tollers.legl.com Open in urlscan Pro
172.67.71.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tollers.legl.com/engage/app40l32x/
Submission: On October 06 via manual (October 6th 2021, 11:31:49 am UTC) from GB — Scanned from DE

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 40 HTTP transactions. The main IP is 172.67.71.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is tollers.legl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2021. Valid for: a year.

This is the only time tollers.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	172.67.71.217 172.67.71.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
2	151.101.114.208 151.101.114.208	54113 (FASTLY) (FASTLY)
3	18.66.122.50 18.66.122.50	16509 (AMAZON-02) (AMAZON-02)
1	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
3	46.137.15.86 46.137.15.86	16509 (AMAZON-02) (AMAZON-02)
1	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1 1	13.32.99.55 13.32.99.55	16509 (AMAZON-02) (AMAZON-02)
3	18.66.139.67 18.66.139.67	16509 (AMAZON-02) (AMAZON-02)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	75.2.88.188 75.2.88.188	16509 (AMAZON-02) (AMAZON-02)
40	20

10 172.67.71.217 (United States)

ASN13335 (CLOUDFLARENET, US)

tollers.legl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

crowdjustice.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.50 (United States)

ASN16509 (AMAZON-02, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.125.175 (None, )

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o32237.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.131 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.137.15.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-15-86.eu-west-1.compute.amazonaws.com

legl-posthog.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-55.fra60.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.139.67 (United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.88.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	legl.com tollers.legl.com	3 MB
5	stripe.com js.stripe.com q.stripe.com m.stripe.com	71 KB
4	google-analytics.com www.google-analytics.com	57 KB
3	intercomcdn.com js.intercomcdn.com	117 KB
3	herokuapp.com legl-posthog.herokuapp.com	35 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	3 KB
2	stripe.network m.stripe.network	17 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	imgix.net crowdjustice.imgix.net	338 KB
1	nr-data.net bam-cell.nr-data.net	921 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	doubleclick.net stats.g.doubleclick.net	460 B
1	gstatic.com fonts.gstatic.com	44 KB
1	sentry.io o32237.ingest.sentry.io	245 B
1	unpkg.com unpkg.com	14 KB
1	sentry-cdn.com browser.sentry-cdn.com	28 KB
1	jquery.com code.jquery.com	30 KB
40	17

	Domain	Requested by
10	tollers.legl.com	tollers.legl.com browser.sentry-cdn.com
4	www.google-analytics.com	tollers.legl.com www.google-analytics.com browser.sentry-cdn.com
3	js.intercomcdn.com	widget.intercom.io
3	legl-posthog.herokuapp.com	tollers.legl.com browser.sentry-cdn.com
3	js.stripe.com	tollers.legl.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	fonts.googleapis.com	tollers.legl.com
2	crowdjustice.imgix.net	tollers.legl.com
1	api-iam.intercom.io	js.intercomcdn.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	m.stripe.com	m.stripe.network
1	widget.intercom.io	1 redirects
1	js-agent.newrelic.com	tollers.legl.com
1	q.stripe.com	tollers.legl.com
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	o32237.ingest.sentry.io	browser.sentry-cdn.com
1	unpkg.com	tollers.legl.com
1	browser.sentry-cdn.com	tollers.legl.com
1	code.jquery.com	tollers.legl.com
40	20

This site contains links to these domains. Also see Links.

Domain
www.tollers.co.uk
legl.com

Subject Issuer	Validity	Valid
legl.com Cloudflare Inc ECC CA-3	`2021-05-30` - `2022-05-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.intercomcdn.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.intercom.com Amazon	`2021-04-15` - `2022-05-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://tollers.legl.com/engage/app40l32x/
Frame ID: 63ABE4251B830D0DE66DE918CDA8BF0B
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html
Frame ID: 0E996D29AD0C2523D851B9C21DD3E2E5
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3D2472DBB5DDDA631738C30DBB55B64E
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0c7bfd90.js
Frame ID: 44663E5B284654C6F2E832B9CC63C3D7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Engage by Legl

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

20
Subdomains

20
IPs

4
Countries

4208 kB
Transfer

14185 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tollers.co.uk/
Title: www.tollers.co.uk

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://widget.intercom.io/widget/smi9tjbm HTTP 302
https://js.intercomcdn.com/shim.latest.js

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tollers.legl.com/engage/app40l32x/ 25 KB
10 KB 407ms
367ms Document
text/html 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cbae14955a5bce5ffb89da715c9bc0d9d5c4aebadf6e0d7decee7ba71abbd27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tollers.legl.com
:scheme: https
:path: /engage/app40l32x/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie, Accept-Encoding
content-language: us
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=3600
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; expires=Wed, 05 Oct 2022 11:31:41 GMT; Max-Age=31449600; Path=/; SameSite=None; Secure sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U; expires=Wed, 20 Oct 2021 11:31:41 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=None; Secure
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwEi9VimPvIrsGzMjiEm5Bd6%2BgofLGmb68FwWQgLEi2ZnvNPTJejrbkq3hhDYFAQqk%2B84qmzX0ugcvOzP675HKSidoTPdogltVDS0nbPBYT9lxgFDUIDBofsn4mOLscTPbw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 699e90951a7a2794-PRG
content-encoding: br

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 38ms
11ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1633519901.dop202.fr8.t,1633519901.cds276.fr8.hn,1633519901.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 autotrack.f6c563da9969.js Show response
tollers.legl.com/static/vendor/ 11 KB
4 KB 19ms
18ms Script
text/javascript 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/vendor/autotrack.f6c563da9969.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15f2f9492aadffe1fd2edfedcc91a77068a5445350190636c1e2ecab234c4df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/vendor/autotrack.f6c563da9969.js
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:34 GMT
server: cloudflare
etag: W/"615c3d72-2ac2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKM8ry0%2FKTYtnANP32khqT%2BK%2FVzCSj0zptxcaDldGn0GlokS%2Fss85Tt3F3y%2BqRulteGJTkIDvsURRFsCppVMQUix%2FT65pTTxSVZjljCcpzxazwb8Tg462TBgIX5A%2Fqj%2BxIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 699e90979c0a2794-PRG

GET
H2 200 fonts.e3d21e313d5a.css
tollers.legl.com/static/css/ 2 KB
972 B 18ms
17ms Stylesheet
text/css 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/css/fonts.e3d21e313d5a.css

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/css/fonts.e3d21e313d5a.css
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:34 GMT
server: cloudflare
etag: W/"615c3d72-973"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPSKBtW%2Fk1qZN%2FmoZfZh6P77Eb7uTAD2ZR%2FiSmqdjQo%2B3PAxwuauhbyI%2B7IKhW3j8Kj3mg6FCogoIvaEpXxf4l3K%2BEizWEM7f9XsoOxSAtHu75%2BAE%2Fvq4okQBLNrj9JGI4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 699e90979c0b2794-PRG

GET
H2 200 legl-icon.84032cb881a0.css
tollers.legl.com/static/icons/ 62 KB
5 KB 20ms
19ms Stylesheet
text/css 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/icons/legl-icon.84032cb881a0.css

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a2a421a56d1e5e72845fce2dd37fc3034737d4403bbf0cbd5f2768d4b2f74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/icons/legl-icon.84032cb881a0.css
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:34 GMT
server: cloudflare
etag: W/"615c3d72-f9f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGNdRzp%2BnR6XDhYyAtseC7cdUzrMNKCZxEgau1VJ4z%2FJjtxMdysSvEJMBaqZIvFFS1WgpQAoOW%2Bk%2F3pUBWYevYWMAJHx2S%2BZSjxW3AQl3oiUw303HIoP7zskalAK7es6628%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 699e90979c0c2794-PRG

GET
H2 200 engage-main.ec419cb509fb26f375ed.js Show response
tollers.legl.com/static/engage/dist/ 12 MB
3 MB 332ms
330ms Script
text/javascript 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/engage/dist/engage-main.ec419cb509fb26f375ed.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75875417974ab0ce18b65414331bdc5a486072f4351b5ed2953c0432d12c2aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/engage/dist/engage-main.ec419cb509fb26f375ed.js
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:31 GMT
server: cloudflare
etag: W/"615c3d6f-c13fa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sKpx3lA1GU6lecKtrLRtg8Jl5PFxn%2FuIsNFxvZU7OPjUENrpM6A0UGUw1J%2BSbzeM7OFixWeeCPNQxHTudmgRZwbdIRv3hlKuelGtzi%2B3hqRGClnodLKSZDAKdIT2uULv%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 699e9098fcf32794-PRG

GET
H2 200 engage-main.5714db789da167b76e12.css
tollers.legl.com/static/engage/dist/ 10 KB
3 KB 150ms
149ms Stylesheet
text/css 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/engage/dist/engage-main.5714db789da167b76e12.css

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f90114a2e6c5448a2599f5941da3d05ac275d83b091f19b62295e892d79531

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/engage/dist/engage-main.5714db789da167b76e12.css
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:31 GMT
server: cloudflare
etag: W/"615c3d6f-27b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr8YZjLo%2FafD5WRWos%2BdGyjc82HJOlp2eLyqaqrO6f1uonn5A9BZEW2WXcszZnmxAhDcKAr1yXmFx9UjJL49ll%2Bx1cN62md8w0Z%2FwquI%2B25ZvK0Dg9i7s6%2BH1Bo1mRzM3%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 699e90979c0d2794-PRG

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.2.3/ 89 KB
28 KB 23ms
6ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://tollers.legl.com/
Origin: https://tollers.legl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 18:16:34 GMT
server: Fastly
age: 3903860
etag: "44bea9771dbc4ce7cb75efc4b8a39dd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 27994
expires: Mon, 22 Aug 2022 07:07:20 GMT

GET
H2 200 transparent_main_master_logo.png
crowdjustice.imgix.net/company_logos/ 57 KB
58 KB 36ms
9ms Image
image/png 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crowdjustice.imgix.net/company_logos/transparent_main_master_logo.png?ixlib=python-1.2.0

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

bc66eedfa6d22dcfabea4531f0acbdf5e6ac013b6a3fcbac2324e128061a1a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 19:20:33 GMT
server: imgix
age: 419289
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 5dca635e619f5d6dbf3ef4c57d5be80eb7b0d509
accept-ranges: bytes
content-length: 58783
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10070-SJC, cache-hhn4069-HHN

GET
H2 200 Tollers_8.jpg
crowdjustice.imgix.net/company_payments_office_image/ 280 KB
281 KB 42ms
16ms Image
image/jpeg 151.101.114.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crowdjustice.imgix.net/company_payments_office_image/Tollers_8.jpg?ixlib=python-1.2.0

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

acf4a80102f5852a10b88324f0084b242191b81afa1596b3666468328b523a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 19:20:33 GMT
server: imgix
age: 593804
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 42182cbac466a4b817bbd34e607a181e112d9bfc
accept-ranges: bytes
content-length: 287229
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10026-SJC, cache-hhn4069-HHN

GET
H2 200 secured-by-legl.153ba1a8f5b3.svg
tollers.legl.com/static/payments/img/color/ 12 KB
5 KB 19ms
18ms Image
image/svg+xml 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tollers.legl.com/static/payments/img/color/secured-by-legl.153ba1a8f5b3.svg

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1141b1e5cab66fa87efaaa5c19bc0aca95efc9ff3c4c74f9f4d481f6694fa0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/payments/img/color/secured-by-legl.153ba1a8f5b3.svg
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
strict-transport-security: max-age=3600
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:32 GMT
server: cloudflare
etag: W/"615c3d70-2edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivlteyAZ82tQuo5orvolGKbo4WpyXyYZ1ovWTdt8iYy83q7bPytN5VnynuurK%2FsTXIhJrFIZ032w1TjzTwGHM3d7MGnxa%2FraMBpPYPtOkJV0FuuqnCJOO1chphpfkuDz3K4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 699e9098fcf42794-PRG

GET
H2 200 email-decode.min.js Show response
tollers.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 15ms
14ms Script
application/javascript 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 11:33:04 GMT
server: cloudflare
etag: W/"61544ef0-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSRPVlWRgq2gJRETna1ymuScR90aa30%2BjfMj%2BuWOGcjA%2BXm2a2R0e39fDzeqF5p%2FMmqPpkrqN4qFjeVrdDLsRnM56q%2FlAuWx1AV44HO4PMH9WLiP%2F%2BzMdMOkzeGoaDO%2B5HI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 699e9097ec312794-PRG
vary: Accept-Encoding
expires: Fri, 08 Oct 2021 11:31:41 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 258 KB
68 KB 115ms
27ms Script
application/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7655ebb2e950383dc9871dff49bccffe0667f473a462331b2485acc97c32f4a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 26
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
x-amz-request-id: 5R8QE0Y4YVRCDQFY
x-amz-id-2: A9qUuh6gb9bzyoIsJgansqP2YbC8IQf1jGL+dQ3R2kbyvAJaNIP3zahxGFt8UWbSFzgSaE03nWY=
access-control-allow-origin: *
last-modified: Tue, 05 Oct 2021 22:01:01 GMT
server: AmazonS3
etag: W/"1673dcae6e41823f15eb92be8f2d512c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 0cef334729aed841ca9f130c177beebb.cloudfront.net (CloudFront)
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: XkDPFike56CNvmn50FXtl2BjuA-fOgBr0HZVCd9u92aT6Y3NnSG2JA==

GET
H2 200 dropzone.min.js Show response
unpkg.com/dropzone@5.7.2/dist/min/ 46 KB
14 KB 59ms
18ms Script
application/javascript 104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/dropzone@5.7.2/dist/min/dropzone.min.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5415bac2043fc2ac4abb2e4cf3b5219f96efcc199e5e0595422c00a8f2d48dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 191313
fly-request-id: 01FH4ZGQV2N10PBNM669N9MXKE
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b97f-qombKbMr0y9Lz3m+sGOlyFRCymU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 699e9098df023248-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 35ms
9ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2684
date: Wed, 06 Oct 2021 10:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 06 Oct 2021 12:46:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 39ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/static/css/fonts.e3d21e313d5a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

8fa0f71ac3e212f1b1ee2621e254b27464a4289099b2d5eea299eb07e6e55357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 11:31:41 GMT
server: ESF
date: Wed, 06 Oct 2021 11:31:41 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 11:31:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
862 B 46ms
24ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/static/css/fonts.e3d21e313d5a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

0f39c66b05c3a32733c8c23d109711cc16da069ca4de88f081890d0431b4b200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 11:31:41 GMT
server: ESF
date: Wed, 06 Oct 2021 11:31:41 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 11:31:41 GMT

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 2 B
245 B 74ms
19ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tollers.legl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tollers.legl.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 legl-icon.b6dee63fd440.woff2
tollers.legl.com/static/icons/ 21 KB
22 KB 20ms
19ms Font
font/woff2 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/static/icons/legl-icon.b6dee63fd440.woff2?32c18ba7d842494f03c7cd7172a72c0c

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/static/icons/legl-icon.84032cb881a0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6da9906784440160d95c6addc075412e1d4018b997f8d0bceaeab685da72e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tollers.legl.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U
:path: /static/icons/legl-icon.b6dee63fd440.woff2?32c18ba7d842494f03c7cd7172a72c0c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tollers.legl.com
referer: https://tollers.legl.com/static/icons/legl-icon.84032cb881a0.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tollers.legl.com/static/icons/legl-icon.84032cb881a0.css
Origin: https://tollers.legl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 701
strict-transport-security: max-age=3600
content-length: 21988
x-xss-protection: 1; mode=block
last-modified: Tue, 05 Oct 2021 12:56:34 GMT
server: cloudflare
etag: "615c3d72-55e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD7yLrIF0NChchz5IjK4BjqMhp%2FdLze0QQIxlJeso8tNQIBrKrShjzd3jbHEdYQjWHOUwJWO1eq9vWbeMWbvuoRPPDhx50TCgJ%2F4QIvIdrkpx%2F1rnNTVGs4NpZWvEp4MLKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 699e9098fcf72794-PRG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 62ms
17ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tollers.legl.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 498430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 30 Sep 2022 17:04:31 GMT

GET
H/1.1 200
OK array.js Show response
legl-posthog.herokuapp.com/static/ 113 KB
34 KB 147ms
42ms Script
text/javascript 46.137.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/static/array.js

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-15-86.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 11:31:41 GMT
Content-Encoding: gzip
Referrer-Policy: same-origin
Last-Modified: Mon, 28 Jun 2021 13:10:15 GMT
Server: gunicorn
Via: 1.1 vegur
Etag: "60d9ca37-1c5a7"
X-Frame-Options: DENY
Content-Type: text/javascript; charset="utf-8"
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public
Connection: keep-alive
Vary: Accept-Encoding, Cookie
Content-Length: 34742
X-Content-Type-Options: nosniff

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 7ms
6ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:06:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 06 Oct 2021 12:06:52 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 93 KB
37 KB 21ms
20ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PNTFWMJ&cid=1091894568.1633519902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

c271e81e0a981e75687ddf3079e624b75718f2b279917a46e1674c0a9c697173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37329
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Oct 2021 11:31:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 24ms
23ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=947440256&t=pageview&_s=1&dl=https%3A%2F%2Ftollers.legl.com%2Fengage%2Fapp40l32x%2F&ul=en-us&de=UTF-8&dt=Engage%20by%20Legl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEATQAAAAC~&jid=554405382&gjid=1795630629&cid=1091894568.1633519902&tid=UA-62848220-2&_gid=961263651.1633519902&_r=1&_slc=1&did=i5iSjo&z=715808020

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tollers.legl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 11:31:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tollers.legl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
460 B 73ms
25ms XHR
text/plain 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-62848220-2&cid=1091894568.1633519902&jid=554405382&gjid=1795630629&_gid=961263651.1633519902&_u=KGBAAEASQAAAAC~&z=1782922816

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tollers.legl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Oct 2021 11:31:41 GMT
content-type: text/plain
access-control-allow-origin: https://tollers.legl.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
legl-posthog.herokuapp.com/decide/ 193 B
653 B 42ms
42ms XHR
application/json 46.137.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/decide/?ip=1&_=1633519901867

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-15-86.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tollers.legl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 06 Oct 2021 11:31:41 GMT
Via: 1.1 vegur
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Vary: Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://tollers.legl.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 193
X-Content-Type-Options: nosniff

GET
H2 200 / Show response
tollers.legl.com/engage/app40l32x/welcome-step/ 147 B
788 B 153ms
153ms Fetch
application/json 172.67.71.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tollers.legl.com/engage/app40l32x/welcome-step/

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c260c784458625a6bc223728835a94c42bf87292f7da06216caf8a96a3549fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /engage/app40l32x/welcome-step/
pragma: no-cache
cookie: csrftoken=17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mY59B:xHHWikIYdLRm-EwLzboAtu45tq9z87-pui24P7Wmg2U; _ga=GA1.2.1091894568.1633519902; _gid=GA1.2.961263651.1633519902; _gat=1; ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog=%7B%22distinct_id%22%3A%2217c555f9ca8561-055941dcea249f-a7d193d-1d4c00-17c555f9ca96b8%22%2C%22%24device_id%22%3A%2217c555f9ca8561-055941dcea249f-a7d193d-1d4c00-17c555f9ca96b8%22%2C%22application%22%3A%22engage%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: tollers.legl.com
referer: https://tollers.legl.com/engage/app40l32x/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/engage/app40l32x/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:31:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: application/json
content-encoding: br
vary: Accept-Language, Cookie
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsqZqtLOoa9aeCRHJp4reWZczlb%2B%2BB0tMiu%2BkamnZSPY6zKYkpu2fiBkzc%2FelRx40TChX9Y27KOZ%2FwPD8eTMJRndNfE7pNmRMTbuAPapX1%2BEWnWeZZF9f3qu37eP10UaDK0%3D"}],"group":"cf-nel","max_age":604800}
content-language: us
set-cookie: sessionid=.eJwtjssKwjAURH_lkpUFSaLpA-tKXCho3Si4lKjXGnrbhDTFovjvZuFuOMMw58MupLt60DWykg09m7IhtKz8xIz-EnEXYlHZtyHSIuMSJmfT3e2rh8MJZpLLJUSQp0sY8zSBlXOEZ7zuTBCZKrjKYbLbnqr9FMg0CBu8NTaB9dPbFsVCccnTrCh4ruCoH9qb_yqKeHyg9-jj_zME15dCBEuEvueENfGbbQV2dXQU2rlUkpqPgn2_PzMkQcY:1mY59C:YOODDfw-zygSWMASZM14BzpmTZAwfJiEsPLYdo9d4XA; expires=Wed, 20 Oct 2021 11:31:42 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=None; Secure
cf-ray: 699e909ee89a2794-PRG

GET
DATA 200
OK truncated
/ 286 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html Show response
js.stripe.com/v3/ Frame 0E99 215 B
973 B 20ms
20ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1942d92c0cf67997cea0dc7c6058f7d4231a56aadafacacc15ed65c1e8a49925

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tollers.legl.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: efvreysSFnCOb2QlrA5QF+HAliBoh+2b35dPdSQ3nm5I3xV4k42ak1iQqzgNFwRgDxJQTC4eVMg=
x-amz-request-id: 3MJ1JGP7R3184V5N
last-modified: Thu, 30 Sep 2021 22:19:33 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
x-edge-origin-shield-skipped: 0
date: Wed, 06 Oct 2021 11:28:27 GMT
cache-control: public, max-age=300
etag: "79f4c4ec97e4a9c650a8aa5dc0a621df"
x-cache: Hit from cloudfront
via: 1.1 0cef334729aed841ca9f130c177beebb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: I6L2CIYJlc0HTArC2G5Ev55K-0E8aQUq_v2gvYZVQxsFa5aq2si0xA==
age: 195

GET
H2 200 m-outer-a630934868d6eead16233600eabc02b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0E99 1 KB
2 KB 21ms
21ms Script
application/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a630934868d6eead16233600eabc02b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7aa8a31521fca34e454549169275a559b334ff604261a4a2ef89319d3bf5cf6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"8240ee835643f4c573d637d6184b80e7"
age: 298
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
x-amz-request-id: HQDFW4KWAV1GZVXR
x-amz-id-2: U4oZLa3NK16MqvVDRK943iQnvGUbE9WCOtbBYcC4lZ1oHgcGr1PbPt8zncAZA52OnwoQnN/EMY4=
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 22:19:33 GMT
server: AmazonS3
date: Wed, 06 Oct 2021 11:26:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 0cef334729aed841ca9f130c177beebb.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: DoPFLkQ0ATGknPFwWKC5e5j8vmJluszr3efWa6Qj6fTbkB460-A7EA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3D24 932 B
1 KB 41ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a630934868d6eead16233600eabc02b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Oct 2021 11:31:43 GMT
via: 1.1 varnish
age: 18
x-served-by: cache-fra19144-FRA
x-cache: HIT
x-cache-hits: 20
x-timer: S1633519903.034860,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 528

POST
H2 200 csp-report
q.stripe.com/ Frame 3D24 0
121 B 519ms
169ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 06 Oct 2021 11:31:43 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 3D24 85 KB
16 KB 7ms
7ms Script
application/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 55
x-cache: HIT
content-length: 15786
x-served-by: cache-fra19144-FRA
server: Fastly
x-timer: S1633519903.049903,VS0,VE0
date: Wed, 06 Oct 2021 11:31:43 GMT
vary: Accept-Encoding, Origin
content-type: application/javascript
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 42

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 26ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: tollers.legl.com
URL: https://tollers.legl.com/engage/app40l32x/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: 3700EJ4ZWWQ4P78Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by: cache-hhn4081-HHN
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1633519903.176976,VS0,VE0
date: Wed, 06 Oct 2021 11:31:43 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 18261

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/smi9tjbm
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

32ms
7ms

Script
application/javascript

18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc64d209d5266628aa71816f745ebc9bcf7a9d7986c9cf9a016dc82a8c6cc28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:30:49 GMT
content-encoding: gzip
age: 55
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 6026
last-modified: Wed, 06 Oct 2021 10:45:45 GMT
server: AmazonS3
etag: "706b3121a789e2f9fab24cb6d9253273"
content-type: application/javascript; charset=UTF-8
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: xEXE51gVLTMsjHCXZgiFkgfcADICvByHGHVRBMlZjxnOCMxFJpv7qQ==

Redirect headers

date: Tue, 03 Aug 2021 15:43:05 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server: AmazonS3
age: 5514518
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: G4ZUjj20HLos_jbD2iJrtvGo3QMtnZYV9DlLi0sHrGNRxIpJdElbcA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 3D24 156 B
516 B 519ms
174ms XHR
text/plain 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d87dccc5dc45915672f3e02e44086e6ff3b97317fdfe4da9cae227928fee9f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 11:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK 6735f40c76 Show response
bam-cell.nr-data.net/1/ 49 B
921 B 555ms
536ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/6735f40c76?a=15255801&v=1210.e2a3f80&to=ZFZbbRNTXBUHARIPWV0cf0wPUUYPCQxJFkRcWVxaFUEcAwgFBwFTHVZXXgBVV0gQCwMRRR1QVVAEXEZcIwwBB1FWZVBcFhxVAxI%3D&rst=2254&ck=1&ref=https://tollers.legl.com/engage/app40l32x/&ap=203&be=443&fe=2221&dc=1612&perf=%7B%22timing%22:%7B%22of%22:1633519900932,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:11,%22c%22:11,%22s%22:23,%22ce%22:41,%22rq%22:41,%22rp%22:408,%22rpe%22:409,%22dl%22:412,%22di%22:727,%22ds%22:1612,%22de%22:1614,%22dc%22:2221,%22l%22:2221,%22le%22:2222%7D,%22navigation%22:%7B%7D%7D&fp=709&fcp=836&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tollers.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 11:31:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRSAQEIUFlbFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDBVcMWXRMB05WAhtDVwcKUFIAV1cFBVZXBwVTUkBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 699e90a30cfb4a79-FRA

GET
H2 200 frame-modern.0c7bfd90.js Show response
js.intercomcdn.com/ Frame 4466 268 KB
72 KB 7ms
7ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.0c7bfd90.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adae2b1d1a81615084d80435ad72b85f0a5716e81f1850c9e190331457c8736e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 10:45:49 GMT
content-encoding: gzip
age: 2755
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 73377
last-modified: Wed, 06 Oct 2021 10:15:36 GMT
server: AmazonS3
etag: "2e312fcefff78a71318d5876b3b3b2df"
content-type: application/javascript; charset=UTF-8
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: r01QHiaAh9ELXu27hZnK1EWPjbwfSzImb8gItH1bHDCL3aJ_zmIZaw==

GET
H2 200 vendor-modern.15e0be1b.js Show response
js.intercomcdn.com/ Frame 4466 125 KB
38 KB 15ms
15ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.15e0be1b.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 382edae1460467a51f6f41d8131bdcd8e048a85e1d558bf05bb30eb874d4ae5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 11:26:04 GMT
content-encoding: gzip
age: 340
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 38685
last-modified: Tue, 05 Oct 2021 09:23:05 GMT
server: AmazonS3
etag: "d732c4e1cdda7f96289f620501a6f476"
content-type: application/javascript; charset=UTF-8
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: ccZ_ho0jFU4wj-IN6X3BfqxaqX3zqfjfIXICKO75YVamx26Xob6V8A==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 4466 4 KB
2 KB 788ms
593ms XHR
application/json 75.2.88.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0c7bfd90.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.88.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b7745187fa7cbc64cf520a81e2b4e8055f86fa1500729a3d7f9ae1e4f4fc0153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Oct 2021 11:31:44 GMT
content-encoding: gzip
x-ami-version: ami-0616d08a6fb141b64
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000ip62btkrr9agi3sjg
x-runtime: 0.479504
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"b7745187fa7cbc64cf520a81e2b4e805"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tollers.legl.com
x-intercom-version: 5fa5bfc77b8e20ed96b5c19e12543d2a32d0ebe8
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1633519910
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

POST
H/1.1 200
OK / Show response
legl-posthog.herokuapp.com/e/ 13 B
472 B 72ms
71ms XHR
application/json 46.137.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/e/?compression=gzip-js&ip=1&_=1633519905551

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-15-86.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tollers.legl.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 06 Oct 2021 11:31:45 GMT
Via: 1.1 vegur
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Vary: Cookie
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://tollers.legl.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 13
X-Content-Type-Options: nosniff

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tollers.legl.com/	1970-01-20 06:29:29	Name: csrftoken Value: 17rbWIH4E4uZgXisvqhyyILHQqc70FUSYdgv8FpqdDFkgQvAOKUDRQJJebKDnHHR
.legl.com/	1970-01-20 15:16:31	Name: _ga Value: GA1.2.1091894568.1633519902
.legl.com/	1970-01-19 21:46:46	Name: _gid Value: GA1.2.961263651.1633519902
.legl.com/	1970-01-19 21:45:19	Name: _gat Value: 1
.legl.com/	1970-01-20 06:30:55	Name: ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog Value: %7B%22distinct_id%22%3A%2217c555f9ca8561-055941dcea249f-a7d193d-1d4c00-17c555f9ca96b8%22%2C%22%24device_id%22%3A%2217c555f9ca8561-055941dcea249f-a7d193d-1d4c00-17c555f9ca96b8%22%2C%22application%22%3A%22engage%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%7D
tollers.legl.com/	1970-01-19 22:05:29	Name: sessionid Value: .eJwtjssKwjAURH_lkpUFSaLpA-tKXCho3Si4lKjXGnrbhDTFovjvZuFuOMMw58MupLt60DWykg09m7IhtKz8xIz-EnEXYlHZtyHSIuMSJmfT3e2rh8MJZpLLJUSQp0sY8zSBlXOEZ7zuTBCZKrjKYbLbnqr9FMg0CBu8NTaB9dPbFsVCccnTrCh4ruCoH9qb_yqKeHyg9-jj_zME15dCBEuEvueENfGbbQV2dXQU2rlUkpqPgn2_PzMkQcY:1mY59C:YOODDfw-zygSWMASZM14BzpmTZAwfJiEsPLYdo9d4XA
m.stripe.com/	1970-01-20 15:16:31	Name: m Value: 13b4b881-9cbe-454f-a410-de1cf6b659922e8ca3
.tollers.legl.com/	1970-01-20 06:30:55	Name: __stripe_mid Value: 524b49e8-9caf-49a2-81fb-19cacf2a4a4f298b82
.tollers.legl.com/	1970-01-19 21:45:21	Name: __stripe_sid Value: 1ae802dc-17f0-4904-b9f8-0d8c31fd35b1edc8fe
.legl.com/	1970-01-20 04:14:09	Name: intercom-id-f4wk485h Value: b78a742d-77e5-457e-ba59-d246505d9a7d
.legl.com/	1970-01-19 21:55:24	Name: intercom-session-f4wk485h Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam-cell.nr-data.net
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
q.stripe.com
stats.g.doubleclick.net
tollers.legl.com
unpkg.com
widget.intercom.io
www.google-analytics.com
104.16.125.175
13.32.99.55
142.250.184.202
142.250.185.174
151.101.0.176
151.101.114.208
151.101.66.137
151.101.66.217
162.247.243.146
172.67.71.217
18.66.122.50
18.66.139.67
216.58.212.131
34.120.195.249
34.215.192.98
46.137.15.86
54.187.119.242
66.102.1.157
69.16.175.42
75.2.88.188
0cbae14955a5bce5ffb89da715c9bc0d9d5c4aebadf6e0d7decee7ba71abbd27
0f39c66b05c3a32733c8c23d109711cc16da069ca4de88f081890d0431b4b200
15f2f9492aadffe1fd2edfedcc91a77068a5445350190636c1e2ecab234c4df5
1942d92c0cf67997cea0dc7c6058f7d4231a56aadafacacc15ed65c1e8a49925
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d6da9906784440160d95c6addc075412e1d4018b997f8d0bceaeab685da72e9
382edae1460467a51f6f41d8131bdcd8e048a85e1d558bf05bb30eb874d4ae5a
3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5415bac2043fc2ac4abb2e4cf3b5219f96efcc199e5e0595422c00a8f2d48dfa
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75875417974ab0ce18b65414331bdc5a486072f4351b5ed2953c0432d12c2aaa
7655ebb2e950383dc9871dff49bccffe0667f473a462331b2485acc97c32f4a8
7aa8a31521fca34e454549169275a559b334ff604261a4a2ef89319d3bf5cf6c
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fa0f71ac3e212f1b1ee2621e254b27464a4289099b2d5eea299eb07e6e55357
98cd8cd3dcfe89d4cf8b98107324d92e17738834eca23d0e24fa0cb89e7501cc
acf4a80102f5852a10b88324f0084b242191b81afa1596b3666468328b523a06
adae2b1d1a81615084d80435ad72b85f0a5716e81f1850c9e190331457c8736e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7745187fa7cbc64cf520a81e2b4e8055f86fa1500729a3d7f9ae1e4f4fc0153
b8a2a421a56d1e5e72845fce2dd37fc3034737d4403bbf0cbd5f2768d4b2f74d
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bc66eedfa6d22dcfabea4531f0acbdf5e6ac013b6a3fcbac2324e128061a1a45
c1141b1e5cab66fa87efaaa5c19bc0aca95efc9ff3c4c74f9f4d481f6694fa0a
c260c784458625a6bc223728835a94c42bf87292f7da06216caf8a96a3549fbd
c271e81e0a981e75687ddf3079e624b75718f2b279917a46e1674c0a9c697173
c3f90114a2e6c5448a2599f5941da3d05ac275d83b091f19b62295e892d79531
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
d87dccc5dc45915672f3e02e44086e6ff3b97317fdfe4da9cae227928fee9f7d
dbc64d209d5266628aa71816f745ebc9bcf7a9d7986c9cf9a016dc82a8c6cc28
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

tollers.legl.com Open in urlscan Pro 172.67.71.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

0 %IPv6

17 Domains

20 Subdomains

20 IPs

4 Countries

4208 kBTransfer

14185 kBSize

11 Cookies

3 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tollers.legl.com Open in urlscan Pro
172.67.71.217 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

20
Subdomains

20
IPs

4
Countries

4208 kB
Transfer

14185 kB
Size

11
Cookies

40 HTTP transactions
1 data transactions