login.app.legaltrek.com Open in urlscan Pro
35.157.124.88 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.app.legaltrek.com/
Submission: On September 23 via automatic, source certstream-suspicious (September 23rd 2019, 12:56:40 pm UTC)

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 21 HTTP transactions. The main IP is 35.157.124.88, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is login.app.legaltrek.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on September 11th 2018. Valid for: a year.

This is the only time login.app.legaltrek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	35.157.124.88 35.157.124.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	143.204.214.55 143.204.214.55	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	13.32.218.32 13.32.218.32	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.214.67 143.204.214.67	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
21	4

14 35.157.124.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com

login.app.legaltrek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.55 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-55.fra53.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.218.32 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-32.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.67 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-67.fra53.r.cloudfront.net

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	legaltrek.com login.app.legaltrek.com	370 KB
5	intercomcdn.com js.intercomcdn.com	289 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
0	intercomassets.com Failed static.intercomassets.com Failed
21	4

	Domain	Requested by
14	login.app.legaltrek.com	login.app.legaltrek.com
5	js.intercomcdn.com	login.app.legaltrek.com js.intercomcdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
0	static.intercomassets.com Failed
21	5

This site contains no links.

Subject Issuer	Validity	Valid
*.app.legaltrek.com RapidSSL RSA CA 2018	`2018-09-11` - `2019-09-23`	a year	crt.sh
*.intercomcdn.com Amazon	`2019-04-27` - `2020-05-27`	a year	crt.sh
*.intercom.com Amazon	`2019-06-11` - `2020-07-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.app.legaltrek.com/
Frame ID: D99DB8AC2F8630D5425F676E56D849B1
Requests: 15 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.784ce67c.js
Frame ID: 746C234FE199F2EC750F01D1F7F7FCA0
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: EDC9AF849BC0E3DD1D57964E39C5DF8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

29 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

661 kB
Transfer

2004 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://widget.intercom.io/widget/8292cb4b25315f6bf066e3c2f6201c8836f26304 HTTP 302
https://js.intercomcdn.com/shim.latest.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
login.app.legaltrek.com/ 7 KB
3 KB 990ms
33ms Document
text/html 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: aa517158b6e3332f55152452cd45ba2a9efa218099e1616c0ebf835cb4df0dda

Request headers

Host: login.app.legaltrek.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx
Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ETag: W/"1b71-To+OA7YrHMecVA099VboE7I0MX8"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/8292cb4b25315f6bf066e3c2f6201c8836f26304
https://js.intercomcdn.com/shim.latest.js

11 KB
4 KB

22374ms
26ms

Script
application/javascript

13.32.218.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-218-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6c48bf38a7d91c678f238950f98224788dcbc5ada8b933da45b8aaa542a3410

Request headers

Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 12:52:58 GMT
content-encoding: gzip
age: 194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 4047
last-modified: Fri, 20 Sep 2019 18:57:51 GMT
server: AmazonS3
etag: "36a7d021c1b93377e8ee5b2bfc068ee5"
content-type: application/javascript; charset=UTF-8
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: ePErRcWDtyppt9dz5tBrKNWF-VgnnuGekrMBDLakF8aAMwqKQli5hw==

Redirect headers

date: Fri, 07 Jun 2019 11:16:48 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: AmazonS3
age: 9337142
status: 302
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: O32aRi-Z8m5sk2dqPQga0rucfbHFtgy-PMMd-sACg_zyfCt_nRCrMA==

