urlscan.io logo urlscan.io
SecurityTrails logo

covid19.legalshieldbenefits.com Open in urlscan Pro
52.49.198.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://yourcovid19legalresourcecenter.online/
Effective URL: https://covid19.legalshieldbenefits.com/
Submission: On June 08 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 42 HTTP transactions. The main IP is 52.49.198.28, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is covid19.legalshieldbenefits.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 3rd 2020. Valid for: 3 months.
This is the only time covid19.legalshieldbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
yourcovid19legalresourcecenter.online
2    54.200.157.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-157-185.us-west-2.compute.amazonaws.com
ls-info.com
1    52.49.198.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-198-28.eu-west-1.compute.amazonaws.com
covid19.legalshieldbenefits.com
15    2600:9000:2182:6200:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets-global.website-files.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.226.158.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-175.dus51.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
5    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2600:9000:2182:3400:d:d64b:9600:93a1 (United States)

ASN16509 (AMAZON-02, US)
global.localizecdn.com
1    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
z.moatads.com
Domain Requested by
15 assets-global.website-files.com covid19.legalshieldbenefits.com
8 fonts.gstatic.com covid19.legalshieldbenefits.com
ajax.googleapis.com
5 global.localizecdn.com www.googletagmanager.com
global.localizecdn.com
covid19.legalshieldbenefits.com
3 s7.addthis.com covid19.legalshieldbenefits.com
s7.addthis.com
2 www.google-analytics.com www.googletagmanager.com
covid19.legalshieldbenefits.com
2 ls-info.com 2 redirects
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.googletagmanager.com covid19.legalshieldbenefits.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net covid19.legalshieldbenefits.com
1 ajax.googleapis.com covid19.legalshieldbenefits.com
1 covid19.legalshieldbenefits.com
1 yourcovid19legalresourcecenter.online 1 redirects
42 15

This site contains links to these domains. Also see Links.

Domain
covid19.wearelegalshield.com
localizejs.com
Subject Issuer Validity Valid
covid19.legalshieldbenefits.com
Let's Encrypt Authority X3		 2020-04-03 -
2020-07-02		 3 months crt.sh
*.website-files.com
Amazon		 2020-01-09 -
2021-02-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
cdn.localizejs.com
Amazon		 2020-03-20 -
2021-04-20		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://covid19.legalshieldbenefits.com/
Frame ID: 844C98C05D55F70BC017CD38C0A70267
Requests: 40 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 222DD81789B3C6B85B76AA54B9330E08
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 77C11D3233764589911CCCA65FA22A24
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://yourcovid19legalresourcecenter.online/ HTTP 301
    https://ls-info.com/d/CcgW6X HTTP 302
    https://ls-info.com/res/11054/11098?source=mobile HTTP 302
    https://covid19.legalshieldbenefits.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

42
Requests

98 %
HTTPS

54 %
IPv6

13
Domains

15
Subdomains

12
IPs

5
Countries

3151 kB
Transfer

4114 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yourcovid19legalresourcecenter.online/ HTTP 301
    https://ls-info.com/d/CcgW6X HTTP 302
    https://ls-info.com/res/11054/11098?source=mobile HTTP 302
    https://covid19.legalshieldbenefits.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid19.legalshieldbenefits.com/
Redirect Chain
  • http://yourcovid19legalresourcecenter.online/
  • https://ls-info.com/d/CcgW6X
  • https://ls-info.com/res/11054/11098?source=mobile
  • https://covid19.legalshieldbenefits.com/
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.49.198.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-198-28.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
ee1ae2c17e34aa593e184bed9a91a4830950bd4709483d13a29e4dba26e76726

Request headers

:method
GET
:authority
covid19.legalshieldbenefits.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
openresty
date
Mon, 08 Jun 2020 04:01:29 GMT
content-type
text/html
content-length
6440
content-encoding
gzip
x-lambda-id
5c60dd9b-b7fc-4a48-9428-e7d6c3ee91eb
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
age
20708
x-served-by
cache-dca17771-DCA, cache-dub4326-DUB
x-cache
HIT, HIT
x-cache-hits
1, 1
x-timer
S1591588890.835115,VS0,VE1
vary
Accept-Encoding
x-cluster-name
ap-northeast-1-prod-eks-15

