veAkg+i29q0sQ+bvkcn/Rqv9gZz2mkgfX7M/F4btDBnahVrElNF8o+CmvtKM16Kmqnn2w==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 18 Mar 2021 15:26:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26022168&tm=gtm001&Ver=2&mid=e50a2d51-8392-4907-9f11-a7c67b3d536c&sid=5fe2a26087fe11eba5d577b8d7763c34&vid=5fe5a78087fe11ebb88e9f36d7aee51c&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&p=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=436781
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 18 Mar 2021 15:26:55 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 04D5B1FAC3F24B718129F75ACB67FCC4 Ref B: FRAEDGE1320 Ref C: 2021-03-18T15:26:56Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/841268444/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/841268444/?random=1616081216531&cv=9&fst=1616081216531&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc6025074efe149cf40c9abbf9e2be0844679f02a07ac12199bd7b2ae6e0ac49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1025
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCnAw.woff
fonts.gstatic.com/s/oswald/v36/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCnAw.woff
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94d09ca2715fa8e5be5629022f39a7751c6136ff90c40302c155a6610392afce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.uslawshield.com
Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 09:17:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:33:09 GMT
server
sffe
age
22139
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12836
x-xss-protection
0
expires
Fri, 18 Mar 2022 09:17:57 GMT
common.min.js
service.force.com/embeddedservice/5.0/utils/
3 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 15:12:26 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 12 Oct 2020 17:50:42 GMT
Age
870
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1254
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 15:12:26 GMT
ga-audiences
www.google.com/ads/
42 B
505 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&_u=YEBAAEACQAAAAC~&z=303259357
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
505 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&_u=YEBAAEACQAAAAC~&z=303259357
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
411 B
Image
General
Full URL
https://www.facebook.com/tr/?id=858511754274339&ev=PageView&dl=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&rl=&if=false&ts=1616081216859&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616081216823.1540399351&it=1616081216492&coo=false&rqm=GET
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 15:26:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 18 Mar 2021 15:26:56 GMT
/
www.google.com/pagead/1p-user-list/841268444/
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/841268444/?random=1616081216531&cv=9&fst=1616079600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&async=1&fmt=3&is_vtc=1&random=3408242714&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/841268444/
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/841268444/?random=1616081216531&cv=9&fst=1616079600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&async=1&fmt=3&is_vtc=1&random=3408242714&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esw.min.css
service.force.com/embeddedservice/5.0/
8 KB
4 KB
Stylesheet
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 14:51:47 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
2109
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
3946
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 14:51:47 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/
19 KB
6 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 15:20:31 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 16 Dec 2020 22:24:06 GMT
Age
385
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5560
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 15:20:31 GMT
pd.js
pi.pardot.com/
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 15:26:57 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
Last-Modified
Fri, 13 Mar 2020 19:42:43 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Sat, 18 Mar 2023 15:26:57 GMT
Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 49D6
194 B
954 B
Document
General
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
service.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.uslawshield.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.uslawshield.com/

Response headers

Date
Thu, 18 Mar 2021 15:26:56 GMT
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
public,max-age=86400
Set-Cookie
BrowserId=YC2opYf-EeuDojk4fWyNdw; domain=.force.com; path=/; expires=Fri, 18-Mar-2022 15:26:56 GMT; Max-Age=31536000 BrowserId_sec=YC2opYf-EeuDojk4fWyNdw; domain=.force.com; path=/; expires=Fri, 18-Mar-2022 15:26:56 GMT; Max-Age=31536000; secure; SameSite=None
Expires
Fri, 19 Mar 2021 15:26:56 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Content-Type
text/html;charset=UTF-8
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame 49D6
4 KB
2 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 15:12:57 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
840
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1706
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 15:12:57 GMT
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 49D6
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 12:20:22 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
11195
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
743
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 12:20:22 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 49D6
2 KB
1 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 14:52:00 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Age
2097
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
795
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 14:52:00 GMT
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 49D6
22 KB
5 KB
Script
General
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl1-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 11:31:36 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 28 Jan 2021 03:59:54 GMT
Age
14121
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4993
X-XSS-Protection
1; mode=block
Expires
Fri, 19 Mar 2021 11:31:36 GMT
/
www.facebook.com/tr/
0
110 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarykQdubYJK4w8xcTnz

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 18 Mar 2021 15:26:57 GMT
content-type
text/plain
access-control-allow-origin
https://www.uslawshield.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
analytics
pi.pardot.com/
2 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
144da1cca2d95e007e5be33b4b961d8a27fa2a2c9bb246cc4677b6ea548ebdc8

