covid19.wearelegalshield.com Open in urlscan Pro
2606:4700::6812:1c65  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response covid19.wearelegalshield.com/	221 KB 22 KB	87ms 54ms	Document text/html	2606:4700::6812:1c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa148b159b077645b6c8494448402604c4e87cdcbbe582c78d129425330a92c6 Request headers :method GET :authority covid19.wearelegalshield.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Fri, 27 Mar 2020 21:17:39 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=da93d8acb93a91e21039f3fc3c56957761585343859; expires=Sun, 26-Apr-20 21:17:39 GMT; path=/; domain=.wearelegalshield.com; HttpOnly; SameSite=Lax; Secure ubpv=d%2C418f28b1-c20e-46c7-a83b-2e0fd9f95a29; Max-Age=15897600; Expires=Sun, 27 Sep 2020 21:17:39 GMT; Path=/ ubvs=162.158.90.1951585350611315660; Max-Age=15552000; Expires=Wed, 23 Sep 2020 21:17:39 GMT; Path=/ ubvt=162.158.90.1951585350611315660; Max-Age=259200; Expires=Mon, 30 Mar 2020 21:17:39 GMT; Path=/; Domain=wearelegalshield.com p3p CP="This is not a privacy policy." x-unbounce-pageid 418f28b1-c20e-46c7-a83b-2e0fd9f95a29 content-location https://covid19.wearelegalshield.com/ x-unbounce-visitorid 162.158.90.1951585350611315660 last-modified Fri, 27 Mar 2020 21:13:06 GMT x-unbounce-variant d link <https://covid19.wearelegalshield.com/>; rel="canonical" x-proxy-backend page-server cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57ac23b409731e47-FRA content-encoding gzip
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	54ms 18ms	Stylesheet text/css	99.84.155.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.155.10 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-155-10.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 24 Mar 2020 14:29:47 GMT content-encoding gzip age 283673 x-cache Hit from cloudfront status 200 content-length 2902 last-modified Wed, 04 Mar 2020 22:45:14 GMT server AmazonS3 etag "c840c3d549f745d3142417845de68270" x-amz-version-id gJqOFtzKpY5_MpSOYwBhAXEJLqR0Gl7t via 1.1 3503b71c0982ba58e4441eb0d67c6cef.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop TXL52-C1 accept-ranges bytes content-type text/css x-amz-cf-id 0RrdfLl88pnnmbT8WTfIfCN2LmMst9V6GMRNU8b_SAJNjgKvhGW59g==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 30 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sat, 18 Jan 2020 01:27:19 GMT content-encoding gzip x-content-type-options nosniff age 6033020 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 17 Jan 2021 01:27:19 GMT
GET H2	200	transparent.gif d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	42 B 425 B	523ms 412ms	Image image/gif	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/transparent.gif Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "d89746888da2d9510b64a9f031eaecd5" x-cache Miss from cloudfront x-amz-version-id n.ZrmoPzqJeULPJXLDvV.EmbWRfQtCNe status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/gif content-length 42 x-amz-cf-id L48xxaUK-9xt_fuhjQC3ZG1EbEw5A-Hf-tpfpkkAUlZwEU195T_WQA==
GET H2	200	main.bundle-81f56cf.z.js Show response builder-assets.unbounce.com/published-js/	104 KB 33 KB	59ms 30ms	Script application/javascript	99.84.155.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.155.10 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-155-10.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 81f56cff112636ed46cb7837be66b7a9906dad73841a8f0f733e929ad5a16bf8 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 24 Mar 2020 06:04:21 GMT content-encoding gzip age 313999 x-cache Hit from cloudfront status 200 content-length 33644 last-modified Wed, 04 Mar 2020 22:45:08 GMT server AmazonS3 etag "9356a4b0d011c5a2bd739b87d31b814e" x-amz-version-id w6Q3AhO1ySRAZ6Dp5abtKcYbFfJpb9jE via 1.1 3503b71c0982ba58e4441eb0d67c6cef.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop TXL52-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id dSl1LqyluO7IQ3BGJflHEFkSNDIIMFLYLGNBj6gFifR4EogavSlHjg==
GET H2	200	hotjar-950576.js Show response static.hotjar.com/c/	18 KB 4 KB	386ms 95ms	Script application/javascript	147.75.84.31 PACKET
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-950576.js?sv=6 Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.84.31 Parsippany, United States, ASN54825 (PACKET, US), Reverse DNS Software / Resource Hash fa4fb4c9bb843c4b5f2559a785b67b82b5f1163dfe0134fe99767f164def26c2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 21:17:40 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript section-io-tag hotjar age 0 status 200 access-control-max-age 600 section-io-cache Miss x-cache-hit 1 x-frame-options SAMEORIGIN etag W/51d031828af354688394e37205c378de vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=60 section-io-origin-time-seconds 0.076 accept-ranges bytes section-io-id 707c6954f03fc1353035361b4553adcf section-origin-responded true
GET H2	200	8ba3906d-istock-855246284_00000000000000000001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	62 KB 62 KB	468ms 431ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/8ba3906d-istock-855246284_00000000000000000001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 921fc1553a682d9a50d9fdac8527654025ee98e249f0cd5d8d0e35501926228f Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "6f79b66c67b0f0dd4d075a275e48edfd" x-cache Miss from cloudfront x-amz-version-id W9Koj4483.7ma1KXCeve9cdavhOO5..Z status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 63295 x-amz-cf-id crBb5qSO3DQlSJK_Gsxc93_5lSpOCvhVBe1WetHvgEpGxyjYzS2VsA==
GET H2	200	c78a6c27-istock-177521917-3_00000017s0ff00000001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	76 KB 77 KB	468ms 431ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/c78a6c27-istock-177521917-3_00000017s0ff00000001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash be2218150b12ad45c01c16dfbe7d68883b479d37cb25e3cbb4559549b6ac9916 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "627e54e5da6e76178fad1af52caac83a" x-cache Miss from cloudfront x-amz-version-id 3IZURvH1TrlE7B_7KqkHX6itUAY.693u status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 78102 x-amz-cf-id PdKJSnQe-Aoxh-Pth8D5HqvVwMrwRBS2Lsb4yW_yB2qflmiRpG1zlA==
GET BLOB	200 OK	e5b84f4f-617c-42f7-a832-79d8e9f41f50 https://covid19.wearelegalshield.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://covid19.wearelegalshield.com/e5b84f4f-617c-42f7-a832-79d8e9f41f50 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Content-Length 5603 Content-Type text/css
GET H2	200	css fonts.googleapis.com/	7 KB 831 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2ff31251c9373d62353e3a49a54fcc515f6ea9e90a3a60ae950954fe79534b6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 27 Mar 2020 21:17:40 GMT server ESF date Fri, 27 Mar 2020 21:17:40 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 27 Mar 2020 21:17:40 GMT
GET H2	200	7a520718-dot-square-2x_03h022000000000000001.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	266 B 649 B	463ms 463ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/7a520718-dot-square-2x_03h022000000000000001.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 707d0a1d9860193574644957bf9200a424f7b52df99d27d5ec07f1ed1315092c Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "512cf0ff7915ee74c088f574a21c0b73" x-cache Miss from cloudfront x-amz-version-id UUhwZ0TpLK.XPQ7w._NSQq0.i.0sW0X2 status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 266 x-amz-cf-id cyFXMFISYZ_hlscDG7_jDA2q2bANAlQZrdxeUwZmMLYw29KMFwYg0g==
GET H2	200	73b6f668-istock-1091526916-1_0fx0am06s0am04k00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	12 KB 13 KB	458ms 457ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/73b6f668-istock-1091526916-1_0fx0am06s0am04k00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 84af6b551d98e6eb4f0b9b566790a107a239a65ab441866641909eb48c4b8352 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "86b37ac8540ce6c62b5138732d8cc52d" x-cache Miss from cloudfront x-amz-version-id Utws1IHjuXlPPBPkkUQ8lQ7sguQfJWKo status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 12743 x-amz-cf-id edXQ85NTGAm4g4dNg0Q8WCK9wOaY8PYISxKKBrG6SwTtseapwTE4Hw==
GET H2	200	317db71b-check-2x_00e00b000000000000001.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	357 B 739 B	425ms 425ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/317db71b-check-2x_00e00b000000000000001.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash e82149a95587c51e957ac03d237a6b1bda18f9ce916e65695db902db42f5c8c9 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "968f037850adc13ae3d53dd7fe8ac450" x-cache Miss from cloudfront x-amz-version-id ijzdaag1Yxb.300O7NFW6J3dluwQ4z4V status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 357 x-amz-cf-id G6HHVbr2QgLNhLVS6Ebg2d4-zaKHkzoD0uoztwqfygwcoMuKPV8-Ug==
