www.leger.co.uk Open in urlscan Pro
134.213.141.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emails-leger.co.uk/_act/link.php?mId=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385...
Effective URL:
https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid...
Submission: On May 03 via api (May 3rd 2022, 8:29:21 am UTC) from DE — Scanned from DE

Summary HTTP 121 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 29 domains to perform 121 HTTP transactions. The main IP is 134.213.141.135, located in United Kingdom and belongs to RACKSPACE-LON, GB. The main domain is www.leger.co.uk.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 4th 2021. Valid for: a year.

This is the only time www.leger.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.214.58.10 52.214.58.10	16509 (AMAZON-02) (AMAZON-02)
18	134.213.141.135 134.213.141.135	15395 (RACKSPACE...) (RACKSPACE-LON)
3	5.79.35.180 5.79.35.180	15395 (RACKSPACE...) (RACKSPACE-LON)
24	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:252f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:da00:2:36a1:2f40:21	() ()
12	2606:4700:10:... 2606:4700:10::6816:21a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
2	52.213.150.210 52.213.150.210	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.233 151.101.192.233	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	35.190.84.153 35.190.84.153	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:e000:7:5031:dc0:21	() ()
1	99.86.4.69 99.86.4.69	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:2e00:e:98bf:5f00:21	() ()
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:224... 2600:9000:224a:6800:16:f02f:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.213.112.161 52.213.112.161	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.63.46 65.9.63.46	() ()
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.157.4.53 108.157.4.53	16509 (AMAZON-02) (AMAZON-02)
1	65.9.63.123 65.9.63.123	() ()
121	38

1 52.214.58.10 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-58-10.eu-west-1.compute.amazonaws.com

emails-leger.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 134.213.141.135 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

www.leger.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.79.35.180 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

phone.legerbookings.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

leger.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
leger2.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:da00:2:36a1:2f40:21 (United States)

ASN- ()

d81mfvml8p5ml.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:21a2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.responseiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.responseiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.responseiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

a.optnmstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.150.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-150-210.eu-west-1.compute.amazonaws.com

c5.adalyser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.233 (United States)

ASN54113 (FASTLY, US)

td.yieldify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.84.153 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 153.84.190.35.bc.googleusercontent.com

static.responseiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:e000:7:5031:dc0:21 (United States)

ASN- ()

dn1i8v75r669j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-69.fra6.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:2e00:e:98bf:5f00:21 (United States)

ASN- ()

dkpklk99llpj0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:224a:6800:16:f02f:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c2.dycdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.112.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-112-161.eu-west-1.compute.amazonaws.com

am.freshrelevance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.46 (United States)

ASN- ()
PTR: server-65-9-63-46.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.123 (United States)

ASN- ()
PTR: server-65-9-63-123.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	imgix.net leger.imgix.net — Cisco Umbrella Rank: 953374 leger2.imgix.net	979 KB
18	leger.co.uk www.leger.co.uk	937 KB
16	responseiq.com app.responseiq.com — Cisco Umbrella Rank: 161296 static.responseiq.com — Cisco Umbrella Rank: 176572 api.responseiq.com — Cisco Umbrella Rank: 337042 storage.responseiq.com — Cisco Umbrella Rank: 715807	103 KB
7	clarity.ms 1 redirects f.clarity.ms — Cisco Umbrella Rank: 2798 c.clarity.ms — Cisco Umbrella Rank: 926	24 KB
6	gstatic.com fonts.gstatic.com	111 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 432 fonts.googleapis.com — Cisco Umbrella Rank: 111 storage.googleapis.com — Cisco Umbrella Rank: 742	75 KB
4	dycdn.net c2.dycdn.net — Cisco Umbrella Rank: 209692	6 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 605 c.bing.com — Cisco Umbrella Rank: 379	13 KB
4	cloudfront.net d81mfvml8p5ml.cloudfront.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net	22 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 920 script.hotjar.com — Cisco Umbrella Rank: 1202 vars.hotjar.com — Cisco Umbrella Rank: 1251	66 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	57 KB
3	legerbookings.co.uk phone.legerbookings.co.uk	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	499 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	113 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	655 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
2	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 6386 api.omappapi.com — Cisco Umbrella Rank: 6463	4 KB
2	adalyser.com c5.adalyser.com — Cisco Umbrella Rank: 36805	13 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 574	127 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3009	257 B
1	freshrelevance.com am.freshrelevance.com — Cisco Umbrella Rank: 16764	97 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	yieldify.com td.yieldify.com — Cisco Umbrella Rank: 25648
1	optnmstr.com a.optnmstr.com — Cisco Umbrella Rank: 64016	54 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	56 KB
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 40431	2 KB
1	emails-leger.co.uk 1 redirects emails-leger.co.uk	685 B
121	29

	Domain	Requested by
18	www.leger.co.uk	www.leger.co.uk
17	leger2.imgix.net	www.leger.co.uk
7	app.responseiq.com	www.leger.co.uk static.responseiq.com
7	leger.imgix.net	www.leger.co.uk
6	fonts.gstatic.com	fonts.googleapis.com
5	f.clarity.ms	bat.bing.com static.responseiq.com
4	api.responseiq.com	www.leger.co.uk
4	c2.dycdn.net	static.responseiq.com
4	static.responseiq.com	app.responseiq.com www.leger.co.uk
3	fonts.googleapis.com	ajax.googleapis.com client
3	bat.bing.com	www.leger.co.uk bat.bing.com
3	www.google-analytics.com	www.leger.co.uk www.google-analytics.com
3	phone.legerbookings.co.uk	www.leger.co.uk phone.legerbookings.co.uk
2	www.facebook.com
2	c.clarity.ms	1 redirects
2	connect.facebook.net	www.leger.co.uk connect.facebook.net
2	cdnjs.cloudflare.com	www.leger.co.uk
2	www.google.de	www.leger.co.uk
2	www.google.com	www.leger.co.uk
2	storage.googleapis.com	static.responseiq.com
2	dkpklk99llpj0.cloudfront.net	d81mfvml8p5ml.cloudfront.net
2	c5.adalyser.com	www.leger.co.uk
2	cdn.jsdelivr.net	www.leger.co.uk
1	storage.responseiq.com
1	vc.hotjar.io	static.responseiq.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	c.bing.com	1 redirects
1	static.hotjar.com	www.leger.co.uk
1	am.freshrelevance.com	static.responseiq.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.omappapi.com	a.optnmstr.com
1	a.omappapi.com	a.optnmstr.com
1	dn1i8v75r669j.cloudfront.net	d81mfvml8p5ml.cloudfront.net
1	www.googleadservices.com	www.googletagmanager.com
1	td.yieldify.com	www.leger.co.uk
1	a.optnmstr.com	www.leger.co.uk
1	ajax.googleapis.com	www.leger.co.uk
1	d81mfvml8p5ml.cloudfront.net	www.leger.co.uk
1	www.googletagmanager.com	www.leger.co.uk
1	js.maxmind.com	www.leger.co.uk
1	emails-leger.co.uk	1 redirects
121	43

This site contains links to these domains. Also see Links.

