urlscan.io logo urlscan.io
SecurityTrails logo

login.legalshield.com Open in urlscan Pro
2606:4700::6812:944  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZ...
Effective URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Submission: On March 29 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:944, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.legalshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time login.legalshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.56 11377 (SENDGRID)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 4
1    167.89.115.56 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net
sg.legalshield.com
17    2606:4700::6812:944 (United States)

ASN13335 (CLOUDFLARENET, US)
login.legalshield.com
design.api.legalshield.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 legalshield.com
sg.legalshield.com
login.legalshield.com
design.api.legalshield.com
1 MB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
110 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
351 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1479
5 KB
21 4
Domain Requested by
10 design.api.legalshield.com login.legalshield.com
7 login.legalshield.com login.legalshield.com
static.cloudflareinsights.com
2 www.googletagmanager.com login.legalshield.com
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com login.legalshield.com
1 sg.legalshield.com 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
pplsi.com
Subject Issuer Validity Valid
legalshield.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Frame ID: 110D72B907508DF949208D19D21FFA61
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Verify Your Identity

Page URL History Show full URLs

  1. http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieO... HTTP 302
    https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

1567 kB
Transfer

4471 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZpRkDVYhiYpsb7kmzSy5LYyRTXg0E-2F5VazSmIgiWsEz28wz-2BBpSNMQ-2FtlLfjZmzuL2zoy8OeM51jdISwnL2TyTpNAMu-2BEzOKY-3D1sBT_xK1japI3Lshn3uPvI4t5Lr57N2HwVSCso0uD989ia3ujnIuC2WACL8TmSJ-2FcuBiiJebeaLlLPJMO5RYADLcTO18Lxd-2F0RvPS1TWl6UU5bz8qSW5e2ndIBQTFGic5HOAZIKaPpsmuHIZHUxLFbE6PRyeFpZTe61xAwaP7CX-2BGFjH5ppnrRM7CO1y0KmqvOYVzKYK0TLMzW3SP53xq-2FhbR7u6LoYjogM8dZOQjkwThRg9CeRkV09bNX3HFHN1O3WnscC7z8rMdOKmqOjbZsiE5yQ-2FgN-2FARReZ-2F8Fbra-2B-2F5-2BODOHq1H3GsppPqItxNLxyKpm-2BwFFZLCMgyALswridcVsRSL3NdJyAjePHHO4DFjK7OkYZwVbFezvvEdKivhss-2BEJNlBxRMve1HTJ8hqlq5puR-2B4CzC9KyiXiiYCn22UKa89gr8ocgOFbZUOeW8i9RN2gtWeEHgoIEM8Q5EDnY8kflsqBangSz6-2BJ3IVWKd-2BRLVp3Fr4pCjEE8nNwX1Haw04T5eqcmfQhoM-2B9eJCxA1a1A-3D-3D HTTP 302
    https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request verify-identity
login.legalshield.com/
Redirect Chain
  • http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZpRkDVYhiYpsb7kmzSy5LYyRTXg0E-2F5VazSmIgiWsEz28wz-2BBpSNMQ-2FtlLfjZmzuL2zoy8...
  • https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54af31ff9e53c77ebc4f07d7b3584458ebab35973d2a0be0b81e27202816e916

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 29 Mar 2022 17:13:25 GMT
content-type
text/html; charset=utf-8
cf-ray
6f3a3c6ab9e301e3-ZRH
cache-control
no-store,no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
server
cloudflare
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Mar 2022 17:13:24 GMT
Content-Type
text/html; charset=utf-8
Content-Length
151
Connection
keep-alive
Location
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
X-Robots-Tag
noindex, nofollow
adsutil.css
design.api.legalshield.com/assets/stylesheets/ 		3 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/adsutil.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
etag
W/"1d83a318369f515"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48c101e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
ux_framework.css
design.api.legalshield.com/assets/stylesheets/ 		156 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/ux_framework.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff320243b851671a867ae600e863423b8c05a0e8befce983c8122b5f5291b59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
etag
W/"1d83a319da1b3b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48c401e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
pplsi.css
design.api.legalshield.com/assets/stylesheets/ 		1 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/pplsi.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50f65f3a671b34e36b668cbf07739481d596c122f8a6e17d2ca7cc8b6be4496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
etag
W/"1d83a318369fb96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48bf01e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
api.js
login.legalshield.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6f3a3c6f38ad01e3-ZRH
ls-and-ids-square-logo.svg
design.api.legalshield.com/assets/logos/ 		780 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/logos/ls-and-ids-square-logo.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
etag
W/"1d83a319da3de0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48c801e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
ls-and-ids-logo.svg
design.api.legalshield.com/assets/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/logos/ls-and-ids-logo.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
etag
W/"1d83a319da3c602"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48c901e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
alert-help.svg
design.api.legalshield.com/assets/icons/ 		2 KB
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/alert-help.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
etag
W/"1d83a319da3da89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c7398fc01e3-ZRH
expires
Tue, 29 Mar 2022 21:13:27 GMT
object-globe.svg
design.api.legalshield.com/assets/icons/ 		1 KB
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/object-globe.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec7fb7a56273eaf2c4b99d5d70bb72fedaf249ca5549fc0cb68bb8f188ae06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
etag
W/"1d83a319da3d9d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c73991101e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
nav-chevron-down.svg
design.api.legalshield.com/assets/icons/ 		539 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/nav-chevron-down.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
etag
W/"1d83a318369fd1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c73993001e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
nav-chevron-up.svg
design.api.legalshield.com/assets/icons/ 		540 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/nav-chevron-up.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
etag
W/"1d83a318369fd1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a3c73c98301e3-ZRH
expires
Tue, 29 Mar 2022 21:13:27 GMT
adsutil.js
design.api.legalshield.com/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/scripts/adsutil.js?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2abaf982710c311004969a7143caf5f01b13252356f1a4d279ffacfed9d919dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
etag
W/"1d83a318369d64b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a3c6f48c601e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
main-en.17145336a0fd62ad5d02.js
login.legalshield.com/main/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main-en.17145336a0fd62ad5d02.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9545e8314f2b9ed90637f406bc8481a4be3f02275d7a69789d90a7c615e347f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f683b357f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a3c6f38a501e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
main-en-us.35faca49535b7960601e.js
login.legalshield.com/main/ 		108 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main-en-us.35faca49535b7960601e.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b18fe3f3ffeab1eac0797cfe94a6f78e85fd306c7cf82a1522d0eda7305f4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f683b2d6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a3c6f38aa01e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
main.2b985bd8fc4092a88073.js
login.legalshield.com/main/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main.2b985bd8fc4092a88073.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2320656cdf3365730ded0f60084688d160802f128c741025b9ede983d0319d09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f68067d1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a3c6f38ab01e3-ZRH
expires
Tue, 29 Mar 2022 21:13:26 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://login.legalshield.com/
Origin
https://login.legalshield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:25 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6f3a3c6f6a2d0219-ZRH
gtm.js
www.googletagmanager.com/ 		128 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQ3J2B7&gtm_auth=-g_gdq8mpXSg8PHfXMX3lQ&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab1b98448274495473c9de431f32a79d1ce0a84b0997eabc6df4ba3c9f7d5ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46242
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ3J2B7&gtm_auth=-g_gdq8mpXSg8PHfXMX3lQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17e73cdcb055878cf15ad64697804bdc50be71c2438ba65a4d783e2c6e4efb70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65876
x-xss-protection
0
expires
Tue, 29 Mar 2022 17:13:27 GMT
rum
login.legalshield.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
content-type
application/json

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://login.legalshield.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6f3a3c7a9da101e3-ZRH
vary
Origin
result
login.legalshield.com/cdn-cgi/bm/cv/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/bm/cv/result?req_id=6f3a3c6ab9e301e3
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Mar 2022 17:13:27 GMT
server
cloudflare
cf-ray
6f3a3c7aee3701e3-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
collect
www.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XR6Z65RNFW&gtm=2oe3n1&_p=95147679&sr=1600x1200&ul=en-us&cid=1390946213.1648574008&_s=1&dl=https%3A%2F%2Flogin.legalshield.com%2Fverify-identity%3Fmarket%3Den-US%26utm_source%3Dsendgrid%26utm_medium%3Demail%26utm_campaign%3Dwebsite&dt=Verify%20Your%20Identity&uid=&sid=1648574007&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.env=production
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 17:13:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| a0_0x433e function| a0_0x3d7e string| footerHtml object| isPaymentIframe function| ads_set_title function| _lsh_check_mismatch function| _lsh_member_check_name_mismatch function| ads_add_menu function| ads_add_perms function| ads_set_user_menu_visible function| _lsh_process_payload function| turnOnImpersonation function| _lsh_navigate_market object| _lsh_openDropdownId object| _lsh_openButtonId object| _lsh_closedId object| _lsh_openId function| _lsh_show_menu function| _lsh_hide_menu function| _lsh_set_hb_callback function| ads_set_hamburger_callback function| _lsh_toggle_menu function| _lsh_show_help function| ads_set_help_custom function| ads_set_help_default function| ads_set_help function| _lsh_set_dynamic_vars function| _lsh_readCookie object| pplsi string| market string| brandName object| authNPayload boolean| authNPayloadValid object| authZPayload string| realmDomain object| jwt_payload object| perm_user string| helpContentDefault object| string_table_market object| regeneratorRuntime object| dataLayer object| __CF$cv$params object| __cfBeacon object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

5 Cookies

Domain/Path Name / Value
login.legalshield.com/ Name: affinitytoken
Value: 0a60f3e2098d8dd922444c722c9a2d0d
.legalshield.com/ Name: market
Value: en-us
.legalshield.com/ Name: _ga_XR6Z65RNFW
Value: GS1.1.1648574007.1.0.1648574007.0
.legalshield.com/ Name: _ga
Value: GA1.1.1390946213.1648574008
.legalshield.com/ Name: __cf_bm
Value: RKc7O7iwymPDHfAmdeOWYSv5GsVgblLVhao7.VahbCQ-1648574007-0-Ae5Ns4i7YI3ONrEvSaKOizu2ui7eVPd+Y/7M5yDKVM8UL47z5A0513STmtemXldunB+0Y/zi/0zkeyv+JUYIV2ESnP33dciQTY/lZET0O7QkhQ61D6cMQPP0Si28neqHkKQq2Z+E2HDPbFhdZIGvWb026pGlpmKoxwLDkz8nnGzL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

design.api.legalshield.com
login.legalshield.com
sg.legalshield.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
167.89.115.56
2606:4700:440e::6812:2fe6
2606:4700::6812:944
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
17e73cdcb055878cf15ad64697804bdc50be71c2438ba65a4d783e2c6e4efb70
1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f
21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1
2320656cdf3365730ded0f60084688d160802f128c741025b9ede983d0319d09
2abaf982710c311004969a7143caf5f01b13252356f1a4d279ffacfed9d919dc
34b18fe3f3ffeab1eac0797cfe94a6f78e85fd306c7cf82a1522d0eda7305f4e
54af31ff9e53c77ebc4f07d7b3584458ebab35973d2a0be0b81e27202816e916
7eec7fb7a56273eaf2c4b99d5d70bb72fedaf249ca5549fc0cb68bb8f188ae06
ab1b98448274495473c9de431f32a79d1ce0a84b0997eabc6df4ba3c9f7d5ec4
ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65
b9545e8314f2b9ed90637f406bc8481a4be3f02275d7a69789d90a7c615e347f
c50f65f3a671b34e36b668cbf07739481d596c122f8a6e17d2ca7cc8b6be4496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227
eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff320243b851671a867ae600e863423b8c05a0e8befce983c8122b5f5291b59e