www.uslawshield.com Open in urlscan Pro
2606:4700:10::6814:36d8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs
Effective URL:
https://www.uslawshield.com/member-signup/
Submission Tags: phishing malicious Search All
Submission: On March 18 via api (March 18th 2021, 3:27:13 pm UTC) from US

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 55 HTTP transactions. The main IP is 2606:4700:10::6814:36d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.uslawshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2020. Valid for: a year.

This is the only time www.uslawshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	35.174.151.106 35.174.151.106	14618 (AMAZON-AES) (AMAZON-AES)
1 7	2606:4700:10:... 2606:4700:10::6814:36d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	151.139.240.27 151.139.240.27	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	52.43.17.137 52.43.17.137	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.55.38.21 52.55.38.21	14618 (AMAZON-AES) (AMAZON-AES)
9	161.71.0.38 161.71.0.38	14340 (SALESFORCE) (SALESFORCE)
1	13.226.159.47 13.226.159.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
55	18

4 35.174.151.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-4-ue1.aws.pardot.com

go.mylawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:36d8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.139.240.27 (United States)

ASN33438 (HIGHWINDS2, US)

887340.smushcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.17.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-17-137.us-west-2.compute.amazonaws.com

assets.uslawshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.38.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-38-21.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 161.71.0.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-lhr3.um4-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-47.dus51.r.cloudfront.net

cdn.avmws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	smushcdn.com 887340.smushcdn.com	95 KB
9	force.com service.force.com	31 KB
8	uslawshield.com 1 redirects www.uslawshield.com assets.uslawshield.com	480 KB
3	google-analytics.com www.google-analytics.com	54 KB
3	gstatic.com fonts.gstatic.com	44 KB
2	pardot.com pi.pardot.com	4 KB
2	facebook.com www.facebook.com	521 B
2	google.de www.google.de	1 KB
2	google.com www.google.com	1 KB
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	facebook.net connect.facebook.net	94 KB
2	bing.com bat.bing.com	9 KB
2	mylawshield.com 1 redirects go.mylawshield.com	2 KB
1	avmws.com cdn.avmws.com	2 KB
1	callrail.com cdn.callrail.com	312 B
1	googleadservices.com www.googleadservices.com	13 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
55	17

	Domain	Requested by
14	887340.smushcdn.com	www.uslawshield.com
9	service.force.com	www.googletagmanager.com service.force.com
7	www.uslawshield.com	1 redirects www.uslawshield.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	www.uslawshield.com
2	pi.pardot.com	www.uslawshield.com pi.pardot.com
2	www.facebook.com	www.uslawshield.com connect.facebook.net
2	www.google.de	www.uslawshield.com
2	www.google.com	www.uslawshield.com
2	connect.facebook.net	www.uslawshield.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.uslawshield.com
2	go.mylawshield.com	1 redirects pi.pardot.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.avmws.com	www.uslawshield.com
1	cdn.callrail.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	assets.uslawshield.com	www.uslawshield.com
1	www.googletagmanager.com	www.uslawshield.com
55	19

This site contains links to these domains. Also see Links.

Domain
members.uslawshield.com
store.uslawshield.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-08` - `2021-06-08`	a year	crt.sh
*.smushcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.uslawshield.com GeoTrust RSA CA 2018	`2020-01-29` - `2022-02-14`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
cdn.callrail.com Amazon	`2020-04-24` - `2021-05-24`	a year	crt.sh
*.um4.force.com DigiCert SHA2 Secure Server CA	`2020-05-11` - `2021-04-28`	a year	crt.sh
avantlink.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
go.mylawshield.com R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.uslawshield.com/member-signup/
Frame ID: D6AACC2BBD3D3DCB9B9ED0D02D6792DC
Requests: 50 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
Frame ID: 49D64FA6D440B7B151FBD46D301BCADF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9D... HTTP 301
https://www.uslawshield.com/member-sign-up/ HTTP 301
https://www.uslawshield.com/member-signup/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

55
Requests

100 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

876 kB
Transfer

2807 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://members.uslawshield.com/
Title: Log In

