account.pr-12207.legl.com Open in urlscan Pro
2606:4700:20::681a:78  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account.pr-12207.legl.com/	8 KB 4 KB	679ms 612ms	Document text/html	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 608e040a5237a8ed94224def14fd17f7455f7b04bf286f946ee3c7bb6042c38e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 863cbfb229463a67-FRA content-encoding br content-language en-us content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin date Wed, 13 Mar 2024 14:35:09 GMT nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} referrer-policy strict-origin-when-cross-origin report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710340508&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=SN8GhhK8H6GG%2BBrawZp3c%2F81Wly3RKFWoZ%2Fz7kk%2ByIc%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1710340508&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=SN8GhhK8H6GG%2BBrawZp3c%2F81Wly3RKFWoZ%2Fz7kk%2ByIc%3D server cloudflare strict-transport-security max-age=31536000 vary Accept-Language, Cookie, Accept-Encoding via 1.1 vegur x-content-type-options nosniff x-frame-options SAMEORIGIN x-request-id ae740f3b-5e23-4850-bdde-f56db2aa9a81
GET H2	200	ukg1tln.css use.typekit.net/	5 KB 1020 B	294ms 66ms	Stylesheet text/css	2a02:26f0:3100::1735:2a11 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ukg1tln.css Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2a11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 868beea4633c09d7a027deecabc80747b60e8c5ec580e31a5bd510f9a590c61d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Wed, 13 Mar 2024 14:35:09 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 797
GET H2	530	lds-icon.873b93b735f2.css account.pr-12207.legl.com/static/lds-icons/	0 0	54ms 53ms	Stylesheet text/html	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/static/lds-icons/lds-icon.873b93b735f2.css Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT referrer-policy same-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTRauUJOaIqrqNRuefciUe1pd9soz2e2782LNDzUOelUEn%2FS8jFNfa7%2FzmpzXl2RTPJMQIHAIjNOjbEWdbOLvlIRSZQMtX4XjNqatweQWA0nTpnrIO%2FmndpGZM4As4SjDmZXOo7HyOZRF0Udj5b8oz4vU5des4s%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 863cbfb61e9c3a67-FRA alt-svc h3=":443"; ma=86400 content-length 6236 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	530	legl-icon.11118d854b30.css account.pr-12207.legl.com/static/icons/	0 0	58ms 57ms	Stylesheet text/html	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/static/icons/legl-icon.11118d854b30.css Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT referrer-policy same-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sMNFEx6ZoUzHE5YRWlftqDosyEpF%2FyyXYzyoh3xx8gp%2FATAG9NpTz0qVV5thA8HPHRrhgZBQb%2ByGfaA6Jflh6UxksJe9fgfAz7YNBLYrTSb0fTDWQGyd37kmzcTvRwBd54lS0mnIr6ltbxCjpLnG2J0t9owGtfU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 863cbfb61ea03a67-FRA alt-svc h3=":443"; ma=86400 content-length 6236 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	style.css assets.onfido.com/web-sdk-releases/12.0.0/	303 KB 97 KB	85ms 23ms	Stylesheet text/css	13.32.27.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.onfido.com/web-sdk-releases/12.0.0/style.css Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4b9fabb3cca026f625af86a35907e9d23057e4ae93b262d60b6693a4862e0ed7 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id MKpqUwUaAww.CoQ3slT2q89mxfP3mdiG content-encoding gzip via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) date Wed, 13 Mar 2024 13:47:41 GMT last-modified Wed, 08 Mar 2023 13:14:20 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 2849 x-amz-server-side-encryption AES256 etag W/"1b7fd9386752d152890c694855e15cab" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css alt-svc h3=":443"; ma=86400 x-amz-cf-id V_CNm0hvLLDcbfO6dWrhGr1oNvbEiMgpWzk_5f1hCZa8tbxurHfkdQ==