GET H2	200	d198870a-white-check-2x_00m00h000000000000001.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	448 B 830 B	431ms 431ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/d198870a-white-check-2x_00m00h000000000000001.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash c4725d8bc092539120d4265852bcd04b37cf8d5c6adc5ac9def6293f3c04c732 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "ecd988715d869474410ee23a847e35a0" x-cache Miss from cloudfront x-amz-version-id LYLe_fBbCvcr_oaHVMDzEhnYKYUgI8zg status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 448 x-amz-cf-id h4SAYQn_3xq8e23ufDY5xqLNyU7wg7JL14gqEYJftG_nllSwtCi_bQ==
GET H2	200	91661ced-compressed-legal-shield-new-logo-white-2x_061019000000000000000.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	5 KB 5 KB	445ms 444ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/91661ced-compressed-legal-shield-new-logo-white-2x_061019000000000000000.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash c2266db9d3a4479693f8ad492eb7724ed0c233a4987fbba87da219d6236c376a Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "a38b437a7cdc56b26a9bba258f09ea0d" x-cache Miss from cloudfront x-amz-version-id bPJ49Y8T2FRcP.TE4Y6jTemByGYVYQVI status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 4760 x-amz-cf-id dXdBpVjrPEG5d9ALIYxQSfXciLAYXu7JrBerQNBnjBI3LIcDq7YPeA==
GET H2	200	e2fdbbc6-istock-1165979787_0i80am06s0am03o00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	11 KB 11 KB	459ms 459ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/e2fdbbc6-istock-1165979787_0i80am06s0am03o00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 846761a2f9b112e68435f8c132a4face064f2056c520e52ead1ed590f9778383 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "87006554f3564940930528fd5de4aa61" x-cache Miss from cloudfront x-amz-version-id dD4rttHWiCwyj3mpoEnR_GFTg2ABwsc5 status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 11051 x-amz-cf-id vdeoQ6eDSwBt_1GF2fZ1ViC8EKP2d4pJpWNK6A7d-Lb7riHIimTlLQ==
GET H2	200	a8c97c4d-istock-1172692283_0fx0am06s0am03k00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	12 KB 13 KB	423ms 423ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/a8c97c4d-istock-1172692283_0fx0am06s0am03k00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 7c36db152f102e408b4428a355fa770c9a405348e32ed76d8ede48b63ac3f1ba Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "847fd6131e1457192ee90d5711d7034e" x-cache Miss from cloudfront x-amz-version-id 7bGE5nVGA9gM3wLx0rCFhn2QLO3daDwV status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 12726 x-amz-cf-id DNFxAHtc0ZmsSi8R6au6-BeAIvwuDcmqdB1s0PFsQ7KXpa2qFPTPkQ==
GET H2	200	95a51fe4-istock-1165941362-1_0ig0cb06s0am02t01p01o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	12 KB 13 KB	436ms 435ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/95a51fe4-istock-1165941362-1_0ig0cb06s0am02t01p01o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 9f3a41c54e04fe7110c4038a7ce5384de1fc5545cf5dfb58ba6293d087770cbf Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "a05ed32afe448f7c31ea846f8a035fbf" x-cache Miss from cloudfront x-amz-version-id k0WzOPw09Dw5i94hK0eg8cY.Lxm7hfd3 status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 12680 x-amz-cf-id uFnmusKE2S6CM3okWtoH2W2VZGVEwbNx4muEULXDXwplYQL1TCyRkA==
GET H2	200	c3b96007-istock-907634594_0gv0am06s0am01400001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	15 KB 16 KB	481ms 481ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/c3b96007-istock-907634594_0gv0am06s0am01400001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 000ec73f5cf3ece8c2a20edcd978433c91da81becaeb28c3acb7d7c2b252bc9a Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "4349725303e8659e2f0efc4328a54f1c" x-cache Miss from cloudfront x-amz-version-id _R2Ytd5OMXSFUt0Z41QA.4hk1JycN.YF status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 15625 x-amz-cf-id FRHafpTAPNPTsOzYtqn1uUYiGhcH--my9DNf7TRNW15HICWKg0yoOw==
GET H2	200	419dc226-istock-1182824513-1_0fx0am06s0am00i00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	13 KB 14 KB	450ms 449ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/419dc226-istock-1182824513-1_0fx0am06s0am00i00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash f5566ad33ca814787fd47a4ae3cbbb44bc3e2eafe8d53af5a6e4a059043bb0b9 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "daa2b4f7759096e56b8ca6b6fddfe6c3" x-cache Miss from cloudfront x-amz-version-id UGs258ksyEAM8JSmBv4yGJtEuEO4orn4 status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 13444 x-amz-cf-id vulFlWi-JtOv4fRsCcpkzV25l4p-_IpvKzQ-mz3dcB6StptbuyJlUg==