GET
H/1.1 200
OK bootstrap.css
login.app.legaltrek.com/frontend/css/ 126 KB
19 KB 56ms
54ms Stylesheet
text/css 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/bootstrap.css
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 2e83d83849aae44f31d1045fbe8e99fe159565cfe4b599d6ac3ad76914036de6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"1f8e9-15d3bcfe961"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap-responsive.css
login.app.legaltrek.com/frontend/css/ 22 KB
5 KB 85ms
34ms Stylesheet
text/css 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/bootstrap-responsive.css
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 602eb8a72e5765db1f40362306c6fc0c44cecf78af3eadff7127350702577d5f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"564b-15d3bcfe961"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap-editable.css
login.app.legaltrek.com/frontend/css/ 21 KB
4 KB 84ms
32ms Stylesheet
text/css 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/bootstrap-editable.css
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 9e3f334facef70ee4654d926ea481d322f864db4727f87a00c2fdccd058e0d9b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"522b-15d3bcfe961"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK select2.css
login.app.legaltrek.com/frontend/js/select2/ 19 KB
4 KB 87ms
34ms Stylesheet
text/css 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/select2/select2.css
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 84ff83366797cfa0327e048975749acc8457df9c1a035b6038b550985c9080d4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"4c30-15d3bcfe9f9"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK main.css
login.app.legaltrek.com/frontend/css/ 361 KB
69 KB 114ms
61ms Stylesheet
text/css 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/main.css
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 95caabecbd2d02161c9bb4aa912c2e126b3058473f40ddf7c85f8f433f0e9df9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"5a267-15d3bcfe981"
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
login.app.legaltrek.com/frontend/js/vendor/ 91 KB
33 KB 117ms
64ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/vendor/jquery-1.10.2.min.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: a1849baa65ba047de397d0585470a081b472ec2a41fdb1c2f0d6d78af2b02f73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"16bb4-15d3bcfea01"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.alphanumeric.js Show response
login.app.legaltrek.com/frontend/js/ 1 KB
1 KB 91ms
34ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/jquery.alphanumeric.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: c088acf9dd44bc3c6aa4a060d1a7fff8f15c565267e9e011db75d1aa1d17584e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"5fe-15d3bcfe9e5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.js Show response
login.app.legaltrek.com/frontend/js/vendor/ 61 KB
12 KB 123ms
39ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/vendor/bootstrap.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 141d8db3a2e2490e5e73f2913b4b315fa30c7714ee34d929abee83bdb70f74d7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"f56a-15d3bcfea01"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap-editable.js Show response
login.app.legaltrek.com/frontend/js/vendor/ 217 KB
49 KB 136ms
51ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/vendor/bootstrap-editable.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 6b0a89845f6679874e04df6ed2201138e7ef546443ff8d150e8cca974645f0d1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"3633a-15d3bcfea01"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK spin.min.js Show response
login.app.legaltrek.com/frontend/js/spin/ 4 KB
3 KB 118ms
31ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/spin/spin.min.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 47c173586b07dd2a42b754e22d4348a5fc2f0a110b934b242f453c97cb24bc47

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"1150-15d3bcfe9fd"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.spin.js Show response
login.app.legaltrek.com/frontend/js/spin/ 2 KB
1 KB 126ms
35ms Script
application/javascript 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/js/spin/jquery.spin.js
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 47c5218169df94770f66c26a133d9c2d38f50b1c1442e1ff8d0fb2751f9646ee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://login.app.legaltrek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"6dd-15d3bcfe9fd"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK OpenSans-Regular-webfont.woff
login.app.legaltrek.com/frontend/css/fonts/opensans/ 83 KB
83 KB 31ms
31ms Font
application/font-woff 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/fonts/opensans/OpenSans-Regular-webfont.woff
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 33637fa0826291bfe2cf8cd916c1e0e96a0e6f9f7fbb9a7e93c183e5448d1774

Request headers

Sec-Fetch-Mode: cors
Referer: https://login.app.legaltrek.com/frontend/css/main.css
Origin: https://login.app.legaltrek.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"14bc0-15d3bcfe971"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84928

GET
H/1.1 200
OK OpenSans-Semibold-webfont.woff
login.app.legaltrek.com/frontend/css/fonts/opensans/ 85 KB
86 KB 34ms
33ms Font
application/font-woff 35.157.124.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://login.app.legaltrek.com/frontend/css/fonts/opensans/OpenSans-Semibold-webfont.woff
Requested by: Host: login.app.legaltrek.com
URL: https://login.app.legaltrek.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.124.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-124-88.eu-central-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 3426227fd2f95385a65aa5f5dd423506b037fed0183a5684321f6b616124214d

Request headers

Sec-Fetch-Mode: cors
Referer: https://login.app.legaltrek.com/frontend/css/main.css
Origin: https://login.app.legaltrek.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 12:55:34 GMT
Last-Modified: Thu, 13 Jul 2017 11:57:47 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"155f0-15d3bcfe975"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87536

GET
H2 200 frame.784ce67c.js Show response
js.intercomcdn.com/ Frame 746C 282 KB
78 KB 31ms
30ms Script
application/javascript 13.32.218.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame.784ce67c.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-218-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6807bd244e88723ee60426c1a713a928ccb2d87de1d5de714af438eeb78f710

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:58:46 GMT
content-encoding: gzip
age: 7093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 79239
last-modified: Fri, 20 Sep 2019 18:52:40 GMT
server: AmazonS3
etag: "42e75b6a0ebe6f8ead139e499c448dc5"
content-type: application/javascript; charset=UTF-8
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: whRsAtIg0Cy5xLXqPJOyUFejBultoihNLz87C7qenRMR-jGdFKVtxA==

GET
H2 200 vendor.7bb778ba.js Show response
js.intercomcdn.com/ Frame 746C 569 KB
174 KB 57ms
57ms Script
application/javascript 13.32.218.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor.7bb778ba.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-218-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 448b5436fb4b698d5ee9299bc9b5d1762a71327488bf89aaa54cebc2d42f16b7