GET H3	200	autotrack.f8f8156ff345.js Show response account.pr-12207.legl.com/static/vendor/	11 KB 4 KB	136ms 136ms	Script text/javascript	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/static/vendor/autotrack.f8f8156ff345.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6e620f499ed0d9085e4bd7c412313bda3b5cc93a5f3f062cbe08eb10e833b41 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} via 1.1 vegur content-encoding br alt-svc h3=":443"; ma=86400 reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1710340509&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=HOvImMgmvH80r006uTHR6YUD%2B3uvpkwPsE7Eg67qqA4%3D x-request-id 3b77dd3b-8cf0-449f-b5e7-cf62089f55d9 referrer-policy strict-origin-when-cross-origin last-modified Wed, 13 Mar 2024 14:23:36 GMT server cloudflare cross-origin-opener-policy same-origin etag W/"65f1b6e8-2a9c" vary Accept-Encoding report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710340509&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=HOvImMgmvH80r006uTHR6YUD%2B3uvpkwPsE7Eg67qqA4%3D"}]} content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control public, max-age=315360000, immutable cf-ray 863cbfb7aa61036e-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	282 KB 94 KB	102ms 54ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-X9J1YQ9STY Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d4fae6ab344ceade1003c85d25605af997643d277e6fb55612e31c67601db0ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 96336 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 13 Mar 2024 14:35:09 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	76ms 20ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 297351 x-cache HIT, HIT content-length 30879 x-served-by cache-lga21981-LGA, cache-fra-eddf8230038-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1710340509.186159,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 42, 177295
GET H2	530	legl-bundled-index.8a733cf2.js account.pr-12207.legl.com/static/VueSPA/dist/assets/	0 0	60ms 60ms	Script text/html	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/static/VueSPA/dist/assets/legl-bundled-index.8a733cf2.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://account.pr-12207.legl.com/ Origin https://account.pr-12207.legl.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT referrer-policy same-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9WLLBrxuZPyAeQTwuidGfxP1euhic5iSixamYJE0GVwhXayKLX2UGyBgF0xMYpWWSj99La%2Bh0iREF3pV9s3%2F1VpcO%2B3MC8rcDbYn5wKqPSJfHzvRqZec40STBODfqXTA4AmjTIA9enBLiHEYvh4rSXl8iX5KTH0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 863cbfb61ea33a67-FRA alt-svc h3=":443"; ma=86400 content-length 6236 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	530	bundled-index.40a00efc.25e510bd233d.css account.pr-12207.legl.com/static/VueSPA/dist/assets/	0 0	57ms 56ms	Stylesheet text/html	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/static/VueSPA/dist/assets/bundled-index.40a00efc.25e510bd233d.css Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT referrer-policy same-origin nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PC2hm2SMwVHEvkryPf0BAcpPlokuBkV%2F96tc7UTFQZunlzX7P79M2nFNyCud7BgEF0azb5FeQ5BRzuO1ZNuk%2FqTlYuvWM39Vc9FpXX5y6YCLKD6KDD%2BnqNFagIKNHlE90sNgLhABDWuVlIRLc0FYAeV7iKRqK5M%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 863cbfb61ea13a67-FRA alt-svc h3=":443"; ma=86400 content-length 6236 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	onfido.min.js Show response assets.onfido.com/web-sdk-releases/12.0.0/	2 MB 425 KB	177ms 115ms	Script application/javascript	13.32.27.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.onfido.com/web-sdk-releases/12.0.0/onfido.min.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-34.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 835969834f31687c7a1a9127eda05ce8c767ee33eb2e53bab4a195dddd45c147 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id K3Yg9q8BRyCSiuZMx2tbjspb1Py5yOnr content-encoding gzip via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) date Wed, 13 Mar 2024 14:33:26 GMT last-modified Wed, 08 Mar 2023 13:14:19 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 104 x-amz-server-side-encryption AES256 etag W/"e4fe32763b14b06e9d9eec19e50b515f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript alt-svc h3=":443"; ma=86400 x-amz-cf-id B0chjM6l8vQ3sBN9qd80nQAyWdPjV3M4Oknr9e-30Tfv9ez8YcCEkQ==
GET H2	200	clipboard.min.js Show response cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/	11 KB 4 KB	104ms 46ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.4/clipboard.min.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 494112 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2976 last-modified Mon, 04 May 2020 16:09:13 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e29-2a02" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuoW3svUOL4nlvFWN00kR1c9TImpAXRagsfzNTyMOKi8YC%2BKveaXlAaJCty7IH4R1cmAvXYE7ocSII%2Bfj1x5HnD4A5w9sba4f5qJNPOahJuUhGV5c%2FWv34PpDTpRpCsIitljQi44r0QKXO6f%2Bt7tj8HV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 863cbfb66f7565c9-FRA expires Mon, 03 Mar 2025 14:35:09 GMT
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	112ms 62ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers Referer https://account.pr-12207.legl.com/ Origin https://account.pr-12207.legl.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 863cbfb94ed7bbdd-FRA
GET H2	200	p.css p.typekit.net/	5 B 172 B	278ms 61ms	Stylesheet text/css	2a02:26f0:3100::1735:2a28 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=ukg1tln&ht=tk&f=15701.15703.15705.15708.22708.22710&a=144100273&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/ukg1tln.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2a28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers accept-language de-DE,de;q=0.9 Referer https://use.typekit.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT last-modified Fri, 23 Jun 2023 17:09:47 GMT server nginx etag "6495d1db-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	115ms 64ms	Fetch text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50719 x-xss-protection 0 server cafe etag 5459470517896494670 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Wed, 13 Mar 2024 14:35:09 GMT
GET H2	200	pendo.js Show response cdn.pendo.io/agent/static/12ff65cb-af5e-4f5a-4cec-a25cda9c4559/	437 KB 145 KB	92ms 27ms	Script application/json	34.36.213.229 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/12ff65cb-af5e-4f5a-4cec-a25cda9c4559/pendo.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 229.213.36.34.bc.googleusercontent.com Software UploadServer / Resource Hash ff20f354a956f8e9e8d70a9cae5b3d2f71a24276b7c52668e2492fddf0b92332 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 12 Mar 2024 15:35:43 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubDomains age 82766 x-guploader-uploadid ABPtcPqAWVD0K9tx2TtNpPYAqfCQSNenuSrawOJPbKCwQCWZNiXu3Z-QmyRpS6-2_MuqlSHfsuA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147414 last-modified Thu, 07 Mar 2024 19:09:26 GMT server UploadServer etag "b50ddec1c68128789fe3607fdf171b6a" vary Accept-Encoding x-goog-generation 1709838566708927 x-goog-hash crc32c=kDuVNA==, md5=tQ3ewcaBKHif42B/3xcbag== access-control-allow-origin * access-control-expose-headers * cache-control public,max-age=450 x-goog-stored-content-length 147414 accept-ranges bytes content-type application/json
GET DATA	200 OK	truncated /	286 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	73ms 22ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 13 Mar 2024 13:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2821 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 13 Mar 2024 15:48:08 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	80ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-X9J1YQ9STY&gtm=45je43b0v9127110091za200&_p=1710340509707&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2037801343.1710340510&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710340509&sct=1&seg=0&dl=https%3A%2F%2Faccount.pr-12207.legl.com%2F&dt=Legl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1424 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X9J1YQ9STY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Wed, 13 Mar 2024 14:35:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://account.pr-12207.legl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ecommerce.js Show response www.google-analytics.com/plugins/ua/	1 KB 962 B	22ms 22ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ecommerce.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:17:31 GMT content-encoding br x-content-type-options nosniff age 1058 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 630 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 13 Mar 2024 15:17:31 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	136 KB 53 KB	37ms 37ms	Script application/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-PNTFWMJ&cid=2037801343.1710340510 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 53377e18c62d672cdd605c58a96d2b4fcbe6cc62d4e4e9dda803385c57bd5e02 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53723 x-xss-protection 0 last-modified Wed, 13 Mar 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 