Domain
mybooking.legerbookings.co.uk
www.facebook.com
twitter.com
www.youtube.com
www.abta.com
www.caa.co.uk
www.feefo.com
www.cyberessentials.ncsc.gov.uk
instagram.com
travelaware.campaign.gov.uk
oops.responseiq.com

Subject Issuer	Validity	Valid
*.leger.co.uk Go Daddy Secure Certificate Authority - G2	`2021-09-04` - `2022-09-02`	a year	crt.sh
*.legerbookings.co.uk Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-07-26`	2 years	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.maxmind.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-27` - `2022-11-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
a.optnmstr.com R3	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.adalyser.com Thawte RSA CA 2018	`2021-06-11` - `2022-07-12`	a year	crt.sh
*.yieldify.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-24` - `2023-02-25`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
static.responseiq.com GTS CA 1D4	`2022-04-08` - `2022-07-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
a.omappapi.com R3	`2022-04-30` - `2022-07-29`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.dycdn.net Amazon	`2022-03-12` - `2023-04-10`	a year	crt.sh
*.freshrelevance.com Amazon	`2021-06-16` - `2022-07-15`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-09` - `2022-05-10`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Frame ID: EC49EEB55DE6DA0DC8270DCD319160C1
Requests: 125 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 40509B1B34BE6EB5A0BEDDDF53FC4586
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AllExperiences | Leger Holidays

Page URL History Show full URLs

http://emails-leger.co.uk/_act/link.php?mId=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f64024... HTTP 302
https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=Welc... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

121
Requests

99 %
HTTPS

58 %
IPv6

29
Domains

43
Subdomains

38
IPs

6
Countries

2787 kB
Transfer

6692 kB
Size

35
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://mybooking.legerbookings.co.uk/
Title: MyBooking

Search URL Search Domain Scan URL

URL: https://www.facebook.com/legertours

Search URL Search Domain Scan URL

URL: https://twitter.com/legerholidays

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/legerholidays

Search URL Search Domain Scan URL

URL: https://www.abta.com/

Search URL Search Domain Scan URL

URL: http://www.caa.co.uk/application.aspx?catid=490&pagetype=65&appid=2&mode=detailnosummary&atolNbr=3880&mbrId=

Search URL Search Domain Scan URL

URL: https://www.feefo.com/en-gb/reviews/leger?displayFeedbackType=BOTH&timeFrame=YEAR

Search URL Search Domain Scan URL

URL: https://www.cyberessentials.ncsc.gov.uk/further-scheme-information

Search URL Search Domain Scan URL

URL: http://instagram.com/legerholidays

Search URL Search Domain Scan URL

URL: https://travelaware.campaign.gov.uk/
Title: travelaware.campaign.gov.uk

Search URL Search Domain Scan URL

URL: https://mybooking.legerbookings.co.uk/static/pdfs/latest/LegerEssentialHolidayInformation.pdf
Title: Essential Information

Search URL Search Domain Scan URL

URL: https://mybooking.legerbookings.co.uk/static/pdfs/latest/BookingConditions.pdf
Title: Booking Conditions

Search URL Search Domain Scan URL

URL: https://mybooking.legerbookings.co.uk/static/pdfs/latest/ThingsYouNeedToKnow.pdf
Title: Things You Need To Know

Search URL Search Domain Scan URL

URL: https://oops.responseiq.com/?utm_source=widget&utm_medium=referral&utm_campaign=leger.co.uk
Title: We're by ResponseiQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emails-leger.co.uk/_act/link.php?mId=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&tId=191440308 HTTP 302
https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&RedC=c.clarity.ms&MXFR=2AB7D2BD2490642F1AB0C32420906A85 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&MUID=38FC7B6D273E6AA339CE6AF426EC6B9C

121 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request allexperiences Show response
www.leger.co.uk/home/
Redirect Chain

http://emails-leger.co.uk/_act/link.php?mId=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&tId=191440308
https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c0443...

732 KB
74 KB

220ms
111ms

Document
text/html

134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

99b5dd8da992845d9909731e4aaaae777f60552a0a57a163be67d85dcba78c1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: public, no-cache="Set-Cookie", max-age=900
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 03 May 2022 08:29:11 GMT
Expires: Tue, 03 May 2022 08:44:11 GMT
Last-Modified: Tue, 03 May 2022 08:29:11 GMT
Server: Microsoft-IIS/10.0
Transfer-Encoding: chunked
Vary: *
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: frame-ancestors 'self';
Content-Type: text/html
Date: Tue, 03 May 2022 08:29:11 GMT
Location: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK css
www.leger.co.uk/bundles/layout/ 962 KB
214 KB 54ms
30ms Stylesheet
text/css 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/bundles/layout/css?v=I3q6IaIMEmDqYOLilt6Fk6tPNuxh_K6XdCJpB2Mokmo1
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89f8554ce154ff087529c85a9c4ffae4da0b5d39a181881c49f0151dc0385794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 May 2022 08:29:11 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Wed, 03 May 2023 08:29:11 GMT

GET
H/1.1 200
OK sourcecampaign.es5.min.js Show response
phone.legerbookings.co.uk/ 6 KB
4 KB 71ms
22ms Script
application/javascript 5.79.35.180
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://phone.legerbookings.co.uk/sourcecampaign.es5.min.js
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.79.35.180 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f2954ec06bcbada6cbda6cfb36388d4b96808766ab09949b74805259bb0a9f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
ETag: "1d819c145ed752c"
Last-Modified: Fri, 04 Feb 2022 12:18:10 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK leger-logo-your-in-good-company-blue-MOBILE.svg
www.leger.co.uk/Includes/images/logos/ 9 KB
4 KB 24ms
21ms Image
image/svg+xml 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/logos/leger-logo-your-in-good-company-blue-MOBILE.svg
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c276f639d59888152dbb34f7e65207185d298939eb1fe32f7587d7c64159d92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
ETag: "032b784c245d81:0"
Last-Modified: Fri, 01 Apr 2022 12:17:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 3808

GET
H/1.1 200
OK leger-logo-blue.svg
www.leger.co.uk/Includes/images/logos/ 4 KB
2 KB 46ms
21ms Image
image/svg+xml 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/logos/leger-logo-blue.svg
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2d4675d0e24d470e9f1726cd74ec411c1cdcc7fbc70d03206159232e4510797d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
ETag: "032b784c245d81:0"
Last-Modified: Fri, 01 Apr 2022 12:17:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 1784

GET
H/1.1 200
OK leger-logo-your-in-good-company-blue.svg
www.leger.co.uk/Includes/images/logos/ 9 KB
4 KB 60ms
20ms Image
image/svg+xml 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/logos/leger-logo-your-in-good-company-blue.svg
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 267eca358fe39e16ec726192e3ed787f1c7e2b54717cfa21a649c614df75b09c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
ETag: "032b784c245d81:0"
Last-Modified: Fri, 01 Apr 2022 12:17:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 3881

GET
H2 200 leger-holidays-22598.jpg
leger.imgix.net/Urlslider/Imageslider_R0/ 8 KB
8 KB 33ms
8ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Urlslider/Imageslider_R0/leger-holidays-22598.jpg?auto=compress&w=737&h=553&q=0&blur=200&fit=crop&crop=edges

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

75af7aa053331cd2d6a8c5b95e823b179d4f6a009b948376da59ef888777b5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 08:03:31 GMT
server: imgix
age: 347140
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: f92d32303fd25662548a37eceee81c84a2370adb
accept-ranges: bytes
content-length: 7741
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10030-SJC, cache-hhn4073-HHN

GET
H2 200 social-senior-taking-selfie-23841.jpg
leger.imgix.net/Destinations/People_D1230/General/ 12 KB
12 KB 32ms
7ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Destinations/People_D1230/General/social-senior-taking-selfie-23841.jpg?w=140&h=140&auto=enhance&fit=crop&crop=edges

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

18c2e6655a114de9da36a1a455e77233493b0409746da2a768b99fb46b8ac56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 02:21:32 GMT
server: imgix
age: 194860
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 4fb55217d4cacf1d3e586c1ce1b0eb14c7800be6
accept-ranges: bytes
content-length: 11993
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10052-SJC, cache-hhn4073-HHN

GET
H2 200 people-checking-in-24273.jpg
leger.imgix.net/Destinations/People_D1230/General/ 8 KB
8 KB 32ms
7ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Destinations/People_D1230/General/people-checking-in-24273.jpg?w=140&h=140&auto=enhance&fit=crop&crop=edges&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

21267a6ba9df4cbd1176138cf66f9e5f53a0c0c1c7689875c8cb280e5d80c56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 Apr 2022 18:54:50 GMT
server: imgix
age: 1344862
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 7cfe100038b1b2830cdd2dc31ee63d3ab5886e5e
accept-ranges: bytes
content-length: 7759
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10025-SJC, cache-hhn4073-HHN

GET
H2 200 cinque-terre-14384.jpg
leger.imgix.net/Destinations/Italy_D5/CinqueTerre_P902/ 13 KB
13 KB 9ms
9ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Destinations/Italy_D5/CinqueTerre_P902/cinque-terre-14384.jpg?w=140&h=140&auto=enhance&fit=crop&crop=edges&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d97a54c35a0a53492693e7b9aa80c0ef4e0f31c7b227b308b1e3743cd1c9018a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 30 Apr 2022 03:28:19 GMT
server: imgix
age: 277252
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 268679f285545b9536feb32f6cd44f2354767587
accept-ranges: bytes
content-length: 13036
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10051-SJC, cache-hhn4073-HHN

GET
H2 200 senior-group-laughing-23693.jpg
leger.imgix.net/Destinations/People_D1230/General/ 12 KB
12 KB 13ms
13ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Destinations/People_D1230/General/senior-group-laughing-23693.jpg?w=140&h=140&auto=enhance&fit=crop&crop=focalpoint&q=72&flip=h

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

59842be9b8c6ad2b63480726cdb0300e46e907f6255a439855411872c67ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 07:03:22 GMT
server: imgix
age: 1733148
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 49c9c7c6b3096b5d55b000c4668f219070aae10c
accept-ranges: bytes
content-length: 11861
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10050-SJC, cache-hhn4073-HHN

GET
H2 200 abta.png
leger2.imgix.net/Includes/images/logos/confidence-strip/ 4 KB
4 KB 13ms
12ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/confidence-strip/abta.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9cf52d056b0eea8df1d439a92d4fd0c31af6bf7f2ebf1a421e9d8e13b66f8dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 09:16:49 GMT
server: imgix
age: 83542
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: bd063262dc8b9a4e8fe1c9c2415766526843e005
accept-ranges: bytes
content-length: 3854
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10052-SJC, cache-hhn4073-HHN

GET
H2 200 brochure-image-jan2022-28062.jpg
leger.imgix.net/Urlslider/Imageslider_R0/ 22 KB
23 KB 13ms
13ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Urlslider/Imageslider_R0/brochure-image-jan2022-28062.jpg?w=289&h=419&auto=compress,enhance,format&q=50&fit=crop&crop=focal

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8f297d764c3833e9a76615751204b521f06480be4246b6321de25c437f907dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
age: 87654
x-cache: MISS, HIT, HIT
x-imgix-id: c8969070e969fc86aa326088eadb60e1fbe51502
fastly-restarts: 1
x-served-by: cache-sjc10046-SJC, cache-sjc10076-SJC, cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Mon, 02 May 2022 08:08:18 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 22799
cross-origin-resource-policy: cross-origin

GET
H2 200 leger-holidays.png
leger2.imgix.net/Includes/images/logos/footer/ 3 KB
4 KB 13ms
12ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/footer/leger-holidays.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

02ce220ddaeb97a63f6f0c43ba8e7a96d6abf019716c69e26932f0cff0e85142

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 10:06:54 GMT
server: imgix
age: 80538
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: a9c426a42045468b173748a2fe6d02bbc3c65caa
accept-ranges: bytes
content-length: 3487
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10053-SJC, cache-hhn4073-HHN

GET
H2 200 atol.png
leger2.imgix.net/Includes/images/logos/confidence-strip/ 3 KB
3 KB 11ms
9ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/confidence-strip/atol.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

daaf94303e630d7620a0eebdfd9549baf79b9b409befdd86b6e75ac8fa1f6ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 10:35:03 GMT
server: imgix
age: 165248
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: ae1d0e719818bdad56b023f06e35d24fe77608d8
accept-ranges: bytes
content-length: 2931
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-hhn4073-HHN

GET
H2 200 feefo.png
leger2.imgix.net/Includes/images/logos/footer/ 2 KB
2 KB 10ms
8ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/footer/feefo.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c11af5c813389c85cadbbd29a0cddf9cb0af97980646c055813c533f9f372d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 11:28:48 GMT
server: imgix
age: 162024
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: a8b491255c6845f8b638aa42ddb61fd8e3d70976
accept-ranges: bytes
content-length: 2023
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10077-SJC, cache-hhn4073-HHN

GET
H2 200 the-british-travel-awards.png
leger2.imgix.net/Includes/images/logos/confidence-strip/ 4 KB
4 KB 10ms
8ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/confidence-strip/the-british-travel-awards.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

65723dda498817ca0cdc80f86bba0548aa32651574c172e982cfbce2cfc60e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 08:38:00 GMT
server: imgix
age: 172271
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: f0e6bd69a5f67681ad63671f0f76bf883a1bf046
accept-ranges: bytes
content-length: 4133
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10054-SJC, cache-hhn4073-HHN

GET
H2 200 cyber-essentials.png
leger2.imgix.net/Includes/images/logos/footer/ 2 KB
2 KB 8ms
7ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/logos/footer/cyber-essentials.png?auto=compress,format&q=72