Search URL Search Domain Scan URL

URL: https://store.uslawshield.com/
Title: STORE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs HTTP 301
https://www.uslawshield.com/member-sign-up/ HTTP 301
https://www.uslawshield.com/member-signup/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.uslawshield.com/member-signup/
Redirect Chain

https://go.mylawshield.com/e/219422/member-sign-up-/m3r93w/1222338238?h=IKirzoaBML6BoQnvvuAdYQ1OIQ_A-9DJEowyb4-lvjs
https://www.uslawshield.com/member-sign-up/
https://www.uslawshield.com/member-signup/

109 KB
20 KB

4896ms
4895ms

Document
text/html

2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.17
Resource Hash: 86dd133c09e00b2a38ff76a127c57e04a54dcb11707d56c57f07dec5d42f6311

Request headers

:method: GET
:authority: www.uslawshield.com
:scheme: https
:path: /member-signup/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da9691cd1cdceb2f1c2fc392bc2c30c7c1616081208; AWSALB=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; AWSALBCORS=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=eTqE4vzPFvnT4JUgQwML8JKwYUYOehv5wTw1BxXjz5FcXrp/pQ+yIGRTRZBn9UHOMni0RTpBCkL0y4GiwUHD/PFoH204mIJlKPeGilCE5+9fmyp0ONJ1h+FBJVLr; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/ AWSALBCORS=eTqE4vzPFvnT4JUgQwML8JKwYUYOehv5wTw1BxXjz5FcXrp/pQ+yIGRTRZBn9UHOMni0RTpBCkL0y4GiwUHD/PFoH204mIJlKPeGilCE5+9fmyp0ONJ1h+FBJVLr; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/; SameSite=None; Secure PHPSESSID=d21p8pem49oo50erqhno87arfk; path=/; secure; HttpOnly
x-powered-by: PHP/7.3.17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,Cookie,User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 08e78b5f6b00004df4b4325000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 631f7b457e304df4-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 18 Mar 2021 15:26:49 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=da9691cd1cdceb2f1c2fc392bc2c30c7c1616081208; expires=Sat, 17-Apr-21 15:26:48 GMT; path=/; domain=.uslawshield.com; HttpOnly; SameSite=Lax AWSALB=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/ AWSALBCORS=Oi7Jm/HoYps0kGdlEI5+TaAL5njfgV9XqrdfTc9Cqo4yApfUK0EqptRRvfu8PihO+nAzH47PVyJSlwQjREJ+4sbs/SVBpTK9YYIRAaP6lKGbpH1VKx4cquuk4FrV; Expires=Thu, 25 Mar 2021 15:26:49 GMT; Path=/; SameSite=None; Secure
location: https://www.uslawshield.com/member-signup/
cf-cache-status: DYNAMIC
cf-request-id: 08e78b5cdd00004df46ca9d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 631f7b416f004df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 icomoon.woff
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 19 KB
12 KB 829ms
827ms Font
application/font-woff 2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b

Request headers

Origin: https://www.uslawshield.com
Referer: https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:54 GMT
content-encoding: gzip
cf-cache-status: BYPASS
last-modified: Thu, 12 Mar 2020 15:59:31 GMT
server: cloudflare
etag: W/"4c68-5a0aa70359ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: application/font-woff
cache-control: max-age=2592000, public
cf-ray: 631f7b642bc84df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e78b729d00004df4a20d6000000001
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow

GET
H2 200 fa-solid-900.woff2
www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 74 KB
75 KB 821ms
820ms Font
application/octet-stream 2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6

Request headers

Origin: https://www.uslawshield.com
Referer: https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:54 GMT
cf-cache-status: BYPASS
last-modified: Thu, 12 Mar 2020 15:59:31 GMT
server: cloudflare
etag: "12944-5a0aa70359ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
accept-ranges: bytes
cf-ray: 631f7b642bc94df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76100
cf-request-id: 08e78b729d00004df4b4082000000001

GET
H2 200 autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
www.uslawshield.com/wp-content/cache/autoptimize/css/ 1 MB
220 KB 677ms
677ms Stylesheet
text/css 2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6edf529b4627f4dcc4b90190a51281c346594cfb5b3013687474737a9f2c9db8

Request headers

Referer: https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:54 GMT
content-encoding: gzip
cf-cache-status: BYPASS
last-modified: Thu, 18 Mar 2021 02:30:00 GMT
server: cloudflare
etag: "14ff3f-5bdc6604c0916-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000, public
cf-ray: 631f7b642bc74df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e78b729c00004df47ea91000000001
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
expires: Tue, 08 Mar 2022 15:26:54 GMT

