shieldbenefits.com Open in urlscan Pro
2606:4700:4400::6812:223c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.legalshield.com/Info/MeriwestCU
Effective URL:
https://shieldbenefits.com/MeriwestCU
Submission: On November 02 via manual (November 2nd 2022, 7:34:30 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 30 HTTP transactions. The main IP is 2606:4700:4400::6812:223c, located in United States and belongs to CLOUDFLARENET, US. The main domain is shieldbenefits.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time shieldbenefits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	2606:4700:440... 2606:4700:4400::6812:27b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::6812:223c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
30	10

12 2606:4700:4400::6812:27b0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
design.api.legalshield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:223c (United States)

ASN13335 (CLOUDFLARENET, US)

shieldbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	legalshield.com 1 redirects www.legalshield.com — Cisco Umbrella Rank: 371280 design.api.legalshield.com	30 KB
6	shieldbenefits.com shieldbenefits.com	2 MB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	173 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	361 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3590	501 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3868	348 B
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
30	9

	Domain	Requested by
11	design.api.legalshield.com	shieldbenefits.com
6	shieldbenefits.com	shieldbenefits.com
3	www.googletagmanager.com	shieldbenefits.com www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.de	shieldbenefits.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	design.api.legalshield.com
1	www.legalshield.com	1 redirects
30	10

This site contains links to these domains. Also see Links.

Domain
login.legalshield.com
accounts.legalshield.com

Subject Issuer	Validity	Valid
shieldbenefits.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-02`	a year	crt.sh
legalshield.com Cloudflare Inc ECC CA-3	`2022-07-11` - `2023-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://shieldbenefits.com/MeriwestCU
Frame ID: 09D7C93BF0411708A458F8401E96AED2
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Group Benefits

Page URL History Show full URLs

https://www.legalshield.com/Info/MeriwestCU HTTP 301
https://shieldbenefits.com/MeriwestCU Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

2103 kB
Transfer

6240 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.legalshield.com/login?app=&path=%2fMeriwestCU&port=443
Title: Sign in

Search URL Search Domain Scan URL

URL: https://accounts.legalshield.com/

Search URL Search Domain Scan URL

URL: https://login.legalshield.com/logout
Title: Sign out

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.legalshield.com/Info/MeriwestCU HTTP 301
https://shieldbenefits.com/MeriwestCU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request MeriwestCU Show response
shieldbenefits.com/
Redirect Chain

https://www.legalshield.com/Info/MeriwestCU
https://shieldbenefits.com/MeriwestCU

7 KB
2 KB

800ms
728ms

Document
text/html

2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ccf9a23335cc7c90ba3f8147e4a77e3e8a2d1e4e7bf016e3562906d87a8d8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 763f4ea45f5592b3-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 02 Nov 2022 19:34:22 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
cf-ray: 763f4ea39d5a9130-FRA
date: Wed, 02 Nov 2022 19:34:22 GMT
expires: Wed, 02 Nov 2022 20:34:22 GMT
location: https://shieldbenefits.com/MeriwestCU
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adsutil.css
design.api.legalshield.com/assets/stylesheets/ 3 KB
841 B 743ms
726ms Stylesheet
text/css 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://design.api.legalshield.com/assets/stylesheets/adsutil.css?d63fb5467da27d4bcaad84aff8981d8b8c3679e6
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 19:31:17 GMT
server: cloudflare
etag: W/"1d8dcdeddd4fa95"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 763f4ea90adc9130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 ux_framework.css
design.api.legalshield.com/assets/stylesheets/ 111 KB
18 KB 895ms
878ms Stylesheet
text/css 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://design.api.legalshield.com/assets/stylesheets/ux_framework.css?d63fb5467da27d4bcaad84aff8981d8b8c3679e6
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15c20a38910cc0fd446d9b6f32390a307374e834da71a7779d9ab17fd1a1424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:45 GMT
server: cloudflare
etag: W/"1d8dce31f662755"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 763f4ea90acf9130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 pplsi.css
design.api.legalshield.com/assets/stylesheets/ 1 KB
685 B 736ms
719ms Stylesheet
text/css 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://design.api.legalshield.com/assets/stylesheets/pplsi.css?d63fb5467da27d4bcaad84aff8981d8b8c3679e6
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b8f7bf3b495e17fc4caa7d112b86acf814089e64b44b813f68db4529553e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:17 GMT
server: cloudflare
etag: W/"1d8dce30eb7219a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 763f4ea90ad69130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 nav-menu-hamburger.svg
design.api.legalshield.com/assets/icons/ 1 KB
519 B 708ms
706ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/icons/nav-menu-hamburger.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058e81907f124c9b7546a7f00913235cf6edfb5e73d48f25501fa52f21d8a5a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:45 GMT
server: cloudflare
etag: W/"1d8dce31f679e25"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ea90af79130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 ls-and-ids-square-logo.svg
design.api.legalshield.com/assets/logos/ 780 B
642 B 33ms
31ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/logos/ls-and-ids-square-logo.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 20:01:45 GMT
server: cloudflare
age: 968
etag: W/"1d8dce31f67998c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ea90afb9130-FRA
expires: Wed, 02 Nov 2022 23:34:22 GMT

GET
H2 200 ls-and-ids-logo.svg
design.api.legalshield.com/assets/logos/ 7 KB
3 KB 753ms
752ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/logos/ls-and-ids-logo.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:45 GMT
server: cloudflare
etag: W/"1d8dce31f678182"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ea93b6c9130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 alert-help.svg
design.api.legalshield.com/assets/icons/ 2 KB
992 B 728ms
721ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/icons/alert-help.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:46 GMT
server: cloudflare
etag: W/"1d8dce320003689"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ead7d3e9130-FRA
expires: Wed, 02 Nov 2022 23:34:24 GMT

GET
H2 200 action-user-single.svg
design.api.legalshield.com/assets/icons/ 1 KB
695 B 712ms
711ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/icons/action-user-single.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb7970a02753c454886628207758068f1dc82cdec5b535479f029a7f6ebb45b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 20:01:46 GMT
server: cloudflare
etag: W/"1d8dce320003584"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ead7d439130-FRA
expires: Wed, 02 Nov 2022 23:34:24 GMT

GET
H2 200 nav-chevron-down.svg
design.api.legalshield.com/assets/icons/ 539 B
413 B 719ms
719ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/icons/nav-chevron-down.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 19:31:17 GMT
server: cloudflare
etag: W/"1d8dcdeddd4f29b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ead8d4d9130-FRA
expires: Wed, 02 Nov 2022 23:34:24 GMT

GET
H2 200 nav-chevron-up.svg
design.api.legalshield.com/assets/icons/ 540 B
409 B 713ms
712ms Image
image/svg+xml 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://design.api.legalshield.com/assets/icons/nav-chevron-up.svg
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 19:31:17 GMT
server: cloudflare
etag: W/"1d8dcdeddd4f29c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 763f4ead8d689130-FRA
expires: Wed, 02 Nov 2022 23:34:24 GMT

GET
H2 200 adsutil.js Show response
design.api.legalshield.com/scripts/ 10 KB
3 KB 705ms
702ms Script
application/javascript 2606:4700:4400::6812:27b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://design.api.legalshield.com/scripts/adsutil.js?d63fb5467da27d4bcaad84aff8981d8b8c3679e6
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3511c49bdbe792ce4c7996d5d9ff7091e2b2354094f14dbbd844f1401983449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Mon, 10 Oct 2022 19:31:17 GMT
server: cloudflare
etag: W/"1d8dcdeddd4d9d4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 763f4ea90aeb9130-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 main-en.4c1d8849c5331925e3c9b3d0da978ef1.js Show response
shieldbenefits.com/ 74 KB
13 KB 876ms
874ms Script
application/javascript 2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shieldbenefits.com/main-en.4c1d8849c5331925e3c9b3d0da978ef1.js
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885d9ab2ae99ff55e906b74af83b14212a425526e215757a582d0e923862a3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/MeriwestCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 21:39:16 GMT
server: cloudflare
etag: W/"1d8e8ba3b10bdce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 763f4ea90fa792b3-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 main-en-us.3dadc8ec461874a5d4102bc46e0a45a1.js Show response
shieldbenefits.com/ 31 KB
5 KB 1159ms
1157ms Script
application/javascript 2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shieldbenefits.com/main-en-us.3dadc8ec461874a5d4102bc46e0a45a1.js
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46325b4f08439620f74b8e054180f06f6f0463d1f509197c20e0fa56ae51178e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/MeriwestCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 21:39:16 GMT
server: cloudflare
etag: W/"1d8e8ba3b11e061"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 763f4ea90fa992b3-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 main.2b9a97d129016165047e.js Show response
shieldbenefits.com/ 5 MB
2 MB 1033ms
1031ms Script
application/javascript 2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shieldbenefits.com/main.2b9a97d129016165047e.js
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e369f876a61fd782853e7d0d82272e5892366e08c6d45acef2d9c83c72b18023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/MeriwestCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 21:39:16 GMT
server: cloudflare
etag: W/"1d8e8ba3b459f65"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 763f4ea90faa92b3-FRA
expires: Wed, 02 Nov 2022 23:34:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 75ms
33ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: design.api.legalshield.com
URL: https://design.api.legalshield.com/assets/stylesheets/pplsi.css?d63fb5467da27d4bcaad84aff8981d8b8c3679e6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://design.api.legalshield.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Nov 2022 19:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 18:54:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Nov 2022 19:34:23 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shieldbenefits.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 03:31:40 GMT
x-content-type-options: nosniff
age: 57763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 03:31:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
55 KB 85ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBVH49D&gtm_auth=tN_6ji8QT6_Fg6qsf_qmug&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e47efb6b46163e2d1b1e1ae6c088e16c8cb2141737831e70a1432fb40d1b0b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55500
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13.addd540852e2fb666e64.js Show response
shieldbenefits.com/ 17 KB
8 KB 733ms
727ms Script
application/javascript 2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shieldbenefits.com/13.addd540852e2fb666e64.js
Requested by: Host: shieldbenefits.com
URL: https://shieldbenefits.com/main.2b9a97d129016165047e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 807b047024569b8bc512954687c6c19635e72bf7f01db1e782fb57d3c3dcca23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/MeriwestCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 21:39:16 GMT
server: cloudflare
etag: W/"1d8e8ba3b11d80b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 763f4eb56ce492b3-FRA
expires: Wed, 02 Nov 2022 23:34:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBVH49D&gtm_auth=tN_6ji8QT6_Fg6qsf_qmug&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30113e7d74da5147d3dd319a8a10229bb207009b64f1aac42396393aea9354ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Nov 2022 19:34:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-7450226-48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBVH49D&gtm_auth=tN_6ji8QT6_Fg6qsf_qmug&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a763e2f311c926a8d139d9269a39ba87e0af1216e652087b6b23332f8387a722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43730
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 18:35:13 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Nov 2022 19:34:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
15ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7450226-48&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Nov 2022 19:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 576
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 02 Nov 2022 21:24:49 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 79ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XR6Z65RNFW&gtm=2oeav0&_p=1893364030&_gaz=1&cid=1256552658.1667417665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667417665&sct=1&seg=0&dl=https%3A%2F%2Fshieldbenefits.com%2FMeriwestCU&dt=Group%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&ep.env=production
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 19:34:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shieldbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
339 B 88ms
31ms Ping
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XR6Z65RNFW&cid=1256552658.1667417665&gtm=2oeav0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6Z65RNFW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 19:34:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shieldbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 107ms
53ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XR6Z65RNFW&cid=1256552658.1667417665&gtm=2oeav0&aip=1&z=1946595484

Requested by

Host: shieldbenefits.com
URL: https://shieldbenefits.com/MeriwestCU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 19:34:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 57ms
23ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1893364030&t=pageview&_s=1&dl=https%3A%2F%2Fshieldbenefits.com%2FMeriwestCU&ul=en-us&de=UTF-8&dt=Group%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1130453961&gjid=1098298019&cid=1256552658.1667417665&tid=UA-7450226-48&_gid=1493606581.1667417665&_r=1&gtm=2ouav0&z=1259667889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shieldbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Nov 2022 19:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shieldbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 148ms
45ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-7450226-48&cid=1256552658.1667417665&jid=1130453961&gjid=1098298019&_gid=1493606581.1667417665&_u=YADAAUAAAAAAACAAI~&z=2108759038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shieldbenefits.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 02 Nov 2022 19:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shieldbenefits.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET MeriwestCU
shieldbenefits.com/v1/marketingSites/ 0
0

GET
H2 200 68258b4c7d746c56f6f32f5cd59a1547.png
shieldbenefits.com/ 16 KB
17 KB 913ms
913ms Image
image/png 2606:4700:4400::6812:223c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shieldbenefits.com/68258b4c7d746c56f6f32f5cd59a1547.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:223c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed20ae99904ea7cde11a4c1e6e632f05edc88b3193b3f0c4562390407bc2b3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shieldbenefits.com/MeriwestCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 19:34:26 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 21:39:16 GMT
server: cloudflare
etag: "1d8e8ba3b11db74"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 763f4eba0d3f92b3-FRA
content-length: 16756
expires: Wed, 02 Nov 2022 23:34:26 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d54313e60f3866251fd7a92ea613c0944a5432da56a44b1b6bc45334417ae63a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shieldbenefits.com
URL: https://shieldbenefits.com/v1/marketingSites/MeriwestCU?serviceArea=&locale=en-us&productdetails=1

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XR6Z65RNFW&gtm=2oeav0&_p=1893364030&cid=1256552658.1667417665&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1667417665&sct=1&seg=0&dl=https%3A%2F%2Fshieldbenefits.com%2FMeriwestCU&dt=Group%20Benefits&en=scroll&ep.env=production&epn.percent_scrolled=90&_et=7

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.legalshield.com/	1970-01-20 07:10:19	Name: __cf_bm Value: osrNHOFMlwSDHBZ6eavdJgODPsLewChTX6iwoDGbOBw-1667417662-0-AWkkK4b2F4h3/+rNZxaNlHxv/g7gKLUAUP1qJ2vIkT+DeyLMBFHieblpEbAfgKLW0x7UhF0+dSZwZ4CSE+uvhlg=
.shieldbenefits.com/	1969-12-31 23:59:59	Name: market Value: en-us
.shieldbenefits.com/	1970-01-20 09:19:53	Name: _gcl_au Value: 1.1.479312973.1667417665
.shieldbenefits.com/	1970-01-20 16:46:17	Name: _ga_XR6Z65RNFW Value: GS1.1.1667417665.1.0.1667417665.60.0.0
.shieldbenefits.com/	1970-01-20 16:46:17	Name: _ga Value: GA1.2.1256552658.1667417665
.shieldbenefits.com/	1970-01-20 07:11:44	Name: _gid Value: GA1.2.1493606581.1667417665
.shieldbenefits.com/	1970-01-20 07:10:17	Name: _gat_gtag_UA_7450226_48 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

design.api.legalshield.com
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
shieldbenefits.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.legalshield.com
region1.analytics.google.com
shieldbenefits.com
2001:4860:4802:34::36
2606:4700:4400::6812:223c
2606:4700:4400::6812:27b0
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9b
0433ca833db01bcaa2d42c6b0f81cfdfb7f2230e4078aefa4f92e2e02bd39114
058e81907f124c9b7546a7f00913235cf6edfb5e73d48f25501fa52f21d8a5a5
05b8f7bf3b495e17fc4caa7d112b86acf814089e64b44b813f68db4529553e49
06ccf9a23335cc7c90ba3f8147e4a77e3e8a2d1e4e7bf016e3562906d87a8d8a
1cb025e48156925ccc208eb72c5d2e945c636d03d0d40d83454e9de99833980f
21e2bb7fcc5b54a0aed0198cfffddad5b58325353f516213a691cfaa629704d1
30113e7d74da5147d3dd319a8a10229bb207009b64f1aac42396393aea9354ff
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
46325b4f08439620f74b8e054180f06f6f0463d1f509197c20e0fa56ae51178e
5e47efb6b46163e2d1b1e1ae6c088e16c8cb2141737831e70a1432fb40d1b0b0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
807b047024569b8bc512954687c6c19635e72bf7f01db1e782fb57d3c3dcca23
885d9ab2ae99ff55e906b74af83b14212a425526e215757a582d0e923862a3a6
a763e2f311c926a8d139d9269a39ba87e0af1216e652087b6b23332f8387a722
ab6bc5dd155b0bda94435d8b25dd9c2d7bc98c5c47b3ed33c42f3f4e6a105e65
b15c20a38910cc0fd446d9b6f32390a307374e834da71a7779d9ab17fd1a1424
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb7970a02753c454886628207758068f1dc82cdec5b535479f029a7f6ebb45b3
d54313e60f3866251fd7a92ea613c0944a5432da56a44b1b6bc45334417ae63a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e369f876a61fd782853e7d0d82272e5892366e08c6d45acef2d9c83c72b18023
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6973a31c94438f42c856766b83e7eb64482cd345a9c95b941ff6294507f227
eb3611dd11e78cdbcdb013938c8c6b419dfa52a7dd69e5953891ad7ae3ce9ebf
ed20ae99904ea7cde11a4c1e6e632f05edc88b3193b3f0c4562390407bc2b3f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3511c49bdbe792ce4c7996d5d9ff7091e2b2354094f14dbbd844f1401983449

shieldbenefits.com Open in urlscan Pro 2606:4700:4400::6812:223c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

93 %HTTPS

100 %IPv6

9 Domains

10 Subdomains

10 IPs

3 Countries

2103 kBTransfer

6240 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shieldbenefits.com Open in urlscan Pro
2606:4700:4400::6812:223c Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

93 %
HTTPS

100 %
IPv6

9
Domains

10
Subdomains

10
IPs

3
Countries

2103 kB
Transfer

6240 kB
Size

7
Cookies

30 HTTP transactions
1 data transactions