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a0ff51fee329802506a2b8a7205382b6d1b86dfbb214adb891a5db48f5600580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 09:06:12 GMT
server: imgix
age: 170579
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 61c6844ae96710baa1c85f4cd609e07baac20abd
accept-ranges: bytes
content-length: 1626
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10031-SJC, cache-hhn4073-HHN

GET
H/1.1 200
OK facebook-logo.png
www.leger.co.uk/Includes/images/social/ 3 KB
4 KB 23ms
21ms Image
image/png 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/social/facebook-logo.png
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cdddd360c4bfa76e54eac8053db03049efbdb01b3bfe50ef8f2247c156929ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Last-Modified: Fri, 01 Apr 2022 12:18:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "6ef27c87c245d81:0"
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 3293

GET
H/1.1 200
OK twitter-logo.png
www.leger.co.uk/Includes/images/social/ 3 KB
3 KB 24ms
22ms Image
image/png 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/social/twitter-logo.png
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11f96975ae8bff08811ea7ae846b813002125de3da98a45595a586c3fb9da68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Last-Modified: Fri, 01 Apr 2022 12:18:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "888dd587c245d81:0"
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 2730

GET
H/1.1 200
OK youtube-logo.png
www.leger.co.uk/Includes/images/social/ 2 KB
2 KB 37ms
20ms Image
image/png 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/social/youtube-logo.png
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af3461f1efd55debddeac319c082cb89744175e36c8e302d07ea9c210625ddc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Last-Modified: Fri, 01 Apr 2022 12:18:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "ecc6d687c245d81:0"
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 1737

GET
H/1.1 200
OK instagram-logo.png
www.leger.co.uk/Includes/images/social/ 5 KB
5 KB 38ms
21ms Image
image/png 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.leger.co.uk/Includes/images/social/instagram-logo.png
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99e08664d390e882a12505d0a4c28b1d72a553693e86cf5cbc79934ba66ffbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Last-Modified: Fri, 01 Apr 2022 12:18:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a7b8087c245d81:0"
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 4800

GET
H2 200 skyscraper-covid-insurancev2.jpg
leger2.imgix.net/Includes/images/skyscrapers/ 36 KB
37 KB 11ms
10ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/skyscrapers/skyscraper-covid-insurancev2.jpg?q=90&auto=compress

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

71bcb7f98c221b9878209b3f248fc76c80835f0b56246560261d2521b6e501ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 08:46:34 GMT
server: imgix
age: 171758
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: f4d3e910ec6c843ecea336901274f1731e476617
accept-ranges: bytes
content-length: 37251
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10052-SJC, cache-hhn4073-HHN

GET
H/1.1 200
OK script-countdown.js Show response
www.leger.co.uk/Scripts/ 3 KB
970 B 21ms
20ms Script
application/javascript 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/Scripts/script-countdown.js?v=22-04-2022
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7d189041e53ccf894646f6febdd42036bee534371d42f84320bec962c1046c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
ETag: "0a1ae82c56d81:0"
Last-Modified: Fri, 22 Apr 2022 09:39:48 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 473

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 3 KB
2 KB 71ms
32ms Script
application/javascript 2606:4700::6810:252f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 21:09:45 GMT
server: cloudflare
age: 288
etag: W/"62704899-da4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7057a0a62cf40221-ZRH
expires: Tue, 03 May 2022 12:29:12 GMT

GET
H/1.1 200
OK js Show response
www.leger.co.uk/bundles/includes/layout/ 1 MB
396 KB 27ms
27ms Script
text/javascript 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bf609322545a4d518d15c7425e7cc8de445789e29d04ae477e6c1d41ecf352e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 May 2022 08:29:11 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Wed, 03 May 2023 08:29:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
56 KB 45ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1039379041

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6de0b4496340304feebde4bdb2c0406001223f8d313faae986dd4279d3885cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56803
x-xss-protection: 0
last-modified: Tue, 03 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 May 2022 08:29:12 GMT

GET
H2 200 instantsearch.min.css
cdn.jsdelivr.net/instantsearch.js/1/ 13 KB
6 KB 75ms
40ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/instantsearch.js/1/instantsearch.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a2922a2bea318fe39af61440b389e7758a4ba4b132988e3ba27d5b4f9a37a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9983
x-jsd-version: 1.12.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"32ed-JsPjj5/YeW9zYapXvdTvGznjVlM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lAayLdKVC3JVWXqELc9d%2F59FnAsQck1yOoQN2pgXlsfKW7GiiLBlUSZdInRWPivrSRPZkjHE%2FJRwNrYPChLCquiI6Gdrd%2BKAjHOWcNR5c%2BgujYUVVkm867mZroseql4cEdY8rqR99i05ki8cKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7057a0a63b8d23f7-ZRH

GET
H2 200 instantsearch.min.js Show response
cdn.jsdelivr.net/instantsearch.js/1/ 470 KB
122 KB 41ms
41ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/instantsearch.js/1/instantsearch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e6aa0983471e8e4796c3bcd2fa728cee6ae36b1794e99705311756df013cfac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24856
x-jsd-version: 1.12.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"7581e-fbLOlWAiUWKyrDKqyDyvut/otGc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaBRLsbrmFoniORViwlTZbdJPVFTd0mXauusGrzsCRl9kLrlU7oLglsnpUK7fqa4Xvi0LdJ0tgP00icTjgaD%2B65OtfUlVpyUTBCXYMbtD61iT%2BzVeTauOrzNTsYmKWwXFqS3S58mWQcZ5%2BOpr0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7057a0a65baa23f7-ZRH

GET
H/1.1 200
OK js Show response
www.leger.co.uk/bundles/Scripts/App/Footer/AfterJsRenderSection/ 2 KB
2 KB 28ms
22ms Script
text/javascript 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/bundles/Scripts/App/Footer/AfterJsRenderSection/js?v=rbGV9mynQBqs5eIFsbOkWojXo-8K-yVtEQ6gRCTt3AQ1
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0d1fb528b257981c5aa7bb529368340a6f34d0eddcbd3cfb4d712ae591bd4674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 May 2022 08:29:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 1099
Expires: Wed, 03 May 2023 08:29:12 GMT

GET
H2 200 cd3j3y96.js Show response
d81mfvml8p5ml.cloudfront.net/ 13 KB
5 KB 55ms
15ms Script
application/javascript 2600:9000:206f:da00:2:36a1:2f40:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d81mfvml8p5ml.cloudfront.net/cd3j3y96.js
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:da00:2:36a1:2f40:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d310c6930db18091f88847f0207c03f1e1f0e68d2864e758dfe251b0f06c1190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
last-modified: Wed, 04 Aug 2021 11:35:46 GMT
server: AmazonS3
age: 167
etag: W/"8e37ccc5f8b4ca7646c6e7bd2ce805ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wdjLki2mCXqhiRLVJJI4XBojkclvDSseBNQ5cdIn9va3xg79LKwy5g==

GET
H2 200 widgetsrc.php Show response
app.responseiq.com/ 27 KB
6 KB 164ms
121ms Script
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/widgetsrc.php?widget=17KS6KF4C3EAWPZY92&widgetrnd=Math.random();

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87195c5f81592b739ac9e4deb08b8961fedb4423f344bc8c40f541882241584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0a64d320229-ZRH
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 20:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:06:24 GMT

POST
H/1.1 200
OK getsourcephonenumber Show response
phone.legerbookings.co.uk/api/sourcecampaign/ 72 B
489 B 25ms
25ms XHR
application/json 5.79.35.180
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://phone.legerbookings.co.uk/api/sourcecampaign/getsourcephonenumber
Requested by: Host: phone.legerbookings.co.uk
URL: https://phone.legerbookings.co.uk/sourcecampaign.es5.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.79.35.180 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: abf64a760b7555505c5c39ff77587640dc134f4cfd0c9e9ec26da21d83d185ae

Request headers

Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.leger.co.uk
Date: Tue, 03 May 2022 08:29:11 GMT
Vary: Origin
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

OPTIONS
H/1.1 204
No Content getsourcephonenumber
phone.legerbookings.co.uk/api/sourcecampaign/ Frame 0
0 61ms
20ms Preflight 5.79.35.180
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://phone.legerbookings.co.uk/api/sourcecampaign/getsourcephonenumber
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.79.35.180 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.leger.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.leger.co.uk
Date: Tue, 03 May 2022 08:29:11 GMT
Server: Microsoft-IIS/10.0
Vary: Origin
X-Powered-By: ASP.NET

GET
H2 200 hawaii-23294.jpg
leger.imgix.net/Destinations/Usa_D134/Hawaii_P4467/ 194 KB
195 KB 9ms
9ms Image
image/avif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger.imgix.net/Destinations/Usa_D134/Hawaii_P4467/hawaii-23294.jpg?auto=compress%2Cenhance%2Cformat&h=1080&w=1920&q=30&fit=crop

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9b902759586d9adacb9ab2893de0c999aa477b0dd5f9ce608034def2bee3b23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 26 Apr 2022 07:30:22 GMT
server: imgix
age: 608329
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: f76f79742c98462dd0810b6e5d7dfa5cb4fb7075
accept-ranges: bytes
content-length: 198934
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10027-SJC, cache-hhn4073-HHN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 603
date: Tue, 03 May 2022 08:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 03 May 2022 10:19:09 GMT

GET
H2 200 api.min.js Show response
a.optnmstr.com/app/js/ 193 KB
54 KB 72ms
15ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optnmstr.com/app/js/api.min.js
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
cdn-edgestorageid: 549
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 04/12/2022 15:55:52
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 15:54:22 GMT
cdn-proxyver: 1.02
cdn-fileserver: 305
etag: W/"6255a0ae-3027e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: f80971008f1a77bd65880c6464fd132d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adalyser.js Show response
c5.adalyser.com/ 35 KB
12 KB 127ms
52ms Script
application/javascript 52.213.150.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c5.adalyser.com/adalyser.js?cid=leger
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.150.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-150-210.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 4a9b6603ef41adb1bea50a3b32b75d3cb2b3b836e78bcbdbcb2b71ac41b882a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
x-powered-by: Express
etag: "ce310b40ba31e4d4c1230269268cf316846b76fd"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: public, max-age=21600
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: origin, content-type, accept
content-length: 12183

GET
H2 200 code.js Show response
td.yieldify.com/yieldify/ 0
0 44ms
7ms Script
application/json 151.101.192.233
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://td.yieldify.com/yieldify/code.js?w_uuid=0a015fe5-6f09-4064-95dc-e82499e46a6f&k=1&loca=https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.233 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 53ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 33BCE83A148D46439B4FC04A45019BEC Ref B: FRAEDGE1308 Ref C: 2022-05-03T08:29:12Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 03 May 2022 08:29:11 GMT
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK css
www.leger.co.uk/bundles/other/ 181 KB
41 KB 26ms
26ms Stylesheet
text/css 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae9b73c375c9e702af012b37a92de7e50a64caf010004ccdc3b92126ee8a3e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 May 2022 08:29:12 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 41083
Expires: Wed, 03 May 2023 08:29:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700,900%7CRoboto+Condensed:400,700%7CLobster

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2c15b80ccf92bc26f86403b3dfcf5c34ebfad15320c3c2602efaea5b68acc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:06:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 08:29:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 08:29:12 GMT

GET
H2 200 default_new.css.gz
static.responseiq.com/1650957891/css/ 11 KB
3 KB 36ms
8ms Stylesheet
text/css 35.190.84.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.responseiq.com/1650957891/css/default_new.css.gz
Requested by: Host: app.responseiq.com
URL: https://app.responseiq.com/widgetsrc.php?widget=17KS6KF4C3EAWPZY92&widgetrnd=Math.random();
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.84.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.84.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8b24300be2067844038bbc7d0b128fc0625a6c8a62e99daa4b4d264757a5c5a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 07:30:06 GMT
content-encoding: gzip
age: 608346
x-guploader-uploadid: ADPycdvIHjGcnRaFDu6UH2ND5RakRUz78cq4jD38YmwaUxIWJcoG13h21m_EW_c-hKwtZuL33s5y839FqVj6oQNdUs5Mkw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2776
last-modified: Tue, 26 Apr 2022 07:25:43 GMT
server: UploadServer
etag: "c3bf5000c809076995875bfe8e02292a"
x-goog-hash: crc32c=SAV8PA==, md5=w79QAMgJB2mVh1v+jgIpKg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957943715352
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 2776
accept-ranges: bytes
content-type: text/css
expires: Wed, 26 Apr 2023 07:30:06 GMT

GET
H2 200 riq_widget_fonts.min.css.gz
static.responseiq.com/1650957891/css/ 2 KB
897 B 36ms
9ms Stylesheet
text/css 35.190.84.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.responseiq.com/1650957891/css/riq_widget_fonts.min.css.gz
Requested by: Host: app.responseiq.com
URL: https://app.responseiq.com/widgetsrc.php?widget=17KS6KF4C3EAWPZY92&widgetrnd=Math.random();
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.84.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.84.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dfd43ffe16e73f8abf4d46c77f994b0ed16d4d11cd64b933cf97994149d90151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 07:30:06 GMT
content-encoding: gzip
age: 608346
x-guploader-uploadid: ADPycduvp0y3aosW4UfVtlWNbs3Rc3cIXsqkKTP0BQbUSKKxz9qvKbWVdxlYqtTj5sz3LI47MkzqqtozaPPJDvcl63Laig
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 646
last-modified: Tue, 26 Apr 2022 07:25:48 GMT
server: UploadServer
etag: "8277785202a7ccfd28b3c02c0803a28f"
x-goog-hash: crc32c=Mf4d3A==, md5=gnd4UgKnzP0os8AsCAOijw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957948112796
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 646
accept-ranges: bytes
content-type: text/css
expires: Wed, 26 Apr 2023 07:30:06 GMT

GET
H2 200 widgets.min.mjs Show response
static.responseiq.com/1650957891/js/ 240 KB
57 KB 37ms
10ms Script
application/javascript 35.190.84.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.responseiq.com/1650957891/js/widgets.min.mjs
Requested by: Host: app.responseiq.com
URL: https://app.responseiq.com/widgetsrc.php?widget=17KS6KF4C3EAWPZY92&widgetrnd=Math.random();
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.84.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.84.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: af5b33072be50567d82257c41f7f344706276753ccfe4f48f670c918fddf1e62

Request headers

Referer: https://www.leger.co.uk/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 07:29:55 GMT
content-encoding: gzip
age: 608357
x-guploader-uploadid: ADPycdvp9KI4d1A1Wr4y0IxtypnGB9JVg4WCqS4zJv3IB3Fi7ouWr_DEt0ZFQUXCxACrbbLGBg7QG6-xX2fauUFCX1p19ip1JfoV
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57316
last-modified: Tue, 26 Apr 2022 07:25:52 GMT
server: UploadServer
etag: "943d8407344c8a3f568276c3b728b8af"
x-goog-hash: crc32c=CoOZBQ==, md5=lD2EBzRMij9WgnbDtyi4rw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957952142992
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 57316
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Apr 2023 07:29:55 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 46ms
24ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1039379041

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 May 2022 08:29:12 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.leger.co.uk/content/css/fonts/ 96 KB
96 KB 22ms
21ms Font
font/x-woff 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/content/css/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:12 GMT
Last-Modified: Fri, 01 Apr 2022 12:17:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "e3d6c37bc245d81:0"
Content-Type: font/x-woff
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 98024

GET
H/1.1 200
OK glyphicons-regular.woff
www.leger.co.uk/includes/fonts/ 86 KB
87 KB 22ms
21ms Font
font/x-woff 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/includes/fonts/glyphicons-regular.woff
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 339b8b952c090bb6410ece848862dbd3d7fe8df8315a329b4ccfb513dccb8e34

Request headers

Referer: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:12 GMT
Last-Modified: Fri, 01 Apr 2022 12:17:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "dd57147cc245d81:0"
Content-Type: font/x-woff
Cache-Control: max-age=172800
Accept-Ranges: bytes
Content-Length: 88360

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900%7CRoboto+Condensed:400,700%7CLobster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 566963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 18:59:49 GMT

GET
H2 200 close.png
leger2.imgix.net/Includes/images/ 280 B
415 B 8ms
7ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/close.png

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Apr 2022 12:17:42 GMT
server: imgix
age: 165480
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 410b7e83388d71b1b7b4cd37e3b3e73cc1743b46
accept-ranges: bytes
content-length: 280
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10080-SJC, cache-hhn4073-HHN

GET
H2 200 prev.png
leger2.imgix.net/Includes/images/ 1 KB
1 KB 8ms
7ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/prev.png

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Apr 2022 12:18:00 GMT
server: imgix
age: 80477
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: f1171420393cd4df377e23ebebbb6d273a974da6
accept-ranges: bytes
content-length: 1360
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10074-SJC, cache-hhn4073-HHN

GET
H2 200 next.png
leger2.imgix.net/Includes/images/ 1 KB
1 KB 8ms
8ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/next.png

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Apr 2022 12:17:56 GMT
server: imgix
age: 168345
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 122b4327d99885b261ddc6bea52d0c3b7fad732d
accept-ranges: bytes
content-length: 1350
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10045-SJC, cache-hhn4073-HHN

GET
H2 200 loading.gif
leger2.imgix.net/Includes/images/ 8 KB
8 KB 8ms
7ms Image
image/gif 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/loading.gif

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/other/css?v=P9YYnmOhID1c00Ff5gkx9x9svogIqQI_AcjJTlacSq81

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Apr 2022 12:17:56 GMT
server: imgix
age: 78106
x-cache: HIT, HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 6d87534d2adeb44e63386a77d2455ab9cccf7b36
accept-ranges: bytes
content-length: 8476
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10083-SJC, cache-hhn4073-HHN

GET
H/1.1 200
OK SliderNavTourSearch Show response
www.leger.co.uk/ 3 KB
963 B 35ms
35ms XHR
application/json 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/SliderNavTourSearch
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 348c89fe00759507db3d852c7b751c91268dda95dd37b2862350acbe90466002

Request headers

Accept: */*
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:12 GMT
Content-Encoding: deflate
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 522

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900%7CRoboto+Condensed:400,700%7CLobster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 562877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 20:07:55 GMT

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v28/ 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900%7CRoboto+Condensed:400,700%7CLobster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:56:25 GMT
x-content-type-options: nosniff
age: 570767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 17:56:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900%7CRoboto+Condensed:400,700%7CLobster

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 12:42:18 GMT
x-content-type-options: nosniff
age: 244014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 30 Apr 2023 12:42:18 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
dn1i8v75r669j.cloudfront.net/v/ 67 B
344 B 37ms
7ms Script
application/json 2600:9000:206f:e000:7:5031:dc0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dn1i8v75r669j.cloudfront.net/v/?w=cd3j3y96
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/cd3j3y96.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e000:7:5031:dc0:21 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: f35141da3536de7c88048485660c06d4aa9837683ca641ee3b96c35512d70896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:26:31 GMT
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
age: 161
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 4pLYmSKjq4drXMecblmSO9_4J9tSBlcY36AvSG48Anhk_KTqLKKPPQ==

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 96 KB
37 KB 31ms
17ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PR623BP&cid=1074189473.1651566553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8b2034213670a556d55ec3c5c79de158e1db272a239062a47d34f8257203713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38014
x-xss-protection: 0
expires: Tue, 03 May 2022 08:29:12 GMT

GET
H2 200 5668429.js Show response
bat.bing.com/p/action/ 1 KB
1 KB 345ms
345ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5668429.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7997f6d733aa90967501449e93dc417dd49b3ee00f42cc95a76adf12bc536877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AAC0A279E4C46D2B0FE07F0DC01B12B Ref B: FRAEDGE1308 Ref C: 2022-05-03T08:29:12Z
date: Tue, 03 May 2022 08:29:12 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 873

GET
H2 204 0
bat.bing.com/action/ 0
175 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5668429&Ver=2&mid=cbcd5376-1be3-4d13-a5be-78d9800a0232&sid=1c777e70cabb11ec9783d320dfc41a5b&vid=1c77a5a0cabb11ec95476fd01df74e61&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=AllExperiences%20%7C%20Leger%20Holidays&p=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&r=&lt=1143&evt=pageLoad&msclkid=N&sv=1&rn=497426