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:58:46 GMT
content-encoding: gzip
age: 7093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 177655
last-modified: Fri, 20 Sep 2019 18:52:41 GMT
server: AmazonS3
etag: "005b7f641a2455532155f67cf997a9dc"
content-type: application/javascript; charset=UTF-8
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: mjs4sA3JtMLIpvNcuJ0dLKOYrDOu07aaHvhxNfR99AkRY086XKQ8sw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 746C 3 KB
2 KB 11318ms
274ms XHR
application/json 143.204.214.67
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.784ce67c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.67 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-214-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c031dddc9f951134e55254dc6ca5c2868902d8ec9ffac9b871b9a196b7d79a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 23 Sep 2019 12:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 00005s4mnu4vnqulo750
x-runtime: 0.159294
access-control-allow-origin: https://login.app.legaltrek.com
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"c031dddc9f951134e55254dc6ca5c286"
x-ratelimit-remaining: 1999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
x-intercom-version: 7d978418fc2b788760ad24c8798d82025c0729bd
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1569243420
x-ratelimit-limit: 2000
access-control-allow-headers: Content-Type
x-amz-cf-id: NsyWLFUREW_JilyPVm9niaQFby2ONvJNM_7OFkEPpC7SzjI5eRLs9Q==

GET
H2 200 launcher-discovery.03c85b1b.js Show response
js.intercomcdn.com/ Frame 746C 11 KB
4 KB 28ms
27ms Script
application/javascript 13.32.218.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery.03c85b1b.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.784ce67c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-218-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84074d5f26a6b5b287c9a781d0021b0b81ec550a7738b86be9f296b885f9c3b0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 11:04:58 GMT
content-encoding: gzip
age: 6698
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 3522
last-modified: Fri, 20 Sep 2019 18:52:40 GMT
server: AmazonS3
etag: "79e2c91ad3f3507dbe9856af097ea7d5"
content-type: application/javascript; charset=UTF-8
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: jLZkmlTWgd9ysX6TrE6_0zON1us98El3nLBIYkxPXeaNgIdDFaOMcQ==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame EDC9 28 KB
29 KB 524ms
469ms Font
font/woff 13.32.218.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/launcher-discovery.03c85b1b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.218.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-218-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Sec-Fetch-Mode: cors
Referer: https://login.app.legaltrek.com/
Origin: https://login.app.legaltrek.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 12:56:31 GMT
via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA56
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
content-length: 28960
last-modified: Fri, 20 Sep 2019 18:52:41 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: CW6HERPLjeYmLOMaD9TIHbDHtKABV3sb2WkRetnWRG9ULHgBfRJAVw==

GET _GTP9645-1510661597.jpg
static.intercomassets.com/avatars/735224/square_128/ Frame EDC9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.intercomassets.com
URL: https://static.intercomassets.com/avatars/735224/square_128/_GTP9645-1510661597.jpg?1510661597

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
js.intercomcdn.com
login.app.legaltrek.com
static.intercomassets.com
widget.intercom.io
static.intercomassets.com
13.32.218.32
143.204.214.55
143.204.214.67
35.157.124.88
141d8db3a2e2490e5e73f2913b4b315fa30c7714ee34d929abee83bdb70f74d7
2e83d83849aae44f31d1045fbe8e99fe159565cfe4b599d6ac3ad76914036de6
33637fa0826291bfe2cf8cd916c1e0e96a0e6f9f7fbb9a7e93c183e5448d1774
3426227fd2f95385a65aa5f5dd423506b037fed0183a5684321f6b616124214d
448b5436fb4b698d5ee9299bc9b5d1762a71327488bf89aaa54cebc2d42f16b7
47c173586b07dd2a42b754e22d4348a5fc2f0a110b934b242f453c97cb24bc47
47c5218169df94770f66c26a133d9c2d38f50b1c1442e1ff8d0fb2751f9646ee
602eb8a72e5765db1f40362306c6fc0c44cecf78af3eadff7127350702577d5f
6b0a89845f6679874e04df6ed2201138e7ef546443ff8d150e8cca974645f0d1
84074d5f26a6b5b287c9a781d0021b0b81ec550a7738b86be9f296b885f9c3b0
84ff83366797cfa0327e048975749acc8457df9c1a035b6038b550985c9080d4
95caabecbd2d02161c9bb4aa912c2e126b3058473f40ddf7c85f8f433f0e9df9
9e3f334facef70ee4654d926ea481d322f864db4727f87a00c2fdccd058e0d9b
a1849baa65ba047de397d0585470a081b472ec2a41fdb1c2f0d6d78af2b02f73
aa517158b6e3332f55152452cd45ba2a9efa218099e1616c0ebf835cb4df0dda
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
c031dddc9f951134e55254dc6ca5c2868902d8ec9ffac9b871b9a196b7d79a5a
c088acf9dd44bc3c6aa4a060d1a7fff8f15c565267e9e011db75d1aa1d17584e
c6c48bf38a7d91c678f238950f98224788dcbc5ada8b933da45b8aaa542a3410
e6807bd244e88723ee60426c1a713a928ccb2d87de1d5de714af438eeb78f710

login.app.legaltrek.com Open in urlscan Pro 35.157.124.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

29 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

661 kBTransfer

2004 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

login.app.legaltrek.com Open in urlscan Pro
35.157.124.88 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

29 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

661 kB
Transfer

2004 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions