urlscan.io logo urlscan.io
SecurityTrails logo

login.legalshield.com Open in urlscan Pro
2606:4700::6812:944  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZ...
Effective URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Submission: On March 29 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:944, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.legalshield.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time login.legalshield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.83 11377 (SENDGRID)
17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 4
1    167.89.118.83 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
sg.legalshield.com
17    2606:4700::6812:944 (United States)

ASN13335 (CLOUDFLARENET, US)
login.legalshield.com
design.api.legalshield.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 legalshield.com
sg.legalshield.com
login.legalshield.com
design.api.legalshield.com
1 MB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
110 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
351 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1479
5 KB
21 4
Domain Requested by
10 design.api.legalshield.com login.legalshield.com
7 login.legalshield.com login.legalshield.com
static.cloudflareinsights.com
2 www.googletagmanager.com login.legalshield.com
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com login.legalshield.com
1 sg.legalshield.com 1 redirects
21 6

This site contains links to these domains. Also see Links.

Domain
pplsi.com
Subject Issuer Validity Valid
legalshield.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Frame ID: BCBAE55EE15D9CF152AA9C36D3DD26A6
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Verify Your Identity

Page URL History Show full URLs

  1. http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieO... HTTP 302
    https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campai... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

1567 kB
Transfer

4471 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZpRkDVYhiYpsb7kmzSy5LYyRTXg0E-2F5VazSmIgiWsEz28wz-2BBpSNMQ-2FtlLfjZmzuL2zoy8OeM51jdISwnL2TyTpNAMu-2BEzOKY-3D1sBT_xK1japI3Lshn3uPvI4t5Lr57N2HwVSCso0uD989ia3ujnIuC2WACL8TmSJ-2FcuBiiJebeaLlLPJMO5RYADLcTO18Lxd-2F0RvPS1TWl6UU5bz8qSW5e2ndIBQTFGic5HOAZIKaPpsmuHIZHUxLFbE6PRyeFpZTe61xAwaP7CX-2BGFjH5ppnrRM7CO1y0KmqvOYVzKYK0TLMzW3SP53xq-2FhbR7u6LoYjogM8dZOQjkwThRg9CeRkV09bNX3HFHN1O3WnscC7z8rMdOKmqOjbZsiE5yQ-2FgN-2FARReZ-2F8Fbra-2B-2F5-2BODOHq1H3GsppPqItxNLxyKpm-2BwFFZLCMgyALswridcVsRSL3NdJyAjePHHO4DFjK7OkYZwVbFezvvEdKivhss-2BEJNlBxRMve1HTJ8hqlq5puR-2B4CzC9KyiXiiYCn22UKa89gr8ocgOFbZUOeW8i9RN2gtWeEHgoIEM8Q5EDnY8kflsqBangSz6-2BJ3IVWKd-2BRLVp3Fr4pCjEE8nNwX1Haw04T5eqcmfQhoM-2B9eJCxA1a1A-3D-3D HTTP 302
    https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request verify-identity
login.legalshield.com/
Redirect Chain
  • http://sg.legalshield.com/ls/click?upn=asJswsX40laTV-2FxHQ-2F1lfTcPsvKZIQt-2FOpOFSYQvWZ2xJusG-2BZj7ieOUJrqIGNGq15P5FHmE2LZpRkDVYhiYpsb7kmzSy5LYyRTXg0E-2F5VazSmIgiWsEz28wz-2BBpSNMQ-2FtlLfjZmzuL2zoy8...
  • https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad70dc82cb158a1a23d6549d62c7717ef19ca54deb7f3d789570dfe7af08ef2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-type
text/html; charset=utf-8
cf-ray
6f3a32a81da6915f-FRA
cache-control
no-store,no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
server
cloudflare
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 29 Mar 2022 17:06:45 GMT
Content-Type
text/html; charset=utf-8
Content-Length
151
Connection
keep-alive
Location
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
X-Robots-Tag
noindex, nofollow
adsutil.css
design.api.legalshield.com/assets/stylesheets/ 		3 KB
843 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/adsutil.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
age
427
etag
W/"1d83a318369f515"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a32acb8c7915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
ux_framework.css
design.api.legalshield.com/assets/stylesheets/ 		156 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/ux_framework.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff320243b851671a867ae600e863423b8c05a0e8befce983c8122b5f5291b59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
age
427
etag
W/"1d83a319da1b3b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a32acb8bd915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
pplsi.css
design.api.legalshield.com/assets/stylesheets/ 		1 KB
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/assets/stylesheets/pplsi.css?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50f65f3a671b34e36b668cbf07739481d596c122f8a6e17d2ca7cc8b6be4496

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
age
427
etag
W/"1d83a318369fb96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
6f3a32acb8c0915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
api.js
login.legalshield.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6f3a32acb8a8915f-FRA
ls-and-ids-square-logo.svg
design.api.legalshield.com/assets/logos/ 		780 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/logos/ls-and-ids-square-logo.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
age
427
etag
W/"1d83a319da3de0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acb8d4915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
ls-and-ids-logo.svg
design.api.legalshield.com/assets/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/logos/ls-and-ids-logo.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
age
427
etag
W/"1d83a319da3c602"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acb8d1915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
alert-help.svg
design.api.legalshield.com/assets/icons/ 		2 KB
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/alert-help.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
age
427
etag
W/"1d83a319da3da89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acf942915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
object-globe.svg
design.api.legalshield.com/assets/icons/ 		1 KB
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/object-globe.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eec7fb7a56273eaf2c4b99d5d70bb72fedaf249ca5549fc0cb68bb8f188ae06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:58 GMT
server
cloudflare
age
427
etag
W/"1d83a319da3d9d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acf945915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
nav-chevron-down.svg
design.api.legalshield.com/assets/icons/ 		539 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/nav-chevron-down.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
age
427
etag
W/"1d83a318369fd1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acf947915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
nav-chevron-up.svg
design.api.legalshield.com/assets/icons/ 		540 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://design.api.legalshield.com/assets/icons/nav-chevron-up.svg
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
age
427
etag
W/"1d83a318369fd1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f3a32acf94b915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
adsutil.js
design.api.legalshield.com/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://design.api.legalshield.com/scripts/adsutil.js?0bd5aea39a389c0fb144937dac1125c3bdfe00af
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2abaf982710c311004969a7143caf5f01b13252356f1a4d279ffacfed9d919dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 19:02:14 GMT
server
cloudflare
age
427
etag
W/"1d83a318369d64b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a32acb8cc915f-FRA
expires
Tue, 29 Mar 2022 21:06:45 GMT
main-en.17145336a0fd62ad5d02.js
login.legalshield.com/main/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main-en.17145336a0fd62ad5d02.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9545e8314f2b9ed90637f406bc8481a4be3f02275d7a69789d90a7c615e347f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:46 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f683b357f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a32aca89b915f-FRA
expires
Tue, 29 Mar 2022 21:06:46 GMT
main-en-us.35faca49535b7960601e.js
login.legalshield.com/main/ 		108 B
204 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main-en-us.35faca49535b7960601e.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b18fe3f3ffeab1eac0797cfe94a6f78e85fd306c7cf82a1522d0eda7305f4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:46 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f683b2d6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a32aca8a0915f-FRA
expires
Tue, 29 Mar 2022 21:06:46 GMT
main.2b985bd8fc4092a88073.js
login.legalshield.com/main/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/main/main.2b985bd8fc4092a88073.js
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2320656cdf3365730ded0f60084688d160802f128c741025b9ede983d0319d09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:46 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Tue, 22 Mar 2022 22:51:46 GMT
server
cloudflare
etag
W/"1d83e3f68067d1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6f3a32acb8a3915f-FRA
expires
Tue, 29 Mar 2022 21:06:46 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://login.legalshield.com/
Origin
https://login.legalshield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:45 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6f3a32ace81e9c01-FRA
gtm.js
www.googletagmanager.com/ 		128 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQ3J2B7&gtm_auth=-g_gdq8mpXSg8PHfXMX3lQ&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0378a77124ba9532de2ec262a87e5c1507c3c232bfa78279e417668de1260fcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:47 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46239
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
result
login.legalshield.com/cdn-cgi/bm/cv/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/bm/cv/result?req_id=6f3a32a81da6915f
Requested by
Host: login.legalshield.com
URL: https://login.legalshield.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 29 Mar 2022 17:06:47 GMT
server
cloudflare
cf-ray
6f3a32b7d97d915f-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		176 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ3J2B7&gtm_auth=-g_gdq8mpXSg8PHfXMX3lQ&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fdecd04d286c20c8af6aa93f24db89e49ed87e3ff1de197763a3b0d858dfef7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65868
x-xss-protection
0
expires
Tue, 29 Mar 2022 17:06:47 GMT
rum
login.legalshield.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.legalshield.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://login.legalshield.com/verify-identity?market=en-US&utm_source=sendgrid&utm_medium=email&utm_campaign=website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
content-type
application/json

Response headers

date
Tue, 29 Mar 2022 17:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://login.legalshield.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6f3a32b83a66915f-FRA
vary
Origin
collect
www.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XR6Z65RNFW&gtm=2oe3n1&_p=453088903&sr=1600x1200&ul=en-us&cid=800350802.1648573607&_s=1&dl=https%3A%2F%2Flogin.legalshield.com%2Fverify-identity%3Fmarket%3Den-US%26utm_source%3Dsendgrid%26utm_medium%3Demail%26utm_campaign%3Dwebsite&dt=Verify%20Your%20Identity&uid=&sid=1648573607&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.env=production
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.legalshield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 17:06:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://login.legalshield.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| a0_0x433e function| a0_0x3d7e string| footerHtml object| isPaymentIframe function| ads_set_title function| _lsh_check_mismatch function| _lsh_member_check_name_mismatch function| ads_add_menu function| ads_add_perms function| ads_set_user_menu_visible function| _lsh_process_payload function| turnOnImpersonation function| _lsh_navigate_market object| _lsh_openDropdownId object| _lsh_openButtonId object| _lsh_closedId object| _lsh_openId function| _lsh_show_menu function| _lsh_hide_menu function| _lsh_set_hb_callback function| ads_set_hamburger_callback function| _lsh_toggle_menu function| _lsh_show_help function| ads_set_help_custom function| ads_set_help_default function| ads_set_help function| _lsh_set_dynamic_vars function| _lsh_readCookie object| pplsi string| market string| brandName object| authNPayload boolean| authNPayloadValid object| authZPayload string| realmDomain object| jwt_payload object| perm_user string| helpContentDefault object| string_table_market object| regeneratorRuntime object| dataLayer object| __CF$cv$params object| __cfBeacon object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

5 Cookies

Domain/Path Name / Value
login.legalshield.com/ Name: affinitytoken
Value: a0bbe61af3ba9bf9c3810678f85a459f
.legalshield.com/ Name: market
Value: en-us
.legalshield.com/ Name: __cf_bm
Value: VUaHuk.ZhX3p_V1oBGD_djEZrYkprHMfUbcieIFlifA-1648573607-0-AfT7wgPMvmbU+KF7OVDpOLMjrld1bdXxP6gCey/mSYuDvHJeloT7LKYGkaUdcJKwOlcxbZg2+ApHaBUJb8i0A+jn9iXCJEGPyQMc9zUZgw6g7ml5cTGIiUcVcj1FEXs/JsqlIWtpX5CImG1187+F9JTOUWjK+OHvhoWCojGuM2st
.legalshield.com/ Name: _ga_XR6Z65RNFW
Value: GS1.1.1648573607.1.0.1648573607.0
.legalshield.com/ Name: _ga
Value: GA1.1.800350802.1648573607

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

design.api.legalshield.com
login.legalshield.com
sg.legalshield.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
167.89.118.83
2606:4700:440e::ac40:9c1a
2606:4700::6812:944
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2008
0378a77124ba9532de2ec262a87e5c1507c3c232bfa78279e417668de1260fcb
0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f
21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1
2320656cdf3365730ded0f60084688d160802f128c741025b9ede983d0319d09
2abaf982710c311004969a7143caf5f01b13252356f1a4d279ffacfed9d919dc
34b18fe3f3ffeab1eac0797cfe94a6f78e85fd306c7cf82a1522d0eda7305f4e
4ad70dc82cb158a1a23d6549d62c7717ef19ca54deb7f3d789570dfe7af08ef2
7eec7fb7a56273eaf2c4b99d5d70bb72fedaf249ca5549fc0cb68bb8f188ae06
ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65
b9545e8314f2b9ed90637f406bc8481a4be3f02275d7a69789d90a7c615e347f
c50f65f3a671b34e36b668cbf07739481d596c122f8a6e17d2ca7cc8b6be4496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227
eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdecd04d286c20c8af6aa93f24db89e49ed87e3ff1de197763a3b0d858dfef7c
ff320243b851671a867ae600e863423b8c05a0e8befce983c8122b5f5291b59e