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 15:26:57 GMT
Content-Encoding
gzip
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp
16/64/133
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
859
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.mylawshield.com/
52 B
1 KB
Script
General
Full URL
https://go.mylawshield.com/analytics?conly=true&visitor_id=662615400&visitor_id_sign=24801c273161d9df7af4679f0ef0a05f381944678a55800353e27e1dfade6efcb552f67719d1039082da6c9a0baeb47277fd4963&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-4-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825

Request headers

Referer
https://www.uslawshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Mar 2021 15:26:57 GMT
X-Pardot-Route
d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB
a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp
16/84/194
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
52
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| gtm4wp_datalayer_name object| dataLayer undefined| $ function| jQuery object| dataLayer_content object| doc boolean| pageReloaded boolean| initializePlanLoaded boolean| checkAddonsOnEmailLoadComplete function| getServerCreds function| getProductVals string| siteURL string| piCId string| piAId string| piHostname object| usls_route object| fusionTypographyVars function| getUrlParameterAllPages function| setCookie function| getCookie string| issetCookie function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _AvantMetrics undefined| AvantMetrics function| AvantMetricsFunction function| todaysDate function| Dollar function| show_secure_input function| hide_secure_input function| validate_required function| validate_dropdown function| validate_zip function| validate_address function| validate_name function| validate_email function| validate_phone function| yearSelect function| validate_credit_card function| valid_credit_card function| validate_cc_expiration function| validate_cvv function| duplicate_email function| alphanumeric function| validate_member_number function| validate_url function| validate_dropdown_check function| validate_zip_check function| validate_address_check function| validate_name_check function| validate_email_check function| validate_phone_check function| validate_credit_card_check function| valid_credit_card_check function| validate_cc_expiration_check function| validate_cvv_check function| accordian01 function| accordian02 function| accordian03 function| accordian04 function| choose_state_me function| hideShow function| abandondedCartPush function| abcartEmailChange function| gtmAbcartStepPush number| currentTab function| showTab function| nextPrev function| minTwoDigits function| fixStepIndicator function| stepProgressBar object| back object| next object| steps function| nextStep function| prevStep function| preselect function| openCoverageBox function| makeMeSingle function| makeMeDouble function| makeMeAnnual function| makeMeMonthly function| makeMeOneTime function| addonsPerState function| clearAddonsAll function| single_or_double function| annual_or_monthly_or_onetime function| addAddOnSidebar function| removeAddOnSidebar function| highlightButtons function| home_address_toggle function| openModal function| cc_format function| formated_cc function| topFunction function| submit_form function| validate_signup_form_on_submit function| validate_signup_final_submit_form_on_submit function| changeOnKey function| specialFunctions function| forceAddonProduct function| notAllowedAddons function| leoActiveRetiredPromoSwap function| addonCheckSwap function| applyInitialCosts function| buildAddons function| resetPromotion function| getPromotion function| termPromo function| getOneTimeDiscount function| convertPercentDiscount function| applyRecurringBaseDiscount function| getAddonInputId function| transferHiddenAddonInputId function| selectAddon function| reselectAddons function| getSelectedAddons function| getAllAddons function| selectAndDisableAddon function| deselectAndHideAddon function| reviewAddonText function| updateAddonPrice function| applyRecurringAddonDiscount function| updateOneTimeDiscount function| getAddonTotals function| getSetupFeeCost function| removeSetupFeeCost function| getRecurringDiscount function| createPromotionFields function| updateTotalCost function| applyPromotion function| urlAddons function| getRegionID string| planObj function| initializePlan string| addonObj function| initializeAddons function| promoCheck function| planAddonAJAX function| getUrlParameter function| huntershieldCheck function| stateSpecificMSG function| DBDupCheck function| viewProgramTerms function| toggle_visibility function| changeStateFields function| fortegra function| validatePhysicalAddress function| validateMemberAddress function| validateBillingAddress function| validateEmail function| validateMemberEmail function| validateSecondaryEmail object| secondary_member_toggle function| getAddOns object| fusion function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| bootstrap object| jQuery112407219536608806347 number| j object| Modernizr object| wp string| responsiveTypeElements string| fusionBaseFontSize object| embedded_svc function| initESW undefined| s number| runOnce object| google_optimize function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property function| piResponse