Redirect headers

status
302
date
Mon, 08 Jun 2020 04:01:29 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://covid19.legalshieldbenefits.com/
x-amzn-requestid
7c71302b-8d73-4ffe-814f-7e5bf489e6df
x-amzn-remapped-content-length
0
x-amzn-remapped-connection
keep-alive
x-amz-apigw-id
Nym0AHv4PHcFs3A=
x-amzn-remapped-server
Apache
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
x-amzn-remapped-date
Mon, 08 Jun 2020 04:01:29 GMT
covid19legalshieldbenefits.1dc0ae0c9.min.css
assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/ 		235 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
029fb6c4098335add5f38c193e9b0e97f4e2ae57fa787175ac99824dadd6e166

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 20:05:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"b70682de41b2cfe509a382c57e777bed"
x-cache
Miss from cloudfront
x-amz-version-id
u_vr4DDn0O94FzV6jSYoyDkMOolkugIQ
status
200
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/css
content-length
30032
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-id
AiA5AwrfLFG8CfR5Wmghr0M9hc-qD9iQSLw8vo6BV8KnM3ZeDCFAdQ==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 May 2020 04:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1639336
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 04:39:13 GMT
5e863cbe4e2f6fff7322c19a_LegalShield-NewLogo-FullColor.svg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fff7322c19a_LegalShield-NewLogo-FullColor.svg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c3ebf0a2e27f0fec47c218f22f8cec076f4988067a9fb0ef2a842949b0e6086

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 19:28:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
4YV3bbg4wnOjy6kOfEDtA4AQZI1lLMpe
status
200
cache-control
max-age=31536000, must-revalidate
content-type
image/svg+xml
x-amz-cf-id
X6xv7Gw4DcArYlcebqR1vvgMgZ8O_nWMqRJC0CAaR8-RBVH_aN_prw==
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
5ed953c133916632e8d6fbb7_UnemploymentFraud-p-500.png
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5ed953c133916632e8d6fbb7_UnemploymentFraud-p-500.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2537733d1b5a31081b51d94359f99501683f95b8a0f6c5e13967d298992465e

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 20:04:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"26f7f78622a316321c0c01756f1a7609"
x-cache
Miss from cloudfront
x-amz-version-id
gh1skWi5V95BCJLxeskqMT8duQgpKWm.
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
237522
x-amz-cf-id
oIJ2b7Qxs38U3Y5aV_1889tqH-I-3n5Wv_3ZdFNYhA6m0SXJBWhecw==
5e9f41f3cef86827634daa32_5e98a6d7c332ea78f8d04279_Man%20on%20Zoom%20Call-p-800.jpeg
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5e9f41f3cef86827634daa32_5e98a6d7c332ea78f8d04279_Man%20on%20Zoom%20Call-p-800.jpeg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
529259ac23fde03ef9e0771358e2073b7ff32f991d93596ea80f5af1e85ff086

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 18:56:55 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"0e5270dbe7b786f6f8a202dd1107fb5c"
x-cache
Miss from cloudfront
x-amz-version-id
qjgOcqnsFmLrl0t3rI7tkOkba5RYejJj
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
117581
x-amz-cf-id
pV2QIeAgWWWJBLG14D68d_x-JYQF505QGjJuCiClwA0sgRau0QYm3w==
5ecfc57e6691be07375c0ea2_5ece5a0ef063dada5fd19fee_Password%20Privacy%20blog%20post-p-500.png
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5ecfc57e6691be07375c0ea2_5ece5a0ef063dada5fd19fee_Password%20Privacy%20blog%20post-p-500.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fb0e4543a4410426aa3b3e69622ce28171b2afca45800f1f042dd785a7a7512

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 14:07:00 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"e0cdfa304942b6e82fb3249d56420597"
x-cache
Miss from cloudfront
x-amz-version-id
XL8lsSdedMejQWtrwtGYeQmWL_0icp_7
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
218728
x-amz-cf-id
x2JoFbshbbXNBPEDBDw6DEavARmixWh8-N2D8-ZOKZTrXNvRd0NIHA==
5ecfc5d9a456ff22be34c249_5ece599888916566182585d4_Social%20Media%20blog%20post%202-p-500.png
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5ecfc5d9a456ff22be34c249_5ece599888916566182585d4_Social%20Media%20blog%20post%202-p-500.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35f53d2bd9f387bab4b9b721806af20c27ab232f68d9edbbad42fad339efc124

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 14:08:30 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"b9f7a9e3b097c72c6dff1f3ba05c41b2"
x-cache
Miss from cloudfront
x-amz-version-id
I8R6UTdSQFw40k6.tiuUnpRXoSK81Or8
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
255124
x-amz-cf-id
Ade0W6t07XFK8wDrJ-s1l7mF_6vpHmTP7ISnwOYvEFMppLyvTyv_3A==
5ecfc91996ca830ef4b6cceb_5ece592afe2fa1d521da5d9f_Smart%20Devices%20Spying%20blog%20post%203-p-500.png
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		181 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5ecfc91996ca830ef4b6cceb_5ece592afe2fa1d521da5d9f_Smart%20Devices%20Spying%20blog%20post%203-p-500.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4697f8df968b41d1e5038b9c81f51159d9ff2b5cdded7cc632d28dbde6d0da02

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 14:22:21 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"172347cb073ce076e0d6804af174831c"
x-cache
Miss from cloudfront
x-amz-version-id
eA83vMI6kVetmYKQZbmpP87RtNio1o1R
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
185000
x-amz-cf-id
2cLItxOc5xiSVLa38Mz3epm2CK3wWKHU9bkjLwsYcChf0FIVRsLs-A==
5ecfc953b6b559a8f30f4be3_5ece58b8037f36348769099e_Think%20Before%20You%20Click%20blog%20post%204-p-500.png
assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/ 		201 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f30cd22c160/5ecfc953b6b559a8f30f4be3_5ece58b8037f36348769099e_Think%20Before%20You%20Click%20blog%20post%204-p-500.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aefc06191bfda492e55dfced617c613e5725c7bbe48426ea2d23fc17daf3e5f0

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 28 May 2020 14:23:20 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"cb6cc61f27305f5568b66703552e96c8"
x-cache
Miss from cloudfront
x-amz-version-id
nfMtpUQ5lywJ1j5cpmBCLr6DN2ZlczAI
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
205765
x-amz-cf-id
lvnB2DNvPvAlCBOi5nI-BZtfLTfszfwu7IeDA0ONltA7DwlcS6omww==
5e863cbe4e2f6f01bd22c3a3_LegalShield-NewLogo-1Color-white.svg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f01bd22c3a3_LegalShield-NewLogo-1Color-white.svg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02969d8509bd96c54b533c1be3ee26abca277cf4a9b0f744c119e3c74a4a26ff

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Thu, 02 Apr 2020 19:28:28 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
Pw32MTw_YGrbDp2sBdd1s9gVskgsq0nA
status
200
cache-control
max-age=31536000, must-revalidate
content-type
image/svg+xml
x-amz-cf-id
HVUxbdcDxowXRz930jS-2RovtjZPLgMv2jIM-q0qyhV4MSUrEl2WYQ==
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
5e863cbe4e2f6f5e3322c45a_41f513c9-compressed-bbb-logo-2x.png
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f5e3322c45a_41f513c9-compressed-bbb-logo-2x.png
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 19:28:34 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"2526d0479e6c3c2ed5446b649e3c7b14"
x-cache
Miss from cloudfront
x-amz-version-id
fgwV8lthaxa75ZyK8kOI8bUm9OzpOjvC
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
3841
x-amz-cf-id
rjrVCunZjvxoBlmRNDqVnox3AmtYh7CI9GiTghP_ARigEgAb_9Gn3w==
jquery-3.4.1.min.220afd743d.js
d3e54v103j8qbb.cloudfront.net/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e863cbe4e2f6f051022c162
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.158.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-175.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covid19.legalshieldbenefits.com/
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 18:13:30 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=84600, must-revalidate
x-cache
Miss from cloudfront
x-amz-cf-id
3E2OHm9AdZhk385eKmqdUxCqbWAUm298kYnRt763Uegck-_hc6NNjw==
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
covid19legalshieldbenefits.ff7f4e55f.js
assets-global.website-files.com/5e863cbe4e2f6f051022c162/js/ 		180 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/js/covid19legalshieldbenefits.ff7f4e55f.js
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d738262011931e046ba26afa91b452d023bae596875b0640e31673a6c7bdfa9e

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 20:05:16 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"88521b8308793d139727172b76e19b5c"
x-cache
Miss from cloudfront
x-amz-version-id
V8It95L1o8_Vx3S1wkCOBCdrmdPNY._6
status
200
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/javascript
content-length
53191
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-id
mU3WT72OK-8vd0_MhbpvU7I9rt8JN-n-Z90KE0afcjGJIJCyqn_1iQ==
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 02 Jun 2020 20:09:59 GMT
server
nginx/1.15.8
etag
W/"5ed6b217-582c2"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
date
Mon, 08 Jun 2020 04:01:30 GMT
x-host
s7.addthis.com
content-length
116281
css
fonts.googleapis.com/ 		8 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Jun 2020 04:01:30 GMT
server
ESF
date
Mon, 08 Jun 2020 04:01:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Jun 2020 04:01:30 GMT
gtm.js
www.googletagmanager.com/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c35f40a3723c6c22048800c026a4c1919dd72229987e2bf2bbae6f7ec8845ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:30 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27807
x-xss-protection
0
last-modified
Mon, 08 Jun 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Jun 2020 04:01:30 GMT
5e863cbe4e2f6f076222c471_iStock-1210333449.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f076222c471_iStock-1210333449.jpg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a

Request headers

Referer
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 19:28:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"ce37f09278eb5b0055d39c8fe33dab91"
x-cache
Miss from cloudfront
x-amz-version-id
B2RII2XX2KfLs8oxjyZ_fyBGiCCnULUv
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
324368
x-amz-cf-id
gfSdW_-zcGtDAlluDCxqUxZ2UYkAzIxG_PoJRQBJx7hDuO_hfDbQbg==
5e863cbe4e2f6fcf3922c44d_iStock-855246284.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		450 KB
451 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fcf3922c44d_iStock-855246284.jpg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c

Request headers

Referer
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 19:28:34 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"e4f93b297e23987649f2ae60c9989d1f"
x-cache
Miss from cloudfront
x-amz-version-id
4gA368qOqa3Rq2BoBrdRa92gU3tbpl1A
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
461029
x-amz-cf-id
m1-AF-kBcA5mwsk2PdrFRwyyOUi-AuDCzVqRUicVJUm4ACSBgfz20g==
5e863cbe4e2f6fce4f22c46c_120cd9cf-again_00000000000000000001o.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6fce4f22c46c_120cd9cf-again_00000000000000000001o.jpg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075

Request headers

Referer
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 19:28:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"9a760d06f999bdc7bd13f02f65688a7a"
x-cache
Miss from cloudfront
x-amz-version-id
1fIJ0.4Q6EBFOTMl.TudMZyFufyMSS_M
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
85369
x-amz-cf-id
tTzEmWvl1L7R49AZNszL-DbAlYTmaguFxa4Z2aR1I91QlN6cuRJ6DA==
5e863cbe4e2f6f69f922c46e_iStock-1162082801.jpg
assets-global.website-files.com/5e863cbe4e2f6f051022c162/ 		539 KB
540 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/5e863cbe4e2f6f69f922c46e_iStock-1162082801.jpg
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:6200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748

Request headers

Referer
https://assets-global.website-files.com/5e863cbe4e2f6f051022c162/css/covid19legalshieldbenefits.1dc0ae0c9.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 19:28:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
"d6f068b57586a74975b1816d6e6bbc62"
x-cache
Miss from cloudfront
x-amz-version-id
FYrZSmOCzvkITmJpt_XNa9mwqlhGTrXp
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/jpeg
content-length
551595
x-amz-cf-id
ptM-gveQ7IKiTtUUCL3pyh0K_croEWKoCjwq8tEdHC84esTBWRgnXA==
iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Tue, 19 May 2020 14:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:13 GMT
server
sffe
age
1691142
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16456
x-xss-protection
0
expires
Wed, 19 May 2021 14:15:48 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 20 May 2020 07:38:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jul 2019 00:01:43 GMT
server
sffe
age
1628581
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15876
x-xss-protection
0
expires
Thu, 20 May 2021 07:38:29 GMT
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Tue, 19 May 2020 14:20:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:27:24 GMT
server
sffe
age
1690845
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16268
x-xss-protection
0
expires
Wed, 19 May 2021 14:20:45 GMT
iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 20 May 2020 15:54:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:27:17 GMT
server
sffe
age
1598835
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16320
x-xss-protection
0
expires
Thu, 20 May 2021 15:54:15 GMT
iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 27 May 2020 03:00:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:27:16 GMT
server
sffe
age
1040454
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14932
x-xss-protection
0
expires
Thu, 27 May 2021 03:00:36 GMT
neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v7/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 20 May 2020 07:37:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:51:00 GMT
server
sffe
age
1628665
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15576
x-xss-protection
0
expires
Thu, 20 May 2021 07:37:05 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 20 May 2020 08:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:51:44 GMT
server
sffe
age
1625394
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15036
x-xss-protection
0
expires
Thu, 20 May 2021 08:31:36 GMT
MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2
fonts.gstatic.com/s/rocksalt/v10/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rocksalt/v10/MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin
https://covid19.legalshieldbenefits.com

Response headers

date
Wed, 27 May 2020 08:05:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:42:12 GMT
server
sffe
age
1022184
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52080
x-xss-protection
0
expires
Thu, 27 May 2021 08:05:06 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3911
date
Mon, 08 Jun 2020 02:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 08 Jun 2020 04:56:19 GMT
localize.js
global.localizecdn.com/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/localize.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:3400:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0026e7bf714911695d0645bace98d96110978ede7ce4d094f26d84d1ae5976b4

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v
409
x-amz-version-id
WstDSnZgLoZgucMarVWqg7VAEnnLfXm.
content-encoding
gzip
age
9065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 29 May 2020 15:06:18 GMT
server
AmazonS3
date
Mon, 08 Jun 2020 01:30:26 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
public, max-age=172800
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
GcYxueBJsK64T0oQfAWi0fGd9TXWAe37XX9abch1K5IKI3veD1I5qw==
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1134227750&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19.legalshieldbenefits.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1239344980&gjid=321586227&cid=2129345621.1591588891&tid=UA-7450226-65&_gid=777643488.1591588891&_r=1&gtm=2wg5r0THZL2T8&z=214216134
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jun 2020 04:01:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tu
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 		501 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tu?v=409
Requested by
Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:3400:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67995899d3a588709ad7a20cfe29bef3e14fff6870602723d4d6a523b630c49a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:30 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
status
200
pragma
no-cache
access-control-allow-origin
*
server
nginx
etag
W/"1f5-YTUNhwryHNUH6ZkGtQSmmw0y2Tg"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
via
1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
JJdq38Llz66hUBrSIGX7ypw5TGKdEgRPTZCpwo3iLmcVfWP6C7l4eQ==
expires
0
g
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/g?v=0&l=source
Requested by
Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:3400:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
41659a19373c743994ec83fb953e874291ef6d30f185ccd16b271e3907f2d937
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Jun 2020 23:30:32 GMT
content-encoding
gzip
server
nginx
age
16258
status
200
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=43200
x-amz-cf-pop
DUS51-C1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-id
02w8sbGGF-_dZGTecL1-4phapbTgDQwX7cSQlye4XjEBlxdyds4nnQ==
via
1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 222D 		0
0
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=61063
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
tl.gif
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tl.gif?l=source&c=9772131
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:3400:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
_fH2-BsekjVvHww5WQnIRUs7Y5BWGtoW5BV-VXrV7eY3fZA3O1kD-w==
expires
0
tl.gif
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 		43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tl.gif?l=en&c=4556388
Requested by
Host: covid19.legalshieldbenefits.com
URL: https://covid19.legalshieldbenefits.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:3400:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jun 2020 04:01:31 GMT
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
status
200
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
lnqbrzHIJe6-YNIBeBpEAecLxzWm1HxRcxChb2VlSoxq1w1DcDtROw==
expires
0
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/ 		2 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 04:01:31 GMT
content-encoding
gzip
etag
1381002373--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=59, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
607
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=5eddb81b94933cc7&bkl=0&bl=1&pdt=2645&sid=5eddb81b94933cc7&pub=ra-5bbcd112dc912095&rev=v8.28.6-wp&ln=en&pc=men&cb=0&ab=-&dp=covid19.legalshieldbenefits.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1591588891051&jsl=1&uvs=5eddb81bd9d97aae000&skipb=1&callback=addthis.cbs.jsonp__54349572444887340
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
e21c84d7bc59476c6d7e8e00162df46789c5b12b0081b73992058d7895ed4484

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 08 Jun 2020 04:01:31 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 77C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19.legalshieldbenefits.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covid19.legalshieldbenefits.com/

Response headers

status
200
server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 09 Sep 2019 15:34:57 GMT
etag
W/"5d767121-1115f"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
25412
date
Mon, 08 Jun 2020 04:01:31 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19.legalshieldbenefits.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Mon, 08 Jun 2020 04:01:31 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WebFont object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| Localize function| tram object| Webflow function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| addthis_share boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

1 Cookies

Domain/Path Name / Value
.addthis.com/ Name: loc
Value: MDAwMDBFVURFTlcyMzEzMTg2NTAwMjAwMDBDSA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
covid19.legalshieldbenefits.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
ls-info.com
m.addthis.com
s7.addthis.com
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
yourcovid19legalresourcecenter.online
z.moatads.com
s7.addthis.com
13.226.158.175
184.168.131.241
2.18.235.40
23.210.248.44
2600:9000:2182:3400:d:d64b:9600:93a1
2600:9000:2182:6200:12:9e5f:cac0:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:815::200a
2a00:1450:4001:819::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:825::2008
52.49.198.28
54.200.157.185
0026e7bf714911695d0645bace98d96110978ede7ce4d094f26d84d1ae5976b4
02969d8509bd96c54b533c1be3ee26abca277cf4a9b0f744c119e3c74a4a26ff
029fb6c4098335add5f38c193e9b0e97f4e2ae57fa787175ac99824dadd6e166
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c35f40a3723c6c22048800c026a4c1919dd72229987e2bf2bbae6f7ec8845ba
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
35f53d2bd9f387bab4b9b721806af20c27ab232f68d9edbbad42fad339efc124
3c3ebf0a2e27f0fec47c218f22f8cec076f4988067a9fb0ef2a842949b0e6086
41659a19373c743994ec83fb953e874291ef6d30f185ccd16b271e3907f2d937
4697f8df968b41d1e5038b9c81f51159d9ff2b5cdded7cc632d28dbde6d0da02
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb0e4543a4410426aa3b3e69622ce28171b2afca45800f1f042dd785a7a7512
529259ac23fde03ef9e0771358e2073b7ff32f991d93596ea80f5af1e85ff086
6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748
67995899d3a588709ad7a20cfe29bef3e14fff6870602723d4d6a523b630c49a
75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c
7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2
9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e
9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c
aefc06191bfda492e55dfced617c613e5725c7bbe48426ea2d23fc17daf3e5f0
afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a
b2537733d1b5a31081b51d94359f99501683f95b8a0f6c5e13967d298992465e
ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
d738262011931e046ba26afa91b452d023bae596875b0640e31673a6c7bdfa9e
e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908
e21c84d7bc59476c6d7e8e00162df46789c5b12b0081b73992058d7895ed4484
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee1ae2c17e34aa593e184bed9a91a4830950bd4709483d13a29e4dba26e76726
fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080