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 85642A7AB36D4EF0AE655E92FFF29AEB Ref B: FRAEDGE1308 Ref C: 2022-05-03T08:29:12Z
date: Tue, 03 May 2022 08:29:11 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
c5.adalyser.com/tracking/track/v3/ 43 B
341 B 30ms
30ms Image
image/gif 52.213.150.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c5.adalyser.com/tracking/track/v3/p?stm=1651566552706&e=lce1&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&cid=leger&p=%7B%22et%22%3A1651566552703%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Email%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22emailCampaign%22%2C%22me%22%3A%22email%22%2C%22ca%22%3A%22NEW%20-%20Europe%20Welcome%203%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A2%2C%22sid%22%3A%2278003ed0-fa0f-44bb-ac0c-8746aa301151%22%2C%22duid%22%3A%22a3a99819-5476-4e59-8f56-1ec9434357ac%22%2C%22cw%22%3A1651566552703%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&domain=www.leger.co.uk
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.150.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-150-210.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
x-powered-by: Express
etag: W/"2b-B//0C13UlayirE4cP7xgqg"
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: origin, content-type, accept
content-length: 43
expires: 0

GET
H3 200 vendor.de521b7c.js Show response
static.responseiq.com/1650957891/js/ 72 KB
22 KB 24ms
9ms Script
application/javascript 35.190.84.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.84.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.84.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5cdeb5252092d3a4fa2d5fb5f78e215e8166429464ed81c98a4fb9fe331ea665

Request headers

Referer: https://static.responseiq.com/1650957891/js/widgets.min.mjs
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 07:29:55 GMT
content-encoding: gzip
age: 608357
x-guploader-uploadid: ADPycds8CcBTjlg_9aj_3T633lylnbVJhJ41g0jCAG5qRW84inVbTqOLFfhOJZ4XxvQ-q129ot4Jj7YtJJR3hAQTaSomNz0VeQHD
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22489
last-modified: Tue, 26 Apr 2022 07:25:51 GMT
server: UploadServer
etag: "cc79932994092464025b38f3a45c9877"
x-goog-hash: crc32c=TZiIEQ==, md5=zHmTKZQJJGQCWzjzpFyYdw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957951959364
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 22489
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Apr 2023 07:29:55 GMT

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 61ms
13ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.optnmstr.com
URL: https://a.optnmstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: br
cdn-edgestorageid: 459
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 04/12/2022 15:55:52
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 15:54:22 GMT
cdn-proxyver: 1.02
cdn-fileserver: 340
etag: W/"6255a0ae-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 2ec0f155723b8bd1f4e9cc302e031417
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 35608 Show response
api.omappapi.com/v2/embed/ 227 B
823 B 120ms
96ms XHR
application/json 99.86.4.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/35608?d=leger.co.uk
Requested by: Host: a.optnmstr.com
URL: https://a.optnmstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-69.fra6.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA6-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 26770
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: YNXcXSqeOdeLjNJp6ZGjL_SnrS0_q45jOvAAPQUotJRNq_7H92peng==
expires: Tue, 03 May 2022 08:25:00 GMT

GET
H/1.1 200
OK GetTourTypes Show response
www.leger.co.uk/SliderNavTourSearch/ 2 KB
895 B 26ms
26ms XHR
application/json 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/SliderNavTourSearch/GetTourTypes?id=-3
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e95588cc70dff5a833b7a6644d2d48331c1fc28d78b4e1601fa1e9c470cbe90b

Request headers

Accept: */*
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:12 GMT
Content-Encoding: deflate
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 454

GET
H/1.1 200
OK GetYearMonthCollection Show response
www.leger.co.uk/SliderNavTourSearch/ 126 B
511 B 41ms
41ms XHR
application/json 134.213.141.135
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://www.leger.co.uk/SliderNavTourSearch/GetYearMonthCollection?id=-3&tourTypeId=-1
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.141.135 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7275ab0dc049326fda0d120dcc0f15dce0460127a11baa1f93097cc725f7712c

Request headers

Accept: */*
Referer: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 03 May 2022 08:29:12 GMT
Content-Encoding: deflate
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 71

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1039379041/ 3 KB
2 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1039379041/?random=1651566552757&cv=9&fst=1651566552757&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&tiba=AllExperiences%20%7C%20Leger%20Holidays&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0eff31e7443445ce5dd0fd4d9e146f5a757311ba7efba65d8f7b852b36690228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cd3j3y96_content_config_1628076946277.js Show response
dkpklk99llpj0.cloudfront.net/ 3 KB
1000 B 46ms
7ms Script
application/javascript 2600:9000:206f:2e00:e:98bf:5f00:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/cd3j3y96_content_config_1628076946277.js
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/cd3j3y96.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:e:98bf:5f00:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05d26fb052eb9b7b5f09ad640321d184fa0cad5b8a0eb6f977dca19d112487d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 09:49:49 GMT
content-encoding: br
last-modified: Wed, 04 Aug 2021 11:35:48 GMT
server: AmazonS3
age: 22545564
etag: W/"ef8cd6fdbdb2754fcd89caa517c906c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: MwBQC7kiMQD1NaIkolY7iRftARTfzm6JqEyQpBJk_mWSWnd5QPnzDA==

GET
H2 200 cd3j3y96_1611318595147.js Show response
dkpklk99llpj0.cloudfront.net/ 50 KB
16 KB 46ms
8ms Script
application/javascript 2600:9000:206f:2e00:e:98bf:5f00:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/cd3j3y96_1611318595147.js
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/cd3j3y96.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:e:98bf:5f00:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a11d8a17e1a01dd497076fb96c7193c559e13b96e72f2d82482870e039cc2b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:09:18 GMT
content-encoding: br
last-modified: Fri, 22 Jan 2021 12:30:09 GMT
server: AmazonS3
age: 20909995
etag: W/"26c7e406153c6730908d278b3bd02631"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6b38a2e1db230db568190464ab7177da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: eBzbQ653qxFC9YGpjoDpiGqv4-o7_Dzfktrx5b5S1ON0WkPS3gGP0Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1379166-4&cid=1074189473.1651566553&jid=1713516784&gjid=613712047&_gid=1166554537.1651566553&_u=KGBAiEADRAAAAE~&z=1393598755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 May 2022 08:29:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.leger.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=731388508&t=pageview&_s=1&dl=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&ul=en-us&de=UTF-8&dt=AllExperiences%20%7C%20Leger%20Holidays&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAiEADR~&jid=1713516784&gjid=613712047&cid=1074189473.1651566553&tid=UA-1379166-4&_gid=1166554537.1651566553&z=2109641017

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 16:01:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59242
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Titillium-Regular.woff.gz
storage.googleapis.com/static.responseiq.com/1650957891/fonts/ 34 KB
34 KB 31ms
7ms Font
application/font-woff 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/static.responseiq.com/1650957891/fonts/Titillium-Regular.woff.gz
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/css/riq_widget_fonts.min.css.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3816e94cbff9f9a4b7122b135118799391e2d52a32c82503115d908bb263f597

