covid19.legalshieldbenefits.com Open in urlscan Pro
52.18.26.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yourcovid19legalresourcecenter.online/
Effective URL:
https://covid19.legalshieldbenefits.com/
Submission: On May 14 via api (May 14th 2020, 8:36:51 pm UTC) from BE

Summary HTTP 37 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 37 HTTP transactions. The main IP is 52.18.26.20, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is covid19.legalshieldbenefits.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 3rd 2020. Valid for: 3 months.

This is the only time covid19.legalshieldbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2 2	54.70.242.13 54.70.242.13	16509 (AMAZON-02) (AMAZON-02)
1	52.18.26.20 52.18.26.20	16509 (AMAZON-02) (AMAZON-02)
15	2600:9000:209... 2600:9000:2093:fa00:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	52.84.50.204 52.84.50.204	16509 (AMAZON-02) (AMAZON-02)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
37	11

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

yourcovid19legalresourcecenter.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.70.242.13 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-242-13.us-west-2.compute.amazonaws.com

ls-info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.26.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-26-20.eu-west-1.compute.amazonaws.com

covid19.legalshieldbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2093:fa00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.50.204 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-204.ham50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	website-files.com assets-global.website-files.com	2 MB
8	gstatic.com fonts.gstatic.com	160 KB
4	addthis.com s7.addthis.com m.addthis.com	190 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
2	ls-info.com 2 redirects ls-info.com	771 B
1	addthisedge.com v1.addthisedge.com	783 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	legalshieldbenefits.com covid19.legalshieldbenefits.com	6 KB
1	yourcovid19legalresourcecenter.online 1 redirects yourcovid19legalresourcecenter.online	220 B
37	12

	Domain	Requested by
15	assets-global.website-files.com	covid19.legalshieldbenefits.com
8	fonts.gstatic.com	ajax.googleapis.com
3	s7.addthis.com	covid19.legalshieldbenefits.com s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com covid19.legalshieldbenefits.com
2	ls-info.com	2 redirects
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	covid19.legalshieldbenefits.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	covid19.legalshieldbenefits.com
1	ajax.googleapis.com	covid19.legalshieldbenefits.com
1	covid19.legalshieldbenefits.com
1	yourcovid19legalresourcecenter.online	1 redirects
37	14

This site contains links to these domains. Also see Links.

Domain
covid19.wearelegalshield.com

Subject Issuer	Validity	Valid
covid19.legalshieldbenefits.com Let's Encrypt Authority X3	`2020-04-03` - `2020-07-02`	3 months	crt.sh
*.website-files.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://covid19.legalshieldbenefits.com/
Frame ID: F5BDB56BEC8D2458AFFE17B51B4B99D6
Requests: 35 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CB628960ED421B93D9030E1C2B7DDB9C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: D1968DD991F4D4B919993EBF6BA51965
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://yourcovid19legalresourcecenter.online/ HTTP 301
https://ls-info.com/d/CcgW6X HTTP 302
https://ls-info.com/res/11054/11098?source=mobile HTTP 302
https://covid19.legalshieldbenefits.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

37
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

2709 kB
Transfer

3637 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://covid19.wearelegalshield.com/clkn/https//[rep-id].wearelegalshield.com/?utm_source=pbls.com&utm_medium=referral&utm_content=wals-623&utm_campaign=user_[rep-id]

Search URL Search Domain Scan URL

URL: https://covid19.wearelegalshield.com/clkn/https/www.bbb.org/us/ok/ada/profile/legal-services/legalshield-0995-9000434

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yourcovid19legalresourcecenter.online/ HTTP 301
https://ls-info.com/d/CcgW6X HTTP 302
https://ls-info.com/res/11054/11098?source=mobile HTTP 302
https://covid19.legalshieldbenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
covid19.legalshieldbenefits.com/
Redirect Chain

http://yourcovid19legalresourcecenter.online/
https://ls-info.com/d/CcgW6X
https://ls-info.com/res/11054/11098?source=mobile
https://covid19.legalshieldbenefits.com/