GET
H2 200 jquery.js Show response
www.uslawshield.com/wp-includes/js/jquery/ 95 KB
34 KB 822ms
821ms Script
application/javascript 2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:54 GMT
content-encoding: gzip
cf-cache-status: BYPASS
last-modified: Mon, 08 Jun 2020 01:17:45 GMT
server: cloudflare
etag: "17a69-5a78860d037e4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 631f7b642bca4df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33776
cf-request-id: 08e78b729d00004df47798b000000001

GET
H2 200 USLS-Wide-log375t.png
887340.smushcdn.com/2055187/wp-content/uploads/2019/10/ 25 KB
25 KB 72ms
29ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/uploads/2019/10/USLS-Wide-log375t.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a4c7ef5f2ee272ecbc6544589904774326e46af9b4ddc7de9763722e8e47f856

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Wed, 10 Mar 2021 01:29:27 GMT", rule-id="expire"
last-modified: Mon, 08 Feb 2021 01:29:27 GMT
server: nginx
etag: "1a1c3809e56c6e41f52e949e48c510ae"
x-cache: HIT
smushed: origFmt=png, origSize=42505, smushRatio=40.9, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 25122
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 USLS-Wide-log258.png
887340.smushcdn.com/2055187/wp-content/uploads/2020/06/ 16 KB
16 KB 22ms
19ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/uploads/2020/06/USLS-Wide-log258.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f253e08ad2f4227896b59cebb0d7751925e3f63cc67e7e5e2151984b08fef009

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Tue, 09 Mar 2021 20:03:04 GMT", rule-id="expire"
last-modified: Sun, 07 Feb 2021 20:03:04 GMT
server: nginx
etag: "e72be08dfd0e363aebd3ab0c50f9b5c6"
x-cache: HIT
smushed: origFmt=png, origSize=25641, smushRatio=36.34, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 16322
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 membership-card.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 14 KB
15 KB 21ms
20ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/membership-card.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 53bd10dd75a5f3a9eedc6c232a0700b5c78b669699c36c3b5ed1d4d65801af68

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:16:59 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:16:59 GMT
server: nginx
etag: "0106314cb75c60b6302e7d17947426d3"
x-cache: HIT
smushed: origFmt=png, origSize=22097, smushRatio=33.07, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 14790
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 checkmark-rev.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 658 B
983 B 382ms
381ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/checkmark-rev.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a1290a8ce5663fa52e0e74756ced32c5b2f0d1a260fae724d5dd76cbb8f7102b

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:16:59 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:16:59 GMT
server: nginx
etag: "20a9d5b23112b1950a0636d1149d6ef2"
x-cache: MISS
smushed: origFmt=png, origSize=1996, smushRatio=67.03, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 658
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 membership-card-dual.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 14 KB
15 KB 384ms
379ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/membership-card-dual.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: f6ae74b97bdbf24e02d6cb3d502d37644a6b1e8726859b4147d88eb3709dd1fd

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:17:00 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:17:00 GMT
server: nginx
etag: "17311397be65b43b8aaf431d0920a8a1"
x-cache: MISS
smushed: origFmt=png, origSize=22735, smushRatio=35.66, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 14628
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 icon-coverage-multi-state.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 2 KB
3 KB 386ms
370ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-coverage-multi-state.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a531cb849fcf45225c9f8085787fb0031fd2b0af4d810e4e0a3283f36f95950

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Sat, 10 Apr 2021 18:06:10 GMT", rule-id="expire"
last-modified: Thu, 11 Mar 2021 18:06:10 GMT
server: nginx
etag: "e410b6620231317658904e6b101feaf1"
x-cache: MISS
smushed: origFmt=png, origSize=5582, smushRatio=55.54, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 2482
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 icon-gitc-go-id.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 2 KB
3 KB 361ms
345ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-gitc-go-id.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 639f70a332aef4f1f1b7d19bc4d488a6d387ccc3dbcdf2be347bbeec497442d1

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:17:00 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:17:00 GMT
server: nginx
etag: "8f7d62acf8c8b6f4b37262b751c49af3"
x-cache: MISS
smushed: origFmt=png, origSize=6821, smushRatio=64.49, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 2422
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 icon-huntershield.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 4 KB
4 KB 372ms
356ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-huntershield.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 524f29d24ed1bffe4c359e17c19ce802f2108a971b66a16c6b179ce0718538db

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:17:01 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:17:01 GMT
server: nginx
etag: "92a80cc84ded96aac19a90cdcc3927a9"
x-cache: MISS
smushed: origFmt=png, origSize=9282, smushRatio=56.13, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 4072
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 icon-bail-bonds.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 2 KB
3 KB 33ms
17ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-bail-bonds.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: dade2dcd89b6a4a6f9da0e74d32137481d9726ad4aa91b520a589b29c33eeabd

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
last-modified: Thu, 11 Mar 2021 21:44:29 GMT
server: nginx
x-cache: HIT
smushed: origFmt=png, origSize=5543, smushRatio=54.97, originCache=MISS
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 2496
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 icon-minor-children.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 2 KB
2 KB 375ms
359ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/icon-minor-children.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: df7f9a972d0ddc29417ac48e0432453da2d54c08df0bcc3ec0079204194be898

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 14:18:40 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 14:18:40 GMT
server: nginx
etag: "bc7dad28fd6468148df04a542fbcba2c"
x-cache: MISS
smushed: origFmt=png, origSize=4954, smushRatio=64.68, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 1750
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 padlock.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 836 B
1 KB 360ms
345ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/padlock.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: cad04572ea3e9fc8e04e18d3d768fd7728b0483f40cb0fe16df4c8b01aaad265

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Sat, 10 Apr 2021 21:44:29 GMT", rule-id="expire"
last-modified: Thu, 11 Mar 2021 21:44:29 GMT
server: nginx
etag: "485f3db3f16df12cafb4444d67b7fdf3"
x-cache: MISS
smushed: origFmt=png, origSize=2455, smushRatio=65.95, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 836
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 digicert-seal.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 6 KB
6 KB 369ms
355ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/digicert-seal.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 44d88ba3bfd0adde25e287ae840b4c802e4b021155194cf5c00ce17d7cb69cfd

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Sat, 10 Apr 2021 21:44:30 GMT", rule-id="expire"
last-modified: Thu, 11 Mar 2021 21:44:30 GMT
server: nginx
etag: "e0ddcf8dd8f6ded4be7b63cba4c0227b"
x-cache: MISS
smushed: origFmt=png, origSize=9977, smushRatio=40.28, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 5958
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 cc-visa-active.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/cc_icons/ 812 B
1 KB 418ms
404ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/cc_icons/cc-visa-active.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e5d77ba32f77bc87f1601b1824a5c47e6b00090fa762d60580937d31137237f

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:17:01 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:17:01 GMT
server: nginx
etag: "5d4097e6a098030155459567d0ea4862"
x-cache: MISS
smushed: origFmt=png, origSize=2119, smushRatio=61.68, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 812
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 checkmark.png
887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/ 658 B
984 B 354ms
340ms Image
image/webp 151.139.240.27
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887340.smushcdn.com/2055187/wp-content/plugins/usls-signup/public/img/checkmark.png?lossy=1&strip=1&webp=1
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.240.27 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 33bf358c9e48bf7750bf2193e7d55451419928af1a1f6621aad8c9dcecf1c6cf

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
x-amz-expiration: expiry-date="Fri, 09 Apr 2021 12:17:04 GMT", rule-id="expire"
last-modified: Wed, 10 Mar 2021 12:17:04 GMT
server: nginx
etag: "745b247bb76a05e2a49ec96313b9bb98"
x-cache: MISS
smushed: origFmt=png, origSize=2103, smushRatio=68.71, originCache=HIT
cache-control: max-age=31104000
accept-ranges: bytes
content-type: image/webp
content-length: 658
expires: Sun, 13 Mar 2022 15:26:55 GMT

GET
H2 200 autoptimize_09d81659764881ad2ba4c814c1cba12f.js Show response
www.uslawshield.com/wp-content/cache/autoptimize/js/ 164 KB
38 KB 849ms
835ms Script
application/javascript 2606:4700:10::6814:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.uslawshield.com/wp-content/cache/autoptimize/js/autoptimize_09d81659764881ad2ba4c814c1cba12f.js
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67a94653f5f716302fd92b153744ba088febb3d45c09d6f613aabcaf37063d2

Request headers

Referer: https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: gzip
cf-cache-status: BYPASS
cf-ray: 631f7b6d896c4df4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38058
cf-request-id: 08e78b787200004df4dfb37000000001
last-modified: Thu, 18 Mar 2021 02:29:54 GMT
server: cloudflare
etag: "29102-5bdc65ffa8db2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000, public
accept-ranges: bytes
x-robots-tag: googlebot: nofollow, otherbot: noindex, nofollow
expires: Tue, 08 Mar 2022 15:26:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
44 KB 618ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c2c6db2f21d63c05097664a91c7d3c89505a0010c411d3393034f76c6b01560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44969
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Mar 2021 15:26:56 GMT

GET
H/1.1 200
OK subheader-sky-bg1.2.jpg
assets.uslawshield.com/web/2020/ 80 KB
80 KB 696ms
178ms Image
image/jpeg 52.43.17.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.uslawshield.com/web/2020/subheader-sky-bg1.2.jpg
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.17.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-17-137.us-west-2.compute.amazonaws.com
Software: Apache/2.4.34 () OpenSSL/1.0.2k-fips /
Resource Hash: e657b6b291ae0ec0a68f9845ff9bbb59cb945d7baa5f2e008778b174f7ba1294

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:26:56 GMT
Last-Modified: Tue, 12 Nov 2019 17:06:31 GMT
Server: Apache/2.4.34 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c
ETag: "1402c-59729450593c0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: googlebot: nofollow, otherbot: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 81964

GET
H2 200 jizaRExUiTo99u79D0KEw8OPIDU.woff
fonts.gstatic.com/s/ptsans/v12/ 14 KB
14 KB 10ms
8ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KEw8OPIDU.woff

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.uslawshield.com
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:17:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:12 GMT
server: sffe
age: 76179
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14256
x-xss-protection: 0
expires: Thu, 17 Mar 2022 18:17:16 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
fonts.gstatic.com/s/montserrat/v15/ 16 KB
17 KB 7ms
6ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.uslawshield.com
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:48:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 56296
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16888
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:48:39 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 34 KB
13 KB 92ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13204
x-xss-protection: 0
server: cafe
etag: 4463060295041814852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 15:26:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7111
date: Thu, 18 Mar 2021 13:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Mar 2021 15:28:25 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 65ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:55 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: 9BD44DB901A0444AAE44F3830555ECA7 Ref B: FRAEDGE1320 Ref C: 2021-03-18T15:26:56Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 37ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: O1UL3XzeUQ1rfXOO2JktWuDQdhQ9nfcT/WDqc7dPiqoSV+bSf1Kj2k9n/pnFAzHtKJhWhNeji7OzxF+1x1tXfQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 18 Mar 2021 15:26:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/711538876/399ccc9452556937830d/12/ 32 B
312 B 322ms
108ms Script
text/javascript 52.55.38.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/711538876/399ccc9452556937830d/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.38.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-38-21.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.005593
date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 679fe543-ac1b-4d13-976a-cca2319ebf9c

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 29 KB
8 KB 148ms
28ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MC2SSRG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 14:51:41 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 25 Feb 2021 23:50:58 GMT
Age: 2115
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8189
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 14:51:41 GMT

GET
H2 200 / Show response
cdn.avmws.com/1017369/ 4 KB
2 KB 88ms
21ms Script
application/javascript 13.226.159.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avmws.com/1017369/
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-47.dus51.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cab65733e246e68a5c038ac55119349cb9711ef251b163a15f8419a1fcaa58c9

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 14:31:32 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 16:36:55 GMT
server: Apache/2.4.29 (Ubuntu)
age: 3324
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
content-length: 1598
x-amz-cf-id: emJuklvlDAIRe0lgPdqjnnCterDrCKovf-Mx1mWB3NtDO_hscw-KOQ==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
129 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=976742417&t=pageview&_s=1&dl=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&ul=en-us&de=UTF-8&dt=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=2052767689&gjid=1230133266&cid=481555827.1616081216&tid=UA-45429226-7&_gid=777636308.1616081216&_r=1&gtm=2wg3a0MC2SSRG&z=307904888

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NTW3LM6&t=gtm3&cid=481555827.1616081216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52cf8985332cf3fafa3b26d9b0c776d16889c25cdb2b227af14b39218daaf884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35986
x-xss-protection: 0
expires: Thu, 18 Mar 2021 15:26:56 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 48ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&gjid=1230133266&_gid=777636308.1616081216&_u=YEBAAEACQAAAAC~&z=893255692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Mar 2021 15:26:56 GMT
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 858511754274339 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/858511754274339?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc0c87ec14bb00fc9f0c9e58947d3d74c6aa3653457f3e644a1691d53fb7d166

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70580
x-fb-rlafr: 0
pragma: public
x-fb-debug: zD1s5S4VTnZ4D6+55veAkg+i29q0sQ+bvkcn/Rqv9gZz2mkgfX7M/F4btDBnahVrElNF8o+CmvtKM16Kmqnn2w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 18 Mar 2021 15:26:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 39ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26022168&tm=gtm001&Ver=2&mid=e50a2d51-8392-4907-9f11-a7c67b3d536c&sid=5fe2a26087fe11eba5d577b8d7763c34&vid=5fe5a78087fe11ebb88e9f36d7aee51c&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&p=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&r=&evt=pageLoad&msclkid=N&sv=1&rn=436781
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 18 Mar 2021 15:26:55 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 04D5B1FAC3F24B718129F75ACB67FCC4 Ref B: FRAEDGE1320 Ref C: 2021-03-18T15:26:56Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/841268444/ 2 KB
2 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/841268444/?random=1616081216531&cv=9&fst=1616081216531&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc6025074efe149cf40c9abbf9e2be0844679f02a07ac12199bd7b2ae6e0ac49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCnAw.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 36ms
20ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCnAw.woff

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/wp-content/cache/autoptimize/css/autoptimize_47bfdf02a3baa4e684b4f4de527df617.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d09ca2715fa8e5be5629022f39a7751c6136ff90c40302c155a6610392afce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.uslawshield.com
Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:17:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:09 GMT
server: sffe
age: 22139
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12836
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:17:57 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 3 KB
2 KB 29ms
28ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:12:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 12 Oct 2020 17:50:42 GMT
Age: 870
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1254
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 15:12:26 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 56ms
28ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&_u=YEBAAEACQAAAAC~&z=303259357

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 55ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45429226-7&cid=481555827.1616081216&jid=2052767689&_u=YEBAAEACQAAAAC~&z=303259357

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 32ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=858511754274339&ev=PageView&dl=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&rl=&if=false&ts=1616081216859&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616081216823.1540399351&it=1616081216492&coo=false&rqm=GET

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 15:26:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Mar 2021 15:26:56 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/841268444/ 42 B
530 B 55ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/841268444/?random=1616081216531&cv=9&fst=1616079600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&async=1&fmt=3&is_vtc=1&random=3408242714&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/841268444/ 42 B
530 B 57ms
34ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/841268444/?random=1616081216531&cv=9&fst=1616079600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3a0&sendb=1&frm=0&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&tiba=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&async=1&fmt=3&is_vtc=1&random=3408242714&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 15:26:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
4 KB 29ms
28ms Stylesheet
text/css 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 14:51:47 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 2109
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 14:51:47 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
6 KB 69ms
38ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:20:31 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 16 Dec 2020 22:24:06 GMT
Age: 385
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5560
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 15:20:31 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 406ms
100ms Script
application/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.uslawshield.com
URL: https://www.uslawshield.com/member-signup/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:26:57 GMT
Content-Encoding: gzip
X-Pardot-Route: ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
Last-Modified: Fri, 13 Mar 2020 19:42:43 GMT
Server: PardotServer
ETag: "1442-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1842
Expires: Sat, 18 Mar 2023 15:26:57 GMT

GET
H/1.1 200
OK Cookie set esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 49D6 194 B
954 B 35ms
34ms Document
text/html 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.uslawshield.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.uslawshield.com/

Response headers

Date: Thu, 18 Mar 2021 15:26:56 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=YC2opYf-EeuDojk4fWyNdw; domain=.force.com; path=/; expires=Fri, 18-Mar-2022 15:26:56 GMT; Max-Age=31536000 BrowserId_sec=YC2opYf-EeuDojk4fWyNdw; domain=.force.com; path=/; expires=Fri, 18-Mar-2022 15:26:56 GMT; Max-Age=31536000; secure; SameSite=None
Expires: Fri, 19 Mar 2021 15:26:56 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 49D6 4 KB
2 KB 33ms
33ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 15:12:57 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 840
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1706
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 15:12:57 GMT

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 49D6 2 KB
1 KB 29ms
28ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 12:20:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 11195
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 743
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 12:20:22 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 49D6 2 KB
1 KB 30ms
28ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 14:52:00 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 2097
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 795
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 14:52:00 GMT

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 49D6 22 KB
5 KB 33ms
32ms Script
application/x-javascript 161.71.0.38
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.38 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.uslawshield.com/member-signup/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 11:31:36 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 28 Jan 2021 03:59:54 GMT
Age: 14121
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4993
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Mar 2021 11:31:36 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
110 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykQdubYJK4w8xcTnz

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 18 Mar 2021 15:26:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.uslawshield.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 285ms
284ms Script
text/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 144da1cca2d95e007e5be33b4b961d8a27fa2a2c9bb246cc4677b6ea548ebdc8

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 15:26:57 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp: 16/64/133
Vary: Accept-Encoding,User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 859
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
go.mylawshield.com/ 52 B
1 KB 184ms
184ms Script
text/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.mylawshield.com/analytics?conly=true&visitor_id=662615400&visitor_id_sign=24801c273161d9df7af4679f0ef0a05f381944678a55800353e27e1dfade6efcb552f67719d1039082da6c9a0baeb47277fd4963&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=16591&account_id=220422&title=Member%20Sign-Up%20-%20U.S.%20%26%20Texas%20LawShield&url=https%3A%2F%2Fwww.uslawshield.com%2Fmember-signup%2F&referrer=
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825

Request headers

Referer: https://www.uslawshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Mar 2021 15:26:57 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp: 16/84/194
Vary: User-Agent
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 52
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uslawshield.com/	1970-01-19 17:18:05	Name: _uetvid Value: 5fe5a78087fe11ebb88e9f36d7aee51c
.uslawshield.com/	1970-01-19 19:04:17	Name: _gcl_au Value: 1.1.367187963.1616081216
.uslawshield.com/	1970-01-19 16:54:41	Name: _gat_UA-45429226-7 Value: 1
.force.com/	1970-01-20 01:40:17	Name: BrowserId_sec Value: YC2opYf-EeuDojk4fWyNdw
www.uslawshield.com/	1970-01-19 17:04:46	Name: AWSALB Value: uiEf8Eho614lRPnQ6bO3c6qhDCIdgOdjLTCGj7BudmkKlktHybkcH9peXJqkuPyyYEFiAy0sD3BtsG5bRJuhzkXW2V0k9vi6rwzPUkABhwg7wygYjP5eXmDVqmTq
.uslawshield.com/	1970-01-19 19:04:17	Name: _fbp Value: fb.1.1616081216823.1540399351
.uslawshield.com/	1970-01-20 10:25:53	Name: _ga Value: GA1.2.481555827.1616081216
.uslawshield.com/	1970-01-19 17:37:53	Name: __cfduid Value: da58f1b203caccc2e66bf65f1f05562da1616081214
www.uslawshield.com/	1970-01-19 17:04:46	Name: AWSALBCORS Value: uiEf8Eho614lRPnQ6bO3c6qhDCIdgOdjLTCGj7BudmkKlktHybkcH9peXJqkuPyyYEFiAy0sD3BtsG5bRJuhzkXW2V0k9vi6rwzPUkABhwg7wygYjP5eXmDVqmTq
www.uslawshield.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d21p8pem49oo50erqhno87arfk
.uslawshield.com/	1970-01-19 16:56:07	Name: _gid Value: GA1.2.777636308.1616081216
.uslawshield.com/	1970-01-19 16:56:07	Name: _uetsid Value: 5fe2a26087fe11eba5d577b8d7763c34

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.uslawshield.com/member-signup/(Line 127) Message: [object Object]
console-api	log	URL: https://www.uslawshield.com/member-signup/(Line 1858) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