Request headers

Referer: https://static.responseiq.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:09:45 GMT
content-encoding: gzip
age: 1167
x-guploader-uploadid: ADPycdvi6k4N43SC8cOWNANZLbMpOlOcgbf4lcTgL1A8HmUDt0i_0KpQGdUgDmhvFMDKGuWcDSCrKL3iJNNsLc9Ftqhjtw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34127
last-modified: Tue, 26 Apr 2022 07:25:50 GMT
server: UploadServer
etag: "a702040c8ab7c76d83509d3029bcb18b"
x-goog-hash: crc32c=AFwQ8w==, md5=pwIEDIq3x22DUJ0wKbyxiw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957950865914
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 34127
accept-ranges: bytes
content-type: application/font-woff
expires: Wed, 03 May 2023 08:09:45 GMT

GET
H2 200 Titillium-Thin.woff.gz
storage.googleapis.com/static.responseiq.com/1650957891/fonts/ 31 KB
31 KB 36ms
13ms Font
application/font-woff 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/static.responseiq.com/1650957891/fonts/Titillium-Thin.woff.gz
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/css/riq_widget_fonts.min.css.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5909c60bc5361d746e7f244a9af3bd06b090ce926f4622c2cc388f1919032b67

Request headers

Referer: https://static.responseiq.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:09:45 GMT
content-encoding: gzip
age: 1167
x-guploader-uploadid: ADPycduuYAagRpPqn9ENTlk6cGFWlbEY4ZHPXVfmDg97gmvAdpJ5HuUa85o4OfN9shm0xYMmfBrbxR-QUJxtLV05eFcm0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31546
last-modified: Tue, 26 Apr 2022 07:25:51 GMT
server: UploadServer
etag: "4f76184dfda3c8f64e24aa506d40bf3e"
x-goog-hash: crc32c=R+gT8Q==, md5=T3YYTf2jyPZOJKpQbUC/Pg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1650957951046129
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-transform, max-age=31536000
x-goog-stored-content-length: 31546
accept-ranges: bytes
content-type: application/font-woff
expires: Wed, 03 May 2023 08:09:45 GMT

GET
H2 200 widget_timezone.php Show response
app.responseiq.com/ 5 B
526 B 70ms
43ms XHR
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/widget_timezone.php?timezone=&cachebust=1651566552802

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 May 2022 08:29:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0ab38ec23c7-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH

GET
H2 200 keywordbasedsettings Show response
app.responseiq.com/keywordwidgets/ 0
44 B 142ms
141ms Script
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/keywordwidgets/keywordbasedsettings?widget=17KS6KF4C3EAWPZY92&onlineagents=1&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&cachebust=1651566552805&session_id=1651566552780&callback=__jp0

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 May 2022 08:29:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0ab1cec0229-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH

GET
H2 200 revisit_user Show response
app.responseiq.com/keywordwidgets/ 0
201 B 140ms
140ms Script
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/keywordwidgets/revisit_user?widget=17KS6KF4C3EAWPZY92&ipaddress=8c2e24a24f43175435262f4fec6d9243&currentvisiturl=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&cachebust=1651566552806&session_id=1651566552780&callback=__jp1

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 03 May 2022 08:29:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0ab1cf00229-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH

GET
H2 200 savevisiters_querystring Show response
app.responseiq.com/asteriskcallwidgets/ 848 B
301 B 180ms
179ms Script
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/asteriskcallwidgets/savevisiters_querystring?visitor_id=73769490219339&googleanalatics=1074189473.1651566553&current_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&referrerurl=&visitor_current_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&widget=17KS6KF4C3EAWPZY92&session_id=1651566552780&callback=__jp2

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e57eec3cdcf9e8dc838a6efd5fb0997e1949536d6d81c6e1f4f8d30a31fa86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0ab3d1a0229-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH
x-content-type-options: nosniff

GET
H2 200 /
www.google.com/pagead/1p-user-list/1039379041/ 42 B
548 B 44ms
21ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1039379041/?random=1651566552757&cv=9&fst=1651564800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&tiba=AllExperiences%20%7C%20Leger%20Holidays&async=1&fmt=3&is_vtc=1&random=3379486828&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1039379041/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1039379041/?random=1651566552757&cv=9&fst=1651564800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&tiba=AllExperiences%20%7C%20Leger%20Holidays&async=1&fmt=3&is_vtc=1&random=3379486828&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
31ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1379166-4&cid=1074189473.1651566553&jid=1713516784&_u=KGBAiEADRAAAAE~&z=1387046218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 53ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1379166-4&cid=1074189473.1651566553&jid=1713516784&_u=KGBAiEADRAAAAE~&z=1387046218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c2.dycdn.net/cd3j3y96/s/abandonment-email-returners/ 7 KB
2 KB 135ms
112ms XHR
application/json 2600:9000:224a:6800:16:f02f:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.dycdn.net/cd3j3y96/s/abandonment-email-returners/?k=g03yoxn&format=full&d=jx7knw3020&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&sbr=leger&curr=GBP
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6800:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3e1b8867a6bddf34881e09c0e93e32e4c510f9d6f7a50584f352fa5bb16d351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-encoding: br
x-amz-cf-id: AUp59ZUOQKTewTw3CQ4yQY50TreXsa2T8nF7fAhAbZy-IW6H-DLwlA==

GET
H2 200 / Show response
c2.dycdn.net/cd3j3y96/s/newsletter-email-returners/ 0
311 B 70ms
47ms XHR
text/html 2600:9000:224a:6800:16:f02f:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.dycdn.net/cd3j3y96/s/newsletter-email-returners/?k=g03yoxn&format=full&d=jx7knw3020&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&sbr=leger&curr=GBP
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6800:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
x-amz-cf-id: kev0rQeXkNw4p7r0q5T0l-fRzYE6Z8LK5VTejVK59q3z1oS-huio1g==

GET
H2 200 / Show response
c2.dycdn.net/cd3j3y96/s/bounce-rate-reduction/ 112 B
442 B 122ms
100ms XHR
application/json 2600:9000:224a:6800:16:f02f:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.dycdn.net/cd3j3y96/s/bounce-rate-reduction/?k=g03yoxn&format=full&d=jx7knw3020&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&sbr=leger&curr=GBP
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6800:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a7998bc1c7a6abf6a909a4fc45a321f77621d6849ba89bf6ae499e35b2f6682e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:12 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 112
x-amz-cf-id: J9Vtv65YonD7gMmUzZaio5R7RG7_2YVHeigjqCHWTtVV3zcYw6YXnQ==

GET
H2 200 / Show response
c2.dycdn.net/cd3j3y96/s/lead-gen/ 12 KB
3 KB 1710ms
1690ms XHR
application/json 2600:9000:224a:6800:16:f02f:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.dycdn.net/cd3j3y96/s/lead-gen/?k=g03yoxn&format=full&d=jx7knw3020&url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&sbr=leger&curr=GBP
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6800:16:f02f:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 873fda54c250eb4c96155d983a55a3171fb8954d7d75c68c8b7fec13dd8867c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:14 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-encoding: br
x-amz-cf-id: 5IVZMZHkblBLF3TOeM-s6vbvrNt0HxArs8Hq1uTtmY1v1RBy2