GET H2	200	992a7a6a-compressed-legal-shield-new-logo-1000-px-2x_062018000000000000000.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	6 KB 6 KB	411ms 410ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/992a7a6a-compressed-legal-shield-new-logo-1000-px-2x_062018000000000000000.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash cd50c4e9293bf3cb00bd9b633479a17ad29cce2dff779929ea50aaf58b5d6b60 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "e198e9eea5e8de845bba09becb60003b" x-cache Miss from cloudfront x-amz-version-id 3.21A0NGRPtfa_SoGtTxzTZWXiFmGVCw status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 6218 x-amz-cf-id mUjgO3ppLOFioQoOHsHsbyfWg_BFY6EZG9cKj_D2t4lbohRqRVGrsg==
GET H2	200	41f513c9-compressed-bbb-logo-2x_02k010000000000000000.png d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	4 KB 4 KB	436ms 434ms	Image image/png	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/41f513c9-compressed-bbb-logo-2x_02k010000000000000000.png Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "2526d0479e6c3c2ed5446b649e3c7b14" x-cache Miss from cloudfront x-amz-version-id 7yLSs4VJdrGEnpvFVXSm_KL6uq5AIxqh status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/png content-length 3841 x-amz-cf-id Lnscmwo6V7Ia2vvbc-onBEyfwcGjUPBhDAe5eBRYRn20D9K2nf9-jQ==
GET H2	200	e2fdbbc6-istock-1165979787_0c807408f07401w00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	8 KB 8 KB	423ms 422ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/e2fdbbc6-istock-1165979787_0c807408f07401w00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 9e35e5e799e26614bdf0824af87f22b9fd33bb4634e260cb0da8f611e62bb839 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "608ea8297852a3cfd41ad3c0b0e7929c" x-cache Miss from cloudfront x-amz-version-id oMK.zRpeHMH7BA7.tU.UR4x8bU5pi6af status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 7839 x-amz-cf-id UXXiMffU8YNB_TNgY4hwymSGqRCa7liBa7Cpxw9SSjEmboXgYyj5hw==
GET H2	200	a8c97c4d-istock-1172692283_0ao07408f07401400001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	12 KB 12 KB	438ms 436ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/a8c97c4d-istock-1172692283_0ao07408f07401400001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 72cc4c2797f7687687110d9daa2f6b140a960b65841eca08fb77bee4a61c2019 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "882702f8905cb61a54f18cd2de5e9ec2" x-cache Miss from cloudfront x-amz-version-id yY7iIpiq73NrLBRrELim9fnCQjUVA9Zf status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 11845 x-amz-cf-id tLRWEblJW_jdP7cCm_yMHeNOGUr5gt6-3He67PwCTyp61Lg3H0RDLA==
GET H2	200	a468fd92-istock-1165941362_0ao07408f07401400001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	12 KB 12 KB	447ms 446ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/a468fd92-istock-1165941362_0ao07408f07401400001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash fba73b6c7b653ad890d825f5582476c338e75f77a47a87943837011d57006391 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "de390de1e55c77ed26716de35315aae5" x-cache Miss from cloudfront x-amz-version-id sM7OMtJ1.IoJaiA7Ve6Md8ThhWB6j6VQ status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 12268 x-amz-cf-id 06zpN4gLQVFU8h0a7SWIv9jkmNqurNdeaxPRDr8ZGWUfhoZQCl9RUg==
GET H2	200	c3b96007-istock-907634594_0bb07408f07401g00001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	13 KB 13 KB	428ms 427ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/c3b96007-istock-907634594_0bb07408f07401g00001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash 89d23c8de24b9f9aafd31302a0fa53c939615f3464c9943e7eb7dcd69cfb5210 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "a82115278b8e09ff80db60b7aa14a5f0" x-cache Miss from cloudfront x-amz-version-id mjVNFHnoAv.6lLQ33B0cvt7RUeYSjvY2 status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 12868 x-amz-cf-id CX8bQt8pj1_ToXbmEuu3G5Go_vi02bysxstgLQqD2y_cJO-3EZNZ1A==