12 Cookies

Domain/Path Name / Value
.uslawshield.com/ Name: _uetvid
Value: 5fe5a78087fe11ebb88e9f36d7aee51c
.uslawshield.com/ Name: _gcl_au
Value: 1.1.367187963.1616081216
.uslawshield.com/ Name: _gat_UA-45429226-7
Value: 1
.force.com/ Name: BrowserId_sec
Value: YC2opYf-EeuDojk4fWyNdw
www.uslawshield.com/ Name: AWSALB
Value: uiEf8Eho614lRPnQ6bO3c6qhDCIdgOdjLTCGj7BudmkKlktHybkcH9peXJqkuPyyYEFiAy0sD3BtsG5bRJuhzkXW2V0k9vi6rwzPUkABhwg7wygYjP5eXmDVqmTq
.uslawshield.com/ Name: _fbp
Value: fb.1.1616081216823.1540399351
.uslawshield.com/ Name: _ga
Value: GA1.2.481555827.1616081216
.uslawshield.com/ Name: __cfduid
Value: da58f1b203caccc2e66bf65f1f05562da1616081214
www.uslawshield.com/ Name: AWSALBCORS
Value: uiEf8Eho614lRPnQ6bO3c6qhDCIdgOdjLTCGj7BudmkKlktHybkcH9peXJqkuPyyYEFiAy0sD3BtsG5bRJuhzkXW2V0k9vi6rwzPUkABhwg7wygYjP5eXmDVqmTq
www.uslawshield.com/ Name: PHPSESSID
Value: d21p8pem49oo50erqhno87arfk
.uslawshield.com/ Name: _gid
Value: GA1.2.777636308.1616081216
.uslawshield.com/ Name: _uetsid
Value: 5fe2a26087fe11eba5d577b8d7763c34

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.uslawshield.com/member-signup/(Line 127)
Message:
[object Object]
console-api log URL: https://www.uslawshield.com/member-signup/(Line 1858)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

887340.smushcdn.com
assets.uslawshield.com
bat.bing.com
cdn.avmws.com
cdn.callrail.com
connect.facebook.net
fonts.gstatic.com
go.mylawshield.com
googleads.g.doubleclick.net
pi.pardot.com
service.force.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.uslawshield.com
13.226.159.47
151.139.240.27
161.71.0.38
172.217.16.130
2606:4700:10::6814:36d8
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.174.151.106
52.43.17.137
52.55.38.21
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878
0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144da1cca2d95e007e5be33b4b961d8a27fa2a2c9bb246cc4677b6ea548ebdc8
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf
33bf358c9e48bf7750bf2193e7d55451419928af1a1f6621aad8c9dcecf1c6cf
3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8
3e5d77ba32f77bc87f1601b1824a5c47e6b00090fa762d60580937d31137237f
435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6
44d88ba3bfd0adde25e287ae840b4c802e4b021155194cf5c00ce17d7cb69cfd
524f29d24ed1bffe4c359e17c19ce802f2108a971b66a16c6b179ce0718538db
52cf8985332cf3fafa3b26d9b0c776d16889c25cdb2b227af14b39218daaf884
53bd10dd75a5f3a9eedc6c232a0700b5c78b669699c36c3b5ed1d4d65801af68
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd
639f70a332aef4f1f1b7d19bc4d488a6d387ccc3dbcdf2be347bbeec497442d1
6edf529b4627f4dcc4b90190a51281c346594cfb5b3013687474737a9f2c9db8
6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462
7c2c6db2f21d63c05097664a91c7d3c89505a0010c411d3393034f76c6b01560
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dd133c09e00b2a38ff76a127c57e04a54dcb11707d56c57f07dec5d42f6311
8a531cb849fcf45225c9f8085787fb0031fd2b0af4d810e4e0a3283f36f95950
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
94d09ca2715fa8e5be5629022f39a7751c6136ff90c40302c155a6610392afce
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1290a8ce5663fa52e0e74756ced32c5b2f0d1a260fae724d5dd76cbb8f7102b
a4c7ef5f2ee272ecbc6544589904774326e46af9b4ddc7de9763722e8e47f856
bc0c87ec14bb00fc9f0c9e58947d3d74c6aa3653457f3e644a1691d53fb7d166
bc6025074efe149cf40c9abbf9e2be0844679f02a07ac12199bd7b2ae6e0ac49
be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b
cab65733e246e68a5c038ac55119349cb9711ef251b163a15f8419a1fcaa58c9
cad04572ea3e9fc8e04e18d3d768fd7728b0483f40cb0fe16df4c8b01aaad265
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d67a94653f5f716302fd92b153744ba088febb3d45c09d6f613aabcaf37063d2
dade2dcd89b6a4a6f9da0e74d32137481d9726ad4aa91b520a589b29c33eeabd
dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df7f9a972d0ddc29417ac48e0432453da2d54c08df0bcc3ec0079204194be898
e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e657b6b291ae0ec0a68f9845ff9bbb59cb945d7baa5f2e008778b174f7ba1294
e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f253e08ad2f4227896b59cebb0d7751925e3f63cc67e7e5e2151984b08fef009
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f6ae74b97bdbf24e02d6cb3d502d37644a6b1e8726859b4147d88eb3709dd1fd