13 Mar 2024 14:35:09 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	28ms 28ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1350730815&t=pageview&_s=1&dl=https%3A%2F%2Faccount.pr-12207.legl.com%2F&ul=en-us&de=UTF-8&dt=Legl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDAAEATQAAAACAAI~&jid=1865810164&gjid=1464246341&cid=2037801343.1710340510&tid=UA-62848220-2&_gid=273064583.1710340510&_r=1&_slc=1&did=i5iSjo&z=1396635496 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://account.pr-12207.legl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 13 Mar 2024 14:35:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://account.pr-12207.legl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	smi9tjbm Show response widget.intercom.io/widget/	7 KB 3 KB	482ms 399ms	Script application/javascript	13.224.189.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/smi9tjbm Requested by Host: account.pr-12207.legl.com URL: https://account.pr-12207.legl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-49.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash d4d43dd8db8a3785180550ef927ad0022e6fbe30325f0a532b8dc21ce265412b Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id 5jOMy7AADNu1gE2zPptH6rrLAdohbypV content-encoding gzip via 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront) date Wed, 13 Mar 2024 14:33:41 GMT x-amz-cf-pop FRA2-C1 age 90 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2705 last-modified Wed, 13 Mar 2024 12:30:33 GMT server AmazonS3 etag "977313b59de9f139ac1eab3c11fd4d9e" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id g31310-J3Mo2yP92X4jUkBOsmznshRqrCzrsvHdE9ryrdbjAxHWLrA==
POST H3	204	rum Show response account.pr-12207.legl.com/cdn-cgi/	0 147 B	25ms 25ms	XHR text/plain	2606:4700:20::681a:78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account.pr-12207.legl.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://account.pr-12207.legl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 content-type application/json Response headers date Wed, 13 Mar 2024 14:35:10 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://account.pr-12207.legl.com x-frame-options DENY access-control-allow-credentials true cf-ray 863cbfbbbf82036e-FRA
GET H2	200	12ff65cb-af5e-4f5a-4cec-a25cda9c4559 data.eu.pendo.io/data/ptm.gif/	42 B 102 B	155ms 90ms	Image image/gif	34.110.214.126 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://data.eu.pendo.io/data/ptm.gif/12ff65cb-af5e-4f5a-4cec-a25cda9c4559?v=2.221.0_prod-eu&ct=1710340510028&jzb=eJw9j81OwzAQhN9lzyFxTNyouSFhBJUIFQTxJ2Q5qaGunNg4a1BU9d1rws9x95uZnX3ZA05OQQXGyg0k0Hr7NSovUPdxm5c5OS0IywmhiwQ-9ajReqE30SDWvD6_EY3QZ3fdbblarMvLGCC7zoYBZ80QjEkgeBPlW0Q3Vln2y1PnT3JKSZka9W7SzvZZNDtv3QjVfm7z14EtScoOEUqvBmxke_UfjT8DFPeh4Tw4Vj-HYmo_YtSbl72a4Wq3vXaPu6eHJUesL_j3lxOqeIcW7PB6BNEzUm4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.214.126 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 126.214.110.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:10 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 server istio-envoy access-control-max-age 600 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin * access-control-allow-credentials false x-envoy-upstream-service-time 62 access-control-allow-headers * content-length 42 alt-svc clear
GET H2	200	12ff65cb-af5e-4f5a-4cec-a25cda9c4559 Show response data.eu.pendo.io/data/guide.js/	408 B 490 B	113ms 48ms	Script application/javascript	34.110.214.126 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://data.eu.pendo.io/data/guide.js/12ff65cb-af5e-4f5a-4cec-a25cda9c4559?id=5&jzb=eJxNjUHPgjAMhv9LzziUgyTcSD4T9KBEjVeyjKJLyka2wsXw39kXBL31bd-nzxsG7TVbd6whg6o8nP8u1b3S-U1d09O-TAuIQCple8P_FdMTRdA7Cu0Xc-ezOP6cRec2uyTZpoLwSULZNg6spfrxNcx4iyxryRKyVR_GcRXNoZMODee_qwDh8mRA57U1S_RITWE9Y7A0kjyO4wTFw0uc&v=2.221.0_prod-eu&ct=1710340510029 Requested by Host: cdn.pendo.io URL: https://cdn.pendo.io/agent/static/12ff65cb-af5e-4f5a-4cec-a25cda9c4559/pendo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.214.126 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 126.214.110.34.bc.googleusercontent.com Software istio-envoy / Resource Hash d2b31a2ecf97bab74655487881989dc5016a884b74124aa72b9a85bc26368304 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:10 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 server istio-envoy access-control-max-age 600 access-control-allow-methods GET,POST content-type application/javascript access-control-allow-origin * access-control-allow-credentials false x-envoy-upstream-service-time 20 access-control-allow-headers * content-length 408 alt-svc clear
GET H2	200	12ff65cb-af5e-4f5a-4cec-a25cda9c4559 data.eu.pendo.io/data/guide.gif/	42 B 303 B	97ms 32ms	Image image/gif	34.110.214.126 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://data.eu.pendo.io/data/guide.gif/12ff65cb-af5e-4f5a-4cec-a25cda9c4559?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1710340510030&v=2.221.0_prod-eu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.110.214.126 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 126.214.110.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:35:10 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=63072000 server istio-envoy access-control-max-age 600 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin * access-control-allow-credentials false x-envoy-upstream-service-time 3 access-control-allow-headers * content-length 42 alt-svc clear
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 352 B	96ms 35ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62848220-2&cid=2037801343.1710340510&jid=1865810164&gjid=1464246341&_gid=273064583.1710340510&_u=KCDAAEASQAAAACAAI~&z=1894984080 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://account.pr-12207.legl.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 13 Mar 2024 14:35:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://account.pr-12207.legl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	frame-modern.97c8f472.js Show response js.intercomcdn.com/ Frame 5917	513 KB 142 KB	82ms 24ms	Script application/javascript	18.244.18.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.97c8f472.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/smi9tjbm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2056d26f07425a07f1652b4c07461b308211e042b2df876ba6fb4e3b7e7bc52c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id 7JbLrDKp1uaDQYN3dAZ2Xql03kd3Irnu content-encoding gzip via 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront) date Wed, 13 Mar 2024 14:30:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P11 age 275 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 144403 last-modified Wed, 13 Mar 2024 12:27:20 GMT server AmazonS3 etag "8f0c6beb471caaf5c85de6dd10f1ff4a" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id JPBXchXskLd7vvadKh1aSGE6fo_92NQFzdRJE47OV9VT7HA6peqEWg==
GET H2	200	vendor-modern.9921b73c.js Show response js.intercomcdn.com/ Frame 5917	483 KB 148 KB	129ms 71ms	Script application/javascript	18.244.18.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.9921b73c.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/smi9tjbm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id nKJwAAwpWNj9KnxtG1ZJBy46ka9iAUC0 content-encoding gzip via 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront) date Wed, 13 Mar 2024 13:59:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P11 age 2125 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 151135 last-modified Tue, 12 Mar 2024 17:30:16 GMT server AmazonS3 etag "ae95e8cfe55350008dcd098ebbe4cee3" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id ei33GCGqxRjyMTR-5WEaUB2npwhfMgAx1qpRIOmvgO5Rz6IQ0ZKYAw==
POST H2	200	ping Show response api-iam.eu.intercom.io/messenger/web/ Frame 5917	4 KB 2 KB	390ms 282ms	XHR application/json	54.154.236.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-iam.eu.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.97c8f472.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.154.236.59 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-154-236-59.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 7ffd04ac9b5ef55ba616bc7ddda58e703d4d32937ba600ce693930663019f602 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 13 Mar 2024 14:35:11 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-029b00c2912aba0c7 status 200 OK x-xss-protection 1; mode=block x-request-id 0017t0jaudn5srbgk0h0 x-runtime 0.217738 server nginx etag W/"7ffd04ac9b5ef55ba616bc7ddda58e70" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://account.pr-12207.legl.com x-intercom-version 48198320ff744662950a662bf17c6d80769ca4b9 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	92ms 91ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-X9J1YQ9STY&gtm=45je43b0v9127110091za200&_p=1710340509707&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2037801343.1710340510&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710340509&sct=1&seg=0&dl=https%3A%2F%2Faccount.pr-12207.legl.com%2F&dt=Legl&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6430 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-X9J1YQ9STY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://account.pr-12207.legl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Wed, 13 Mar 2024 14:35:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://account.pr-12207.legl.