15 KB
6 KB

134ms
40ms

Document
text/html

52.18.26.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.18.26.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-26-20.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b51abffd40c7e657b5fd07508e014715e04ec200ae3f267a92e820c37d0e2e13

Request headers

:method: GET
:authority: covid19.legalshieldbenefits.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: openresty
date: Thu, 14 May 2020 20:36:27 GMT
content-type: text/html
content-length: 5795
content-encoding: gzip
x-lambda-id: 89273d27-2edf-4b89-839d-b751ead1efb7
via: 1.1 varnish 1.1 varnish
age: 20637
x-served-by: cache-dca17748-DCA, cache-dub4343-DUB
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1589488587.344530,VS0,VE1
vary: Accept-Encoding
x-cache-status: MISS
x-cluster-name: eu-west-1-prod-eks-15
accept-ranges: bytes

Redirect headers

status: 302
date: Thu, 14 May 2020 20:36:27 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://covid19.legalshieldbenefits.com/
x-amzn-requestid: 8bc7502f-44d5-4767-b05a-230733522387
x-amzn-remapped-content-length: 0
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: MifHvHn0vHcFYuw=
x-amzn-remapped-server: Apache
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-amzn-remapped-date: Thu, 14 May 2020 20:36:27 GMT

GET
H2 200 covid19legalshieldbenefits.1dc0ae0c9.min.css
assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/ 235 KB
30 KB 173ms
142ms Stylesheet
text/css 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 029fb6c4098335add5f38c193e9b0e97f4e2ae57fa787175ac99824dadd6e166

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 20:16:27 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "b70682de41b2cfe509a382c57e777bed"
x-cache: Miss from cloudfront
x-amz-version-id: wa_otOByt_VtvR0UR553SNVcaggY2bdo
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/css
content-length: 30032
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
x-amz-cf-id: 13g_WBKwkkZtx_rkB28tE1fDePMuCgNAuHyIzXUsvMjqrBEZT5GutQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 03:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3000309
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Apr 2021 03:11:18 GMT

GET
H2 200 5e863cbe4e2f6fff7322c19a_LegalShield-NewLogo-FullColor.svg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 8 KB
4 KB 548ms
545ms Image
image/svg+xml 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fff7322c19a_LegalShield-NewLogo-FullColor.svg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3ebf0a2e27f0fec47c218f22f8cec076f4988067a9fb0ef2a842949b0e6086

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 19:28:00 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: 4YV3bbg4wnOjy6kOfEDtA4AQZI1lLMpe
status: 200
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: zbbKck5jeczsnxbjZE1teTChJ3evZorcckSE0_cZhinbzR0vHSSuDw==
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)

GET
H2 200 5e9f41f3cef86827634daa32_5e98a6d7c332ea78f8d04279_Man%20on%20Zoom%20Call.jpeg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 453 KB
454 KB 454ms
452ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e9f41f3cef86827634daa32_5e98a6d7c332ea78f8d04279_Man%20on%20Zoom%20Call.jpeg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d579ea80985ef4f62bfb45b2ec3e25e9f7498081b95d1667d8e3f4bd3b0d6836

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Tue, 21 Apr 2020 18:56:52 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "fbf42c7d31fc31a52042316ee75389e0"
x-cache: Miss from cloudfront
x-amz-version-id: XUxaby9lJZjF98UivoYjMRLZAdyN5VAf
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 463861
x-amz-cf-id: sY6QRYQczlBXVTPI0qJv7NATmKlwEtvHGZ8YYck4taZADgApxYCHJw==

GET
H2 200 5e863cbe4e2f6f85bf22ca34_manworkingwithson%20(1).jpg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 39 KB
40 KB 426ms
424ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e863cbe4e2f6f85bf22ca34_manworkingwithson%20(1).jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f110bcb57db5ecd253d4066e77a3452416253f664abaf8f401990e9ed4b3365

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:56 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "db138a3a8a489758ed46e2f65d3b79b4"
x-cache: Miss from cloudfront
x-amz-version-id: vb4Ad9SV5LJpaHlnD8wq5j.2OhkNQFUl
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 40014
x-amz-cf-id: IUqGBxilWjX-XGWlqxw6mQs5NMdlpKF6Hcd_l9XuI2dyPjWn6_RWWQ==

GET
H2 200 5e863cbe4e2f6f459622ca2f_older%20happy%20couple%20(1).jpg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 54 KB
54 KB 426ms
424ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e863cbe4e2f6f459622ca2f_older%20happy%20couple%20(1).jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edda843b465eae001e6ef0a5a538234c4639ccd990831d868c3b50c7dee9d48d

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:56 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "a7ea4d02cd6f94c4e8f366d668ba3dbf"
x-cache: Miss from cloudfront
x-amz-version-id: AlxjrbDIFg65bocsq_UDwFOi2SWuIZo9
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 55045
x-amz-cf-id: RvJvsXsWgL7bfGT1_D51SqpbSHmazLoM0qqGPpuZ5vc2KhYjpoAiIg==

GET
H2 200 5e863cbe4e2f6f472422ca3d_woman%20pushing%20mother%20in%20wheelchair%20(1).jpg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 121 KB
122 KB 455ms
453ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e863cbe4e2f6f472422ca3d_woman%20pushing%20mother%20in%20wheelchair%20(1).jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efd61823d101f0de55dde483fb25ff3b59da56b963d4b745c8a581dd9b44db0

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:56 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "8402ef2c5fbd44a647520359d45129a0"
x-cache: Miss from cloudfront
x-amz-version-id: Y0RtX_eqGT.j_qvx2wLOSLEbYM.78hvq
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 124253
x-amz-cf-id: JGQYOr4HRa4JLQIVYAbG5PLTnlY-NIKK4c6buJohmc_gYGNY0NYazg==

GET
H2 200 5e863cbe4e2f6fa3da22ca30_packing%20boxes%20(1).jpg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 39 KB
39 KB 453ms
451ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e863cbe4e2f6fa3da22ca30_packing%20boxes%20(1).jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12cc87a15d94b1d5da90966962f3db458b798f92d05ff15b5d6ee9a3d9ac14fd

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:56 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "4c3d8d2bd5d1ac6f8842c94aa3335bf4"
x-cache: Miss from cloudfront
x-amz-version-id: z.W50BHHmJBAa7SOD3smB076hPl_jg5B
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 39677
x-amz-cf-id: mhdPWBqz307p9a-hAyY_GmsPH8YHEcqMzdfLfQjLj8707WsGJpLtiA==

GET
H2 200 5e863cbe4e2f6fab7422ca37_man%20dealing%20with%20financal%20struggles%20(1).jpg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 69 KB
70 KB 454ms
452ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e863cbe4e2f6fab7422ca37_man%20dealing%20with%20financal%20struggles%20(1).jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfd88d81f79d8fe2d08b7db4ecaa28735ab923bfc5eeedbb54bfc616f76a24da

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:56 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "f31cbbacd24c0d98ad16fe9262d2096d"
x-cache: Miss from cloudfront
x-amz-version-id: hz7XDQ.l99nQQJZj4uaExnP6r11hn1Ou
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 71115
x-amz-cf-id: PrmzoR9PPrYycOLp8PXftocl7acmrmmrWoRX99CmW58KolJrD3-rkg==

GET
H2 200 5e863cbe4e2f6f01bd22c3a3_LegalShield-NewLogo-1Color-white.svg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 8 KB
4 KB 426ms
425ms Image
image/svg+xml 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f01bd22c3a3_LegalShield-NewLogo-1Color-white.svg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02969d8509bd96c54b533c1be3ee26abca277cf4a9b0f744c119e3c74a4a26ff

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 19:28:28 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: Pw32MTw_YGrbDp2sBdd1s9gVskgsq0nA
status: 200
cache-control: max-age=31536000, must-revalidate
content-type: image/svg+xml
x-amz-cf-id: lGCbMzkmCGK97OmxY2mn1ziSAsezFFIXDTEvlhSEimMfYhSxKstSwg==
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)

GET
H2 200 5e863cbe4e2f6f5e3322c45a_41f513c9-compressed-bbb-logo-2x.png
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 4 KB
4 KB 426ms
425ms Image
image/png 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f5e3322c45a_41f513c9-compressed-bbb-logo-2x.png
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:34 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "2526d0479e6c3c2ed5446b649e3c7b14"
x-cache: Miss from cloudfront
x-amz-version-id: fgwV8lthaxa75ZyK8kOI8bUm9OzpOjvC
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/png
content-length: 3841
x-amz-cf-id: o6lXX7WhgDPB-IKpULVLCOmm-ETVUamjIC7QxuTFOvwDRHgAisLKUg==

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
31 KB 453ms
401ms Script
application/javascript 52.84.50.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e863cbe4e2f6f051022c162
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.50.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-50-204.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://covid19.legalshieldbenefits.com/
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
status: 200
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: AiWq7DiDvq-VR6KGV0VhheFpRy8yQgkv7tH1F9C_szMjaALV5HuXkQ==
via: 1.1 0e4b604319ca1dc81c333441f110c482.cloudfront.net (CloudFront)

GET
H2 200 covid19legalshieldbenefits.9a1a4a1cc.js Show response
assets-global.website-files.com/5e863cbe4e2f6f051022c162/js/ 196 KB
56 KB 436ms
435ms Script
text/javascript 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/js/covid19legalshieldbenefits.9a1a4a1cc.js
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16bd8fe546b6f01ae92c4d571096293676180e98b1d623d5e67be465f3b10200

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 20:16:27 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "08a69207169662ff31460e9fc4298888"
x-cache: Miss from cloudfront
x-amz-version-id: DuuYBiYPyx9dWlFzJf46v041p1_cloeV
status: 200
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
content-type: text/javascript
content-length: 57267
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
x-amz-cf-id: yR1loFO5BiTqb13JPcFyks3v4D1RlmevIGC0YVUBAk4zhaceM-DKuQ==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 74ms
25ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 13:56:52 GMT
server: nginx/1.15.8
etag: W/"5e8dd824-582c2"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 14 May 2020 20:36:27 GMT
x-host: s7.addthis.com
content-length: 116281

GET
H2 200 css
fonts.googleapis.com/ 8 KB
933 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 May 2020 20:36:27 GMT
server: ESF
date: Thu, 14 May 2020 20:36:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 May 2020 20:36:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
27 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8

Requested by

Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c966074872fd14b3a7016ca2cda89872b59995de3da3982840474893a36174a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27564
x-xss-protection: 0
last-modified: Thu, 14 May 2020 20:07:45 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 May 2020 20:36:27 GMT

GET
H2 200 5e863cbe4e2f6f076222c471_iStock-1210333449.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 317 KB
318 KB 457ms
457ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f076222c471_iStock-1210333449.jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a

Request headers

Referer: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:35 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "ce37f09278eb5b0055d39c8fe33dab91"
x-cache: Miss from cloudfront
x-amz-version-id: B2RII2XX2KfLs8oxjyZ_fyBGiCCnULUv
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 324368
x-amz-cf-id: QpwUYIzVDiDRVF6bnH7NtOdtsokTgbz9USgAYV4i4xY-PB-LzXsVqA==

GET
H2 200 5e863cbe4e2f6fcf3922c44d_iStock-855246284.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 450 KB
451 KB 451ms
450ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fcf3922c44d_iStock-855246284.jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c

Request headers

Referer: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:34 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "e4f93b297e23987649f2ae60c9989d1f"
x-cache: Miss from cloudfront
x-amz-version-id: 4gA368qOqa3Rq2BoBrdRa92gU3tbpl1A
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 461029
x-amz-cf-id: UR3dn9QeBO6SGvh3TPhsnlV_cBWLX0MIq6fqxARxgmDNNxDTfhPJzQ==

GET
H2 200 5e863cbe4e2f6fce4f22c46c_120cd9cf-again_00000000000000000001o.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 83 KB
84 KB 450ms
450ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fce4f22c46c_120cd9cf-again_00000000000000000001o.jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075

Request headers

Referer: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:35 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "9a760d06f999bdc7bd13f02f65688a7a"
x-cache: Miss from cloudfront
x-amz-version-id: 1fIJ0.4Q6EBFOTMl.TudMZyFufyMSS_M
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 85369
x-amz-cf-id: bGps5cmvje5p6e-75SWxv3UVXggzMcB1qDftJxdfGJ4xqaUC5Kfhhg==

GET
H2 200 5e863cbe4e2f6f69f922c46e_iStock-1162082801.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 539 KB
540 KB 216ms
216ms Image
image/jpeg 2600:9000:2093:fa00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f69f922c46e_iStock-1162082801.jpg
Requested by: Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:fa00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748

Request headers

Referer: https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 19:28:35 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "d6f068b57586a74975b1816d6e6bbc62"
x-cache: Miss from cloudfront
x-amz-version-id: FYrZSmOCzvkITmJpt_XNa9mwqlhGTrXp
status: 200
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 551595
x-amz-cf-id: fEfZsdClMSIxXQY-Wo6hCGsQLWy6G5p3ucqzSn9v2_ediJTpyOyYWg==

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Wed, 06 May 2020 03:46:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:24 GMT
server: sffe
age: 751808
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16268
x-xss-protection: 0
expires: Thu, 06 May 2021 03:46:19 GMT

GET
H2 200 iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Tue, 05 May 2020 23:48:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:13 GMT
server: sffe
age: 766104
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16456
x-xss-protection: 0
expires: Wed, 05 May 2021 23:48:03 GMT

GET
H2 200 iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Wed, 13 May 2020 04:59:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:17 GMT
server: sffe
age: 142640
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16320
x-xss-protection: 0
expires: Thu, 13 May 2021 04:59:07 GMT

GET
H2 200 iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Tue, 14 Apr 2020 21:06:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:16 GMT
server: sffe
age: 2590194
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Wed, 14 Apr 2021 21:06:33 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Sat, 11 Apr 2020 06:56:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:51:00 GMT
server: sffe
age: 2900384
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15576
x-xss-protection: 0
expires: Sun, 11 Apr 2021 06:56:43 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Mon, 11 May 2020 18:37:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:01:43 GMT
server: sffe
age: 266365
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15876
x-xss-protection: 0
expires: Tue, 11 May 2021 18:37:02 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Sat, 11 Apr 2020 11:46:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:51:44 GMT
server: sffe
age: 2882968
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15036
x-xss-protection: 0
expires: Sun, 11 Apr 2021 11:46:59 GMT

GET
H2 200 MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2
fonts.gstatic.com/s/rocksalt/v10/ 51 KB
51 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rocksalt/v10/MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.legalshieldbenefits.com

Response headers

date: Tue, 14 Apr 2020 21:00:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:42:12 GMT
server: sffe
age: 2590541
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52080
x-xss-protection: 0
expires: Wed, 14 Apr 2021 21:00:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 7072
date: Thu, 14 May 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 14 May 2020 20:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
100 B 13ms
13ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1671364752&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19.legalshieldbenefits.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1597938139&gjid=1877690278&cid=1959900139.1589488588&tid=UA-7450226-65&_gid=1597337616.1589488588&_r=1&gtm=2wg561THZL2T8&z=1116565395

Requested by

Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 May 2020 20:36:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CB62 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 74ms
24ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=20537
accept-ranges: bytes
content-length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/ 2 KB
783 B 196ms
194ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 20:36:28 GMT
content-encoding: gzip
etag: 1381002373--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 607

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 163ms
160ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5ebdabccb095a22f&bkl=0&bl=1&pdt=1500&sid=5ebdabccb095a22f&pub=ra-5bbcd112dc912095&rev=v8.28.5-wp&ln=en&pc=men&cb=0&ab=-&dp=covid19.legalshieldbenefits.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1589488588304&jsl=1&uvs=5ebdabcc13bb15e4000&skipb=1&callback=addthis.cbs.jsonp__9336586052948110
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a8450e3e74c4ea83cb260fd38a4a7986c67fa5e4f4af1dca745e5e060ffb761

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 14 May 2020 20:36:28 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame D196 0
0 27ms
27ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covid19.legalshieldbenefits.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://covid19.legalshieldbenefits.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 14 May 2020 20:36:28 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 28ms
27ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://covid19.legalshieldbenefits.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 14 May 2020 20:36:28 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.addthis.com/	1970-01-19 19:01:42	Name: loc Value: MDAwMDBFVUJFMDAyMzA5MTg0NTAwMDAwMDBDSA==
			.addthis.com/	1970-01-19 19:01:42	Name: uvc Value: 1%7C20

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
covid19.legalshieldbenefits.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ls-info.com
m.addthis.com
s7.addthis.com
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
yourcovid19legalresourcecenter.online
z.moatads.com
s7.addthis.com
184.168.131.241
23.210.248.44
23.210.250.213
2600:9000:2093:fa00:12:9e5f:cac0:93a1
2a00:1450:4001:809::2003
2a00:1450:4001:815::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:821::200a
52.18.26.20
52.84.50.204
54.70.242.13
01a9f2ee033909141e4b8865aaecf728d74d4b6a1811ca6356a5f1a08387f931
02969d8509bd96c54b533c1be3ee26abca277cf4a9b0f744c119e3c74a4a26ff
029fb6c4098335add5f38c193e9b0e97f4e2ae57fa787175ac99824dadd6e166
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0efd61823d101f0de55dde483fb25ff3b59da56b963d4b745c8a581dd9b44db0
12cc87a15d94b1d5da90966962f3db458b798f92d05ff15b5d6ee9a3d9ac14fd
16bd8fe546b6f01ae92c4d571096293676180e98b1d623d5e67be465f3b10200
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
2c966074872fd14b3a7016ca2cda89872b59995de3da3982840474893a36174a
2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3a8450e3e74c4ea83cb260fd38a4a7986c67fa5e4f4af1dca745e5e060ffb761
3c3ebf0a2e27f0fec47c218f22f8cec076f4988067a9fb0ef2a842949b0e6086
5f110bcb57db5ecd253d4066e77a3452416253f664abaf8f401990e9ed4b3365
6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748
75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c
7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2
9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e
9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c
afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a
b51abffd40c7e657b5fd07508e014715e04ec200ae3f267a92e820c37d0e2e13
ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811
bfd88d81f79d8fe2d08b7db4ecaa28735ab923bfc5eeedbb54bfc616f76a24da
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
d579ea80985ef4f62bfb45b2ec3e25e9f7498081b95d1667d8e3f4bd3b0d6836
e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
edda843b465eae001e6ef0a5a538234c4639ccd990831d868c3b50c7dee9d48d
fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080

covid19.legalshieldbenefits.com Open in urlscan Pro 52.18.26.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

50 %IPv6

12 Domains

14 Subdomains

11 IPs

4 Countries

2709 kBTransfer

3637 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19.legalshieldbenefits.com Open in urlscan Pro
52.18.26.20 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

11
IPs

4
Countries

2709 kB
Transfer

3637 kB
Size

2
Cookies

37 HTTP transactions
0 data transactions