covid19.wearelegalshield.ca Open in urlscan Pro
52.49.198.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronaviruslegalresourcecenter.info/
Effective URL:
https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Submission: On June 06 via api (June 6th 2020, 4:29:03 am UTC) from BE

Summary HTTP 44 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 44 HTTP transactions. The main IP is 52.49.198.28, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is covid19.wearelegalshield.ca.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 6th 2020. Valid for: 3 months.

This is the only time covid19.wearelegalshield.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	52.49.198.28 52.49.198.28	16509 (AMAZON-02) (AMAZON-02)
16	2600:9000:21f... 2600:9000:21f3:5800:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.225.73.195 13.225.73.195	16509 (AMAZON-02) (AMAZON-02)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
5	2600:9000:215... 2600:9000:2156:c600:d:d64b:9600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
44	13

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

coronaviruslegalresourcecenter.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.198.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-198-28.eu-west-1.compute.amazonaws.com

covid19.wearelegalshield.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:21f3:5800:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.195 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-195.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:c600:d:d64b:9600:93a1 (United States)

ASN16509 (AMAZON-02, US)

global.localizecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	website-files.com assets-global.website-files.com	2 MB
8	gstatic.com fonts.gstatic.com	160 KB
5	localizecdn.com global.localizecdn.com	28 KB
4	addthis.com s7.addthis.com m.addthis.com	190 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
1	addthisedge.com v1.addthisedge.com	783 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	jquery.com code.jquery.com	33 KB
1	wearelegalshield.ca covid19.wearelegalshield.ca	7 KB
1	coronaviruslegalresourcecenter.info 1 redirects coronaviruslegalresourcecenter.info	318 B
44	13

	Domain	Requested by
16	assets-global.website-files.com	covid19.wearelegalshield.ca
8	fonts.gstatic.com	covid19.wearelegalshield.ca ajax.googleapis.com
5	global.localizecdn.com	www.googletagmanager.com global.localizecdn.com covid19.wearelegalshield.ca
3	s7.addthis.com	covid19.wearelegalshield.ca s7.addthis.com
2	www.google-analytics.com	www.googletagmanager.com covid19.wearelegalshield.ca
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	covid19.wearelegalshield.ca
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	covid19.wearelegalshield.ca
1	code.jquery.com	covid19.wearelegalshield.ca
1	ajax.googleapis.com	covid19.wearelegalshield.ca
1	covid19.wearelegalshield.ca
1	coronaviruslegalresourcecenter.info	1 redirects
44	15

This site contains links to these domains. Also see Links.

Domain
covid19.wearelegalshield.com
stephit.wearelegalshield.ca
localizejs.com

Subject Issuer	Validity	Valid
covid19.wearelegalshield.ca Let's Encrypt Authority X3	`2020-04-06` - `2020-07-05`	3 months	crt.sh
*.website-files.com Amazon	`2020-01-09` - `2021-02-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
cdn.localizejs.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Frame ID: 099870B996246A406094A3E5D95E3BC8
Requests: 43 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2BC84D7656A1FFCE5C05A69157A403E1
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 71CC4C5FF6DE608A7D2DAF4CA3C713E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coronaviruslegalresourcecenter.info/ HTTP 301
https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaig... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

98 %
HTTPS

62 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

2475 kB
Transfer

3459 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://covid19.wearelegalshield.com/clkn/https//[rep-id].wearelegalshield.com/?utm_source=pbls.com&utm_medium=referral&utm_content=wals-623&utm_campaign=user_[rep-id]

Search URL Search Domain Scan URL

URL: https://stephit.wearelegalshield.ca/
Title: Contact Associate

Search URL Search Domain Scan URL

URL: https://covid19.wearelegalshield.com/clkn/https/www.bbb.org/us/ok/ada/profile/legal-services/legalshield-0995-9000434

Search URL Search Domain Scan URL

URL: https://localizejs.com/?utm_source=widget
Title: Localize

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronaviruslegalresourcecenter.info/ HTTP 301
https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
covid19.wearelegalshield.ca/
Redirect Chain

http://coronaviruslegalresourcecenter.info/
https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

19 KB
7 KB

233ms
68ms

Document
text/html

52.49.198.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.49.198.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-198-28.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 89ab0b7b1cd68d11812228e70d125b41e4b938904c7f7e5c1cf1d3e782cb619f

Request headers

:method: GET
:authority: covid19.wearelegalshield.ca
:scheme: https
:path: /?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: openresty
date: Sat, 06 Jun 2020 04:28:34 GMT
content-type: text/html
content-length: 7057
content-encoding: gzip
x-lambda-id: 09ec253b-23a8-4a02-b957-5945976cba01
via: 1.1 varnish 1.1 varnish
accept-ranges: bytes
age: 81635
x-served-by: cache-dca17757-DCA, cache-dub4347-DUB
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1591417715.894834,VS0,VE1
vary: Accept-Encoding
x-cluster-name: ap-northeast-1-prod-eks-15

Redirect headers

Server: nginx/1.16.1
Date: Sat, 06 Jun 2020 04:28:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

GET
H2 200 covid19walsca.2d2d399f9.min.css
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/ 156 KB
23 KB 51ms
9ms Stylesheet
text/css 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67b5e8689c6855e1f2cd0226b4eedaac176639c971ecbadae7bf9cca17769a9f

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:49 GMT
content-encoding: gzip
age: 17626
x-cache: Hit from cloudfront
status: 200
content-length: 23229
last-modified: Wed, 13 May 2020 18:28:44 GMT
server: AmazonS3
etag: "4c6bf4ed08f6056f58df5f2bd0125892"
x-amz-version-id: CBbuqoouCU182zeqEWcrU7vWyxH1HaBd
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: cbTTTK2m8ew8P1kYdi8-54UJMJHMeb_R3FYn4S8lKbOyK-XwAdfPUw==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 May 2020 00:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1570925
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 May 2021 00:06:29 GMT

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 34ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 06 Jun 2020 04:28:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:18:54 GMT
Server: nginx
ETag: W/"573f46fe-17b8b"
Vary: Accept-Encoding
X-HW: 1591417714.dop168.fr8.t,1591417714.cds069.fr8.shn,1591417714.dop168.fr8.t,1591417714.cds167.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33738

GET
H2 200 5e8b8828abc0b16868366710_LegalShieldCanada-Logo-FullColor-RGB.svg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 9 KB
4 KB 10ms
7ms Image
image/svg+xml 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b8828abc0b16868366710_LegalShieldCanada-Logo-FullColor-RGB.svg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04cad4547c8e6926f5c8dd944d4699948563aacbc7a03fa07daa7c76001bbd45

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 19:51:06 GMT
server: AmazonS3
age: 17625
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 6uSXHrtdRJkzahFSyKtQwIJBUwBbos51
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: NNj1jM62op9GfJ4DOBeHlDF_tbOepGgb5LE-BFTc9awTpibLSxrRMw==
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)

GET
H2 200 5e8b3894869991373eabd0d0_4%20Simple%20Tips%20Your%20Estate%20Planning%20Checklist.jpg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 34 KB
35 KB 14ms
11ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8b3894869991373eabd0d0_4%20Simple%20Tips%20Your%20Estate%20Planning%20Checklist.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb6bd4ae64caf8ea4c8dd383b88f3937100b4fa7dda434109f82a03eb5e10e1

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:49 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:28:49 GMT
server: AmazonS3
age: 17626
etag: "8713186a328f8d4ad85d533addf7ef6d"
x-cache: Hit from cloudfront
x-amz-version-id: 6KxLM0UsiPi_OK8Cs1wIYMg8H6itYaok
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 35205
x-amz-cf-id: cDriDp6fZIfCncRUFqL5jie1XRZLHSOGOq-G0Oih_7WKfE7Af-i0Uw==

GET
H2 200 5e8dff19b1d784537692277e_455e816c-istock-1138024382_0c908600000000000001o.jpg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 16 KB
17 KB 13ms
10ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8dff19b1d784537692277e_455e816c-istock-1138024382_0c908600000000000001o.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abce35f266e186e6e5fbbdbd304d7d43bb5dd0e86967892f4650198638eaa39e

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:43:06 GMT
server: AmazonS3
age: 17625
etag: "e24ffaabbea0146b21abe63a2392a379"
x-cache: Hit from cloudfront
x-amz-version-id: oLIW7eAPnfFR_JjoiKIZoGPAHApctZ3P
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 16528
x-amz-cf-id: BcGs1KjgOwwPQ6NfjqZFmZcQIF95KJWAKjNo10Y1k8gmo3KZRQOLFg==

GET
H2 200 5e8b38948699911917abd0c8_man%20dealing%20with%20financal%20struggles%20(1).jpg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 69 KB
70 KB 49ms
47ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8b38948699911917abd0c8_man%20dealing%20with%20financal%20struggles%20(1).jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfd88d81f79d8fe2d08b7db4ecaa28735ab923bfc5eeedbb54bfc616f76a24da

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:09:00 GMT
server: AmazonS3
age: 17626
etag: "f31cbbacd24c0d98ad16fe9262d2096d"
x-cache: Hit from cloudfront
x-amz-version-id: tS5mrxjvk0WPD54er02m7ALufHjjWgUS
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 71115
x-amz-cf-id: 4WbT9ZCcf3MEWQAzwf1ANwqxz_E3Mw-VLlxxYl6E6FA_ZjYwugRuFQ==

GET
H2 200 5e8b389486999172a5abd0bc_business%20owner.jpg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 33 KB
33 KB 47ms
45ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8b389486999172a5abd0bc_business%20owner.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1ae2180596abf781eaf9f1c5d796d7f40ca50f1187eaa08e36cdcc0adee070f

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:10:49 GMT
server: AmazonS3
age: 17626
etag: "9f3b04aa8ee320d21abf7859087df878"
x-cache: Hit from cloudfront
x-amz-version-id: POU6kdSCYtoVdj2HpqLa3X0Ywp0_8nfM
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 33410
x-amz-cf-id: wpbxMd3fdg_t-glAkertLctSLZUfFJHpWNQALUvIBCxVb4upKbfIeQ==

GET
H2 200 5e8b3894869991cf9aabd0c2_5e8536911263ff674dd551eb_Password%20protection-p-800.jpeg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 111 KB
112 KB 58ms
56ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8b3894869991cf9aabd0c2_5e8536911263ff674dd551eb_Password%20protection-p-800.jpeg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3694a9baacc3599b4250510a891bb39065ffe46705797e6f22b1223e87952e28

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:11:29 GMT
server: AmazonS3
age: 17626
etag: "288763b810203d48e5c7a021d84c1b4b"
x-cache: Hit from cloudfront
x-amz-version-id: QExXAekXzM4Yj5z1CrRDkUgAigNpUMsZ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 113944
x-amz-cf-id: 5tggQSAzr07r63imtuMJKY2U_xupH_s1gNVRFtfDIzoXQmy8CYG_3A==

GET
H2 200 5e8b3894869991dfaeabd0cf_5e876b741fb8353f46923926_woman%20preparing%20documents-p-800.jpeg
assets-global.website-files.com/5e8b3894869991f87fabc7f0/ 112 KB
112 KB 52ms
50ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991f87fabc7f0/5e8b3894869991dfaeabd0cf_5e876b741fb8353f46923926_woman%20preparing%20documents-p-800.jpeg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a21f4b3e8f1f5f134385d35090cdf86661c2a0f5d8cdf647524f647f374b5bad

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 16:22:57 GMT
server: AmazonS3
age: 17626
etag: "4f571be620b621cd05d0ab30e5955c06"
x-cache: Hit from cloudfront
x-amz-version-id: KKSbcOg_fbiGmjWzgpHZ85_EnQiig3PN
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 114424
x-amz-cf-id: P-MYEHu-Bu35-uZC9B1LCF6RP4YPThiPTZ-L0wzaxsxTAnt0R8oh3g==

GET
H2 200 5e8b8ffe9ef357089c7a734d_LegalShieldCanada-Logo-1Color-White.svg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 9 KB
4 KB 48ms
46ms Image
image/svg+xml 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b8ffe9ef357089c7a734d_LegalShieldCanada-Logo-1Color-White.svg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fee4979f52d061b6e23c725d80b9c452c1acc68c1d34450d8916b2323ded03bb

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
content-encoding: gzip
last-modified: Mon, 06 Apr 2020 20:24:32 GMT
server: AmazonS3
age: 17626
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: rjV_foueI97mOvscpHH9SSas2ABLFhlQ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: 5o2vzgcXWUgAEidEUPXvTuUiO3zLB-CIS9aYp4ctAV-WESDUTfnT6Q==
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)

GET
H2 200 5e8b38948699912607abcab8_41f513c9-compressed-bbb-logo-2x.png
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 4 KB
4 KB 50ms
48ms Image
image/png 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b38948699912607abcab8_41f513c9-compressed-bbb-logo-2x.png
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:47 GMT
server: AmazonS3
age: 17625
etag: "2526d0479e6c3c2ed5446b649e3c7b14"
x-cache: Hit from cloudfront
x-amz-version-id: sIeK8gcJ4tTsyANys_gV1ZcEIncTqXJZ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
content-length: 3841
x-amz-cf-id: 9pZuk4_PEUIarPA9aaCGPFbN1AI53gOS9ioglaNGtTneJ1_nwJpSXw==

GET
H2 200 jquery-3.4.1.min.220afd743d.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 86 KB
30 KB 517ms
407ms Script
application/javascript 13.225.73.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e8b3894869991d1d8abc7eb
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.195 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-195.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Sat, 06 Jun 2020 04:28:36 GMT
content-encoding: gzip
last-modified: Thu, 27 Jun 2019 18:13:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
status: 200
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=84600, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: mLwyI05SyJffb8vEbodW9QT3M7-RZ5gWpMzjDHHlNPLMa0qkrKybog==
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)

GET
H2 200 covid19walsca.0f727c7b4.js Show response
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/js/ 214 KB
55 KB 10ms
10ms Script
text/javascript 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/js/covid19walsca.0f727c7b4.js
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb761b142ce2aa080b75bd0fd573ae00281b06b938e19f7b50537d1cbcd078f7

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
content-encoding: gzip
age: 17626
x-cache: Hit from cloudfront
status: 200
content-length: 55488
last-modified: Wed, 13 May 2020 18:28:44 GMT
server: AmazonS3
etag: "ac227baa829f5ba57f63c6854cb3a3d0"
x-amz-version-id: XTFKR4HNNAncgamZDThaIjXH0ovveuM9
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: sVsVyIBYkXkTW77-qMrJNH6buG3QUuNhA_ZBxNDlHcH__yUFbNPUrA==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 207ms
55ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 20:09:59 GMT
server: nginx/1.15.8
etag: W/"5ed6b217-582c2"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Sat, 06 Jun 2020 04:28:35 GMT
x-host: s7.addthis.com
content-length: 116281

GET
H2 200 css
fonts.googleapis.com/ 8 KB
933 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Jun 2020 04:28:35 GMT
server: ESF
date: Sat, 06 Jun 2020 04:28:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jun 2020 04:28:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
27 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

452b9556b019d9d0b858253d9d6c7a6420f3437ad3eb744915572dae9c4057b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 04:28:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27807
x-xss-protection: 0
last-modified: Sat, 06 Jun 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Jun 2020 04:28:35 GMT

GET
H2 200 5e8b389486999164bdabcae6_iStock-1210333449.jpg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 317 KB
318 KB 60ms
60ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b389486999164bdabcae6_iStock-1210333449.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a

Request headers

Referer: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:48 GMT
server: AmazonS3
age: 17626
etag: "ce37f09278eb5b0055d39c8fe33dab91"
x-cache: Hit from cloudfront
x-amz-version-id: UFgw7GUzQtJjjye8krvG1P.4ER8tpPQ9
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 324368
x-amz-cf-id: l-MfRlSQDMtU__xkBpf5FSbV_pCvu91WVZPsv2WRb1xKboWnZF3Cbg==

GET
H2 200 5e8b389486999151d2abcad1_iStock-855246284.jpg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 450 KB
451 KB 75ms
74ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b389486999151d2abcad1_iStock-855246284.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c

Request headers

Referer: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:47 GMT
server: AmazonS3
age: 17626
etag: "e4f93b297e23987649f2ae60c9989d1f"
x-cache: Hit from cloudfront
x-amz-version-id: izABe6yKsk_IcttIAenctkUk8QwdVqMQ
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 461029
x-amz-cf-id: sTY5kT8w8FMVS2vgNjzwaflIlzNS3tF0IpWg9IN7u37-ntnrN1eE-g==

GET
H2 200 5e8b38948699911c7fabcad7_05277425-istock-1187179171_1hc0u01hc0jt00005301o.jpg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 110 KB
111 KB 67ms
67ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b38948699911c7fabcad7_05277425-istock-1187179171_1hc0u01hc0jt00005301o.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40ff63ed6c4a4cbb82a6f5e86538beafd735ed6aa1957fd624841558041f29c6

Request headers

Referer: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:47 GMT
server: AmazonS3
age: 17625
etag: "27c8f791c9d64b5c4299e9602bd3f25e"
x-cache: Hit from cloudfront
x-amz-version-id: vkXI8T45HTFG9fSIrI64l11GNQfy5kwY
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 112909
x-amz-cf-id: EiuQ9pKVp2w49wlN_Qg-R0rmcEGIczRxZFGVKpZ9eZdowgT49dNMiw==

GET
H2 200 5e8b38948699914f4dabcadf_120cd9cf-again_00000000000000000001o.jpg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 83 KB
84 KB 64ms
63ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b38948699914f4dabcadf_120cd9cf-again_00000000000000000001o.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075

Request headers

Referer: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:48 GMT
server: AmazonS3
age: 17626
etag: "9a760d06f999bdc7bd13f02f65688a7a"
x-cache: Hit from cloudfront
x-amz-version-id: TlvF_NXAvboKw69gLqGUPKjshOXDEU6n
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 85369
x-amz-cf-id: iohoV1jA6Hun9qf9FKlD1yCw_P3MXsXuZC5rTAStjkjkEgHRHdttAQ==

GET
H2 200 5e8b3894869991df69abcae5_iStock-1162082801.jpg
assets-global.website-files.com/5e8b3894869991d1d8abc7eb/ 539 KB
540 KB 70ms
69ms Image
image/jpeg 2600:9000:21f3:5800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/5e8b3894869991df69abcae5_iStock-1162082801.jpg
Requested by: Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:5800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748

Request headers

Referer: https://assets-global.website-files.com/5e8b3894869991d1d8abc7eb/css/covid19walsca.2d2d399f9.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 23:34:50 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 14:11:48 GMT
server: AmazonS3
age: 17626
etag: "d6f068b57586a74975b1816d6e6bbc62"
x-cache: Hit from cloudfront
x-amz-version-id: 3B5SEm0591elJIpxBZQa1tSdTeB.VjVs
status: 200
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 551595
x-amz-cf-id: jkZNQoReIzGjmnV9iK3x-EZwNtLLuy5cdAwN8qB4J6HTZFOxQHP2Lg==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://covid19.wearelegalshield.ca

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Tue, 19 May 2020 14:20:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:24 GMT
server: sffe
age: 1519670
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16268
x-xss-protection: 0
expires: Wed, 19 May 2021 14:20:45 GMT

GET
H2 200 iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Tue, 19 May 2020 14:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:13 GMT
server: sffe
age: 1519967
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16456
x-xss-protection: 0
expires: Wed, 19 May 2021 14:15:48 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxKcsdrM.woff2

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 20 May 2020 07:38:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jul 2019 00:01:43 GMT
server: sffe
age: 1457406
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15876
x-xss-protection: 0
expires: Thu, 20 May 2021 07:38:29 GMT

GET
H2 200 iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7F6iGmd8WD07oB-.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 20 May 2020 15:54:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:17 GMT
server: sffe
age: 1427660
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16320
x-xss-protection: 0
expires: Thu, 20 May 2021 15:54:15 GMT

GET
H2 200 iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7FCimmd8WD07oB-.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 27 May 2020 03:00:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:16 GMT
server: sffe
age: 869279
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14932
x-xss-protection: 0
expires: Thu, 27 May 2021 03:00:36 GMT

GET
H2 200 neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oAGIyY0.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 20 May 2020 07:37:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:51:00 GMT
server: sffe
age: 1457490
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15576
x-xss-protection: 0
expires: Thu, 20 May 2021 07:37:05 GMT

GET
H2 200 neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2
fonts.gstatic.com/s/sourceserifpro/v7/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourceserifpro/v7/neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxKcsdrM.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 20 May 2020 08:31:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:51:44 GMT
server: sffe
age: 1454219
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15036
x-xss-protection: 0
expires: Thu, 20 May 2021 08:31:36 GMT

GET
H2 200 MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2
fonts.gstatic.com/s/rocksalt/v10/ 51 KB
51 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rocksalt/v10/MwQ0bhv11fWD6QsAVOZrt0M6p7NGrQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Rubik:regular,500,700,900%7CSource+Serif+Pro:regular,600,700%7CRock+Salt:regular
Origin: https://covid19.wearelegalshield.ca

Response headers

date: Wed, 27 May 2020 08:05:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:42:12 GMT
server: sffe
age: 851009
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52080
x-xss-protection: 0
expires: Thu, 27 May 2021 08:05:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5536
date: Sat, 06 Jun 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sat, 06 Jun 2020 04:56:19 GMT

GET
H2 200 localize.js Show response
global.localizecdn.com/ 54 KB
20 KB 95ms
67ms Script
application/javascript 2600:9000:2156:c600:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.localizecdn.com/localize.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THZL2T8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0026e7bf714911695d0645bace98d96110978ede7ce4d094f26d84d1ae5976b4

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-x-amz-meta-v: 409
x-amz-version-id: WstDSnZgLoZgucMarVWqg7VAEnnLfXm.
content-encoding: gzip
age: 98084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Fri, 29 May 2020 15:06:18 GMT
server: AmazonS3
date: Fri, 05 Jun 2020 01:13:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lCS2kMsVQutkM87Ur1l_o-5UuJ7bRT5hzpSIumM8FCBDrkou-G6ncA==

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=804089544&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19.wearelegalshield.ca%2F%3Futm_source%3Dpbls.ca%26utm_medium%3Dreferral%26utm_content%3Dwalsca-11065%26utm_campaign%3Duser_stephit&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1807308217&gjid=1614720328&cid=1561705639.1591417715&tid=UA-7450226-57&_gid=384837500.1591417715&_r=1&gtm=2wg5r0THZL2T8&z=675977360

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 04:28:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tu Show response
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 501 B
743 B 109ms
95ms XHR
application/json 2600:9000:2156:c600:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tu?v=409

Requested by

Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:c600:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

67995899d3a588709ad7a20cfe29bef3e14fff6870602723d4d6a523b630c49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 04:28:35 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
pragma: no-cache
access-control-allow-origin: *
server: nginx
etag: W/"1f5-YTUNhwryHNUH6ZkGtQSmmw0y2Tg"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: SAARxiJeMkDQgBt2Bxu_ZGgpDHEEe7_RLTemQKNTNCHDTBiOTJwwGw==
expires: 0

GET
H2 200 g Show response
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 17 KB
7 KB 8ms
7ms XHR
text/plain 2600:9000:2156:c600:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/g?v=0&l=source

Requested by

Host: global.localizecdn.com
URL: https://global.localizecdn.com/localize.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:c600:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

41659a19373c743994ec83fb953e874291ef6d30f185ccd16b271e3907f2d937

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Jun 2020 21:36:01 GMT
content-encoding: gzip
server: nginx
age: 24755
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=43200
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-id: OqvOQNDmlenTTaultaBLt9G6rAw-XUbYjoQx5diMnpIP5c0-WI6vSA==
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2BC8 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 149ms
48ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 04:28:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=57183
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 43 B
401 B 102ms
102ms Image
image/gif 2600:9000:2156:c600:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tl.gif?l=source&c=9400319

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:c600:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 04:28:35 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 43
x-amz-cf-id: Ml3H2pMjm-iblHduFcybFHKauLyXHvZCqw8hpiVx-ESpbCnANbq6_Q==
expires: 0

GET
H2 200 tl.gif
global.localizecdn.com/api/lib/33v5I8Z8fez3a/ 43 B
401 B 94ms
93ms Image
image/gif 2600:9000:2156:c600:d:d64b:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://global.localizecdn.com/api/lib/33v5I8Z8fez3a/tl.gif?l=en&c=7709791

Requested by

Host: covid19.wearelegalshield.ca
URL: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:c600:d:d64b:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 04:28:35 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 43
x-amz-cf-id: 0bzhrCNXr5RqOIOtRUmAZe-59c9cdxbdBmew3TxOEegWlcn3Mv7Kjg==
expires: 0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/ 2 KB
783 B 244ms
243ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5bbcd112dc912095/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 04:28:35 GMT
content-encoding: gzip
etag: 1381002373--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=59, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 607

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 187ms
185ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5edb1b73821ff3dc&bkl=0&bl=1&pdt=1684&sid=5edb1b73821ff3dc&pub=ra-5bbcd112dc912095&rev=v8.28.6-wp&ln=en&pc=men&cb=0&ab=-&dp=covid19.wearelegalshield.ca&fp=%3Futm_source%3Dpbls.ca%26utm_medium%3Dreferral%26utm_content%3Dwalsca-11065%26utm_campaign%3Duser_stephit&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1591417715765&jsl=1&uvs=5edb1b73e93c9fb9000&skipb=1&callback=addthis.cbs.jsonp__54338122028126560
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 1766ea451eccfbd6297953b079dd2d47869ccf7492b24d62cd2e7c4edc3dcdd2

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 06 Jun 2020 04:28:35 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 71CC 0
0 64ms
63ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Sat, 06 Jun 2020 04:28:35 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 54ms
54ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://covid19.wearelegalshield.ca/?utm_source=pbls.ca&utm_medium=referral&utm_content=walsca-11065&utm_campaign=user_stephit
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Sat, 06 Jun 2020 04:28:36 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 19:32:25	Name: loc Value: MDAwMDBFVVNFMFMyMzkxMTkyOTE3ODAwMDBDSA==
.addthis.com/	1970-01-19 19:32:25	Name: uvc Value: 1%7C23
covid19.wearelegalshield.ca/	1970-01-19 19:32:25	Name: __atuvc Value: 1%7C23
.wearelegalshield.ca/	1970-01-20 03:34:49	Name: _ga Value: GA1.2.1561705639.1591417715
covid19.wearelegalshield.ca/	1970-01-19 10:03:39	Name: __atuvs Value: 5edb1b73e93c9fb9000
.wearelegalshield.ca/	1970-01-19 10:03:37	Name: _gat_UA-7450226-57 Value: 1
.wearelegalshield.ca/	1970-01-19 10:05:04	Name: _gid Value: GA1.2.384837500.1591417715

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
code.jquery.com
coronaviruslegalresourcecenter.info
covid19.wearelegalshield.ca
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
m.addthis.com
s7.addthis.com
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
z.moatads.com
s7.addthis.com
13.225.73.195
184.168.131.241
2.18.235.40
2001:4de0:ac19::1:b:2a
23.210.248.44
2600:9000:2156:c600:d:d64b:9600:93a1
2600:9000:21f3:5800:12:9e5f:cac0:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
52.49.198.28
0026e7bf714911695d0645bace98d96110978ede7ce4d094f26d84d1ae5976b4
04cad4547c8e6926f5c8dd944d4699948563aacbc7a03fa07daa7c76001bbd45
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
079c30478215da1e544443314dabb6ab1251fa2ae56447ace992ade3bbe3fd0c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1766ea451eccfbd6297953b079dd2d47869ccf7492b24d62cd2e7c4edc3dcdd2
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
2cf7a2cbdb649a79980acbb38ad3d0b16be7f077a3c08de70145988b8ec1b298
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3694a9baacc3599b4250510a891bb39065ffe46705797e6f22b1223e87952e28
40ff63ed6c4a4cbb82a6f5e86538beafd735ed6aa1957fd624841558041f29c6
41659a19373c743994ec83fb953e874291ef6d30f185ccd16b271e3907f2d937
452b9556b019d9d0b858253d9d6c7a6420f3437ad3eb744915572dae9c4057b0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6270ec1cc06a8f4c24c4835c6e1fc5f234acb1c716abd1bbf91f43074849f748
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67995899d3a588709ad7a20cfe29bef3e14fff6870602723d4d6a523b630c49a
67b5e8689c6855e1f2cd0226b4eedaac176639c971ecbadae7bf9cca17769a9f
75c1801706955f99642e72b188650187b05fe43bc69199ed99fe01fb3c4d549c
7bdd6ad94e89df24176c7115cefc744d9f6425a3a44a38dcfc872bd929ad352d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
817f9ddf55f874b27bb1934c13b2f2b200a2854de5daf285c96f33ffdb35b3f3
818c7a670962eeb85556a917bb4c28ddb2f5ecd02cb7a134debb0371912db075
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85514e859d16530645aaba42142657c76ebed34849a4545e42fb03a724ef5db2
89ab0b7b1cd68d11812228e70d125b41e4b938904c7f7e5c1cf1d3e782cb619f
9511b9010b4340f7e8b36bca55eeeca842c1dfcfc08e1887c42a6c75003bab8e
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9d2ed2eda5d1cb6b14f22de2e5ae8b4221cf7261199f9c8fb82fd3792ac8552c
a21f4b3e8f1f5f134385d35090cdf86661c2a0f5d8cdf647524f647f374b5bad
abce35f266e186e6e5fbbdbd304d7d43bb5dd0e86967892f4650198638eaa39e
afceabff19cb5a88e2a6844f55279907edf51a03b1806f556a52de1370628c7a
ba456800fc8a85d6018867262179541eb1388c064daea70f3a440956518de811
bb761b142ce2aa080b75bd0fd573ae00281b06b938e19f7b50537d1cbcd078f7
bfd88d81f79d8fe2d08b7db4ecaa28735ab923bfc5eeedbb54bfc616f76a24da
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
cdb6bd4ae64caf8ea4c8dd383b88f3937100b4fa7dda434109f82a03eb5e10e1
e0d5b87211a5af1000bf724d4b244647b5fab3d8c7cb1663ff6c4f9d98471908
e1ae2180596abf781eaf9f1c5d796d7f40ca50f1187eaa08e36cdcc0adee070f
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
fe54d2fc2e4f1c087578a5aa0a1f2d1f3d46fe9cf2bcd0d2d13be938e680a080
fee4979f52d061b6e23c725d80b9c452c1acc68c1d34450d8916b2323ded03bb

covid19.wearelegalshield.ca Open in urlscan Pro 52.49.198.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

62 %IPv6

13 Domains

15 Subdomains

13 IPs

5 Countries

2475 kBTransfer

3459 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19.wearelegalshield.ca Open in urlscan Pro
52.49.198.28 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

62 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

2475 kB
Transfer

3459 kB
Size

7
Cookies

44 HTTP transactions
1 data transactions