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| detectAdblock function| gtag object| pendo object| intercomSettings function| Intercom function| $ function| jQuery string| APP_BASE_URL object| webpackChunkOnfido object| __SENTRY__ object| core object| Onfido object| gaDevIds function| ga object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| waffle function| ClipboardJS function| onYouTubeIframeAPIReady object| gaGlobal object| __cfBeacon object| gaplugins object| gaData object| google_optimize function| __intercomAssignLocation function| __intercomReloadLocation

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account.pr-12207.legl.com/	1970-01-21 03:49:50	Name: csrftoken Value: pWnT5qGCqmixpbRi8da0PIx1bKOghQzQ
			.legl.com/	1970-01-21 04:41:40	Name: _ga_X9J1YQ9STY Value: GS1.1.1710340509.1.0.1710340509.0.0.0
			.legl.com/	1970-01-21 04:41:40	Name: _ga Value: GA1.2.2037801343.1710340510
			.legl.com/	1970-01-20 19:07:06	Name: _gid Value: GA1.2.273064583.1710340510
			.legl.com/	1970-01-20 19:05:40	Name: _gat Value: 1
			.legl.com/	1970-01-21 01:34:30	Name: intercom-id-tpg720yw Value: a65ff4da-9b88-4a83-b5ff-debe74c31f82
			.legl.com/	1970-01-20 19:15:45	Name: intercom-session-tpg720yw Value:
			.legl.com/	1970-01-21 01:34:30	Name: intercom-device-id-tpg720yw Value: 9a76523e-2a9a-41ad-ac65-f856a591c712

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://account.pr-12207.legl.com/static/lds-icons/lds-icon.873b93b735f2.css Message: Failed to load resource: the server responded with a status of 530 ()
network	error	URL: https://account.pr-12207.legl.com/static/VueSPA/dist/assets/bundled-index.40a00efc.25e510bd233d.css Message: Failed to load resource: the server responded with a status of 530 ()
network	error	URL: https://account.pr-12207.legl.com/static/icons/legl-icon.11118d854b30.css Message: Failed to load resource: the server responded with a status of 530 ()
network	error	URL: https://account.pr-12207.legl.com/static/VueSPA/dist/assets/legl-bundled-index.8a733cf2.js Message: Failed to load resource: the server responded with a status of 530 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.pr-12207.legl.com
api-iam.eu.intercom.io
assets.onfido.com
cdn.pendo.io
cdnjs.cloudflare.com
code.jquery.com
data.eu.pendo.io
js.intercomcdn.com
p.typekit.net
pagead2.googlesyndication.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
use.typekit.net
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
13.224.189.49
13.32.27.34
18.244.18.24
2001:4860:4802:34::36
2606:4700:20::681a:78
2606:4700::6810:5049
2606:4700::6811:190e
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a02:26f0:3100::1735:2a11
2a02:26f0:3100::1735:2a28
2a04:4e42:400::649
34.110.214.126
34.36.213.229
54.154.236.59
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2056d26f07425a07f1652b4c07461b308211e042b2df876ba6fb4e3b7e7bc52c
4b9fabb3cca026f625af86a35907e9d23057e4ae93b262d60b6693a4862e0ed7
53377e18c62d672cdd605c58a96d2b4fcbe6cc62d4e4e9dda803385c57bd5e02
608e040a5237a8ed94224def14fd17f7455f7b04bf286f946ee3c7bb6042c38e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ffd04ac9b5ef55ba616bc7ddda58e703d4d32937ba600ce693930663019f602
835969834f31687c7a1a9127eda05ce8c767ee33eb2e53bab4a195dddd45c147
868beea4633c09d7a027deecabc80747b60e8c5ec580e31a5bd510f9a590c61d
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6e620f499ed0d9085e4bd7c412313bda3b5cc93a5f3f062cbe08eb10e833b41
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
d2b31a2ecf97bab74655487881989dc5016a884b74124aa72b9a85bc26368304
d4d43dd8db8a3785180550ef927ad0022e6fbe30325f0a532b8dc21ce265412b
d4fae6ab344ceade1003c85d25605af997643d277e6fb55612e31c67601db0ad
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff20f354a956f8e9e8d70a9cae5b3d2f71a24276b7c52668e2492fddf0b92332