GET H2	200	419dc226-istock-1182824513-1_0ao07408f07401400001o.jpg d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/	10 KB 10 KB	417ms 416ms	Image image/jpeg	99.84.156.196 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/covid19.wearelegalshield.com/419dc226-istock-1182824513-1_0ao07408f07401400001o.jpg Requested by Host: covid19.wearelegalshield.com URL: https://covid19.wearelegalshield.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.84.156.196 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-156-196.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash f0676c8cbc4c6bb4f7ecaf9acbed1a891c9fd7839c3c5f77048df5b802d88e39 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 27 Mar 2020 21:17:41 GMT via 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront) last-modified Fri, 27 Mar 2020 21:13:06 GMT server AmazonS3 x-amz-cf-pop TXL52-C1 etag "0079c329425b8214a0b41bf0c7e174d6" x-cache Miss from cloudfront x-amz-version-id EOkX3_yomIwvMi_X37g_irLmpxrP2yXL status 200 cache-control max-age=31557600 accept-ranges bytes content-type image/jpeg content-length 10050 x-amz-cf-id cX_051QSw0BOcSPVTn9r6HmqcwL_ceeHrrKihvnzlDcGY_BSfjKEpg==
GET H2	200	iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2 fonts.gstatic.com/s/rubik/v9/	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 23:32:39 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:13 GMT server sffe age 1460701 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 16456 x-xss-protection 0 expires Wed, 10 Mar 2021 23:32:39 GMT
GET H2	200	iJWKBXyIfDnIV7nBrXyw023e.woff2 fonts.gstatic.com/s/rubik/v9/	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 21:30:57 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:27:24 GMT server sffe age 1468003 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 16268 x-xss-protection 0 expires Wed, 10 Mar 2021 21:30:57 GMT
GET H2	200	iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2 fonts.gstatic.com/s/rubik/v9/	14 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 27 Feb 2020 13:17:22 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:26:06 GMT server sffe age 2534418 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 14828 x-xss-protection 0 expires Fri, 26 Feb 2021 13:17:22 GMT
GET H2	200	neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2 fonts.gstatic.com/s/sourceserifpro/v7/	16 KB 16 KB	9ms 9ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 25 Feb 2020 03:51:28 GMT x-content-type-options nosniff last-modified Wed, 17 Jul 2019 00:01:43 GMT server sffe age 2741172 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 15876 x-xss-protection 0 expires Wed, 24 Feb 2021 03:51:28 GMT
GET H2	200	neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2 fonts.gstatic.com/s/sourceserifpro/v7/	15 KB 15 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 04 Mar 2020 21:48:38 GMT x-content-type-options nosniff last-modified Tue, 16 Jul 2019 23:51:44 GMT server sffe age 1985342 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 15036 x-xss-protection 0 expires Thu, 04 Mar 2021 21:48:38 GMT
GET H2	200	neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2 fonts.gstatic.com/s/sourceserifpro/v7/	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourceserifpro/v7/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-81f56cf.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Rubik:500,regular,300%7CSource+Serif+Pro:600,700,regular Origin https://covid19.wearelegalshield.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 09 Mar 2020 11:35:18 GMT x-content-type-options nosniff last-modified Tue, 16 Jul 2019 23:51:00 GMT server sffe age 1590142 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 15576 x-xss-protection 0 expires Tue, 09 Mar 2021 11:35:18 GMT
GET H2	200	modules.17c97750a9d093b794df.js Show response script.hotjar.com/	366 KB 69 KB	308ms 20ms	Script application/javascript	147.75.32.125 PACKET
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.17c97750a9d093b794df.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-950576.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress14 Software / Resource Hash 0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16 Request headers Referer https://covid19.wearelegalshield.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Fri, 27 Mar 2020 21:17:40 GMT content-encoding br content-type application/javascript age 122536 status 200 section-io-cache Hit content-length 70645 last-modified Thu, 26 Mar 2020 11:12:31 GMT etag "3a5a4807e54283bcadc4388cb084ad93" vary Accept-Encoding section-io-origin-status 200 access-control-allow-origin * cache-control max-age=31536000 section-io-origin-time-seconds 0.023 accept-ranges bytes section-io-id f045c9d7b3fc59733a3015009d9e324b section-origin-responded true
GET H2	200	box-469cf41adb11dc78be68c1ae7f9457a4.html vars.hotjar.com/ Frame 88A3	0 0	66ms 22ms	Document text/html	147.75.33.131 PACKET
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-950576.js?sv=6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS pkt-ams-k2-shared-ingress7 Software / Resource Hash Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-469cf41adb11dc78be68c1ae7f9457a4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://covid19.wearelegalshield.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://covid19.wearelegalshield.com/ Response headers status 200 date Fri, 27 Mar 2020 21:17:40 GMT content-type text/html content-length 851 last-modified Wed, 25 Mar 2020 15:18:29 GMT etag "d594f1d4c3e5dbd6b556c60d34e0daea" cache-control max-age=31536000 content-encoding br section-io-origin-status 200 section-io-origin-time-seconds 0.087 section-origin-responded true age 144589 vary Accept-Encoding section-io-cache Hit accept-ranges bytes section-io-id 5e42350f6f81aa850637539625ca3a1a

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ub function| hj object| _hjSettings function| $ function| jQuery string| boxToAppend string| headerOrFooter object| backgroundCSS object| colorOverlayCSS object| childrenCSS object| boxParent object| boxClone function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wearelegalshield.com/	1970-01-19 16:55:02	Name: _hjid Value: 26cee754-f692-434b-81c3-aa5ca89c2852
			covid19.wearelegalshield.com/	1970-01-19 12:47:21	Name: ubpv Value: d%2C418f28b1-c20e-46c7-a83b-2e0fd9f95a29
			.wearelegalshield.com/	1970-01-19 08:26:43	Name: ubvt Value: 162.158.90.1951585350611315660
			covid19.wearelegalshield.com/	1970-01-19 12:41:35	Name: ubvs Value: 162.158.90.1951585350611315660
			.wearelegalshield.com/	1970-01-19 09:05:35	Name: __cfduid Value: da93d8acb93a91e21039f3fc3c56957761585343859

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://covid19.wearelegalshield.com/(Line 6422) Message: ran

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
builder-assets.unbounce.com
covid19.wearelegalshield.com
d9hhrg4mnvzow.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
147.75.32.125
147.75.33.131
147.75.84.31
2606:4700::6812:1c65
2a00:1450:4001:81a::200a
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
99.84.155.10
99.84.156.196
000ec73f5cf3ece8c2a20edcd978433c91da81becaeb28c3acb7d7c2b252bc9a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273
707d0a1d9860193574644957bf9200a424f7b52df99d27d5ec07f1ed1315092c
72cc4c2797f7687687110d9daa2f6b140a960b65841eca08fb77bee4a61c2019
75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d
7c36db152f102e408b4428a355fa770c9a405348e32ed76d8ede48b63ac3f1ba
81f56cff112636ed46cb7837be66b7a9906dad73841a8f0f733e929ad5a16bf8
846761a2f9b112e68435f8c132a4face064f2056c520e52ead1ed590f9778383
84af6b551d98e6eb4f0b9b566790a107a239a65ab441866641909eb48c4b8352
89d23c8de24b9f9aafd31302a0fa53c939615f3464c9943e7eb7dcd69cfb5210
921fc1553a682d9a50d9fdac8527654025ee98e249f0cd5d8d0e35501926228f
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9e35e5e799e26614bdf0824af87f22b9fd33bb4634e260cb0da8f611e62bb839
9f3a41c54e04fe7110c4038a7ce5384de1fc5545cf5dfb58ba6293d087770cbf
be2218150b12ad45c01c16dfbe7d68883b479d37cb25e3cbb4559549b6ac9916
c2266db9d3a4479693f8ad492eb7724ed0c233a4987fbba87da219d6236c376a
c2ff31251c9373d62353e3a49a54fcc515f6ea9e90a3a60ae950954fe79534b6
c4725d8bc092539120d4265852bcd04b37cf8d5c6adc5ac9def6293f3c04c732
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
cd50c4e9293bf3cb00bd9b633479a17ad29cce2dff779929ea50aaf58b5d6b60
e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908
e82149a95587c51e957ac03d237a6b1bda18f9ce916e65695db902db42f5c8c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0676c8cbc4c6bb4f7ecaf9acbed1a891c9fd7839c3c5f77048df5b802d88e39
f5566ad33ca814787fd47a4ae3cbbb44bc3e2eafe8d53af5a6e4a059043bb0b9
fa148b159b077645b6c8494448402604c4e87cdcbbe582c78d129425330a92c6
fa4fb4c9bb843c4b5f2559a785b67b82b5f1163dfe0134fe99767f164def26c2
fba73b6c7b653ad890d825f5582476c338e75f77a47a87943837011d57006391
fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080