887340.smushcdn.com
assets.uslawshield.com
bat.bing.com
cdn.avmws.com
cdn.callrail.com
connect.facebook.net
fonts.gstatic.com
go.mylawshield.com
googleads.g.doubleclick.net
pi.pardot.com
service.force.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.uslawshield.com
13.226.159.47
151.139.240.27
161.71.0.38
172.217.16.130
2606:4700:10::6814:36d8
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.174.151.106
52.43.17.137
52.55.38.21
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
06b5a49abdb9153bc58047c864e170aca81b21df27b7bad58bc988832f2df878
0cc3efdca077ec2c251c53542bc32fd18394b5eff8a8814756c04d725ac1f071
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
144da1cca2d95e007e5be33b4b961d8a27fa2a2c9bb246cc4677b6ea548ebdc8
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
316a1f04e09cfaf1bd5c40e6f9ae51b8ffb893c9850e2f6d62d06075c1c56abf
33bf358c9e48bf7750bf2193e7d55451419928af1a1f6621aad8c9dcecf1c6cf
3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8
3e5d77ba32f77bc87f1601b1824a5c47e6b00090fa762d60580937d31137237f
435b0f7d4b66f276c41a294d64e682a92224ef796e3ae0b723cf23ffaa64c0d6
44d88ba3bfd0adde25e287ae840b4c802e4b021155194cf5c00ce17d7cb69cfd
524f29d24ed1bffe4c359e17c19ce802f2108a971b66a16c6b179ce0718538db
52cf8985332cf3fafa3b26d9b0c776d16889c25cdb2b227af14b39218daaf884
53bd10dd75a5f3a9eedc6c232a0700b5c78b669699c36c3b5ed1d4d65801af68
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
5a2a2f956d69194b53632eec961f3af53cb71a736264a3cfece092e1041f59bd
639f70a332aef4f1f1b7d19bc4d488a6d387ccc3dbcdf2be347bbeec497442d1
6edf529b4627f4dcc4b90190a51281c346594cfb5b3013687474737a9f2c9db8
6fe83329c21c4114bda6fbd591f60d0d962c35086e1c0ad8439756f2fb6c3462
7c2c6db2f21d63c05097664a91c7d3c89505a0010c411d3393034f76c6b01560
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dd133c09e00b2a38ff76a127c57e04a54dcb11707d56c57f07dec5d42f6311
8a531cb849fcf45225c9f8085787fb0031fd2b0af4d810e4e0a3283f36f95950
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
94d09ca2715fa8e5be5629022f39a7751c6136ff90c40302c155a6610392afce
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1290a8ce5663fa52e0e74756ced32c5b2f0d1a260fae724d5dd76cbb8f7102b
a4c7ef5f2ee272ecbc6544589904774326e46af9b4ddc7de9763722e8e47f856
bc0c87ec14bb00fc9f0c9e58947d3d74c6aa3653457f3e644a1691d53fb7d166
bc6025074efe149cf40c9abbf9e2be0844679f02a07ac12199bd7b2ae6e0ac49
be9cbd5f07dd141bdd7c3d8c09b52c6e283506072e37539d05dc4b9dcbb68e5b
cab65733e246e68a5c038ac55119349cb9711ef251b163a15f8419a1fcaa58c9
cad04572ea3e9fc8e04e18d3d768fd7728b0483f40cb0fe16df4c8b01aaad265
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d67a94653f5f716302fd92b153744ba088febb3d45c09d6f613aabcaf37063d2
dade2dcd89b6a4a6f9da0e74d32137481d9726ad4aa91b520a589b29c33eeabd
dd575925971e9d0bbfdd4cfecfbd110fd6d1d098c57836707cbabe035fe92779
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df7f9a972d0ddc29417ac48e0432453da2d54c08df0bcc3ec0079204194be898
e2c0743ba1485334ad7b8a678ae6dce077443e6674329d859879623148fcd95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e657b6b291ae0ec0a68f9845ff9bbb59cb945d7baa5f2e008778b174f7ba1294
e6bd0a3ccc9351f05bacc94f4761067e0fcf44b84421b3801cc3245e6698f9af
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f253e08ad2f4227896b59cebb0d7751925e3f63cc67e7e5e2151984b08fef009
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f6ae74b97bdbf24e02d6cb3d502d37644a6b1e8726859b4147d88eb3709dd1fd

www.uslawshield.com Open in urlscan Pro 2606:4700:10::6814:36d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

61 %IPv6

17 Domains

19 Subdomains

18 IPs

4 Countries

876 kBTransfer

2807 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.uslawshield.com Open in urlscan Pro
2606:4700:10::6814:36d8 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

18
IPs

4
Countries

876 kB
Transfer

2807 kB
Size

12
Cookies

55 HTTP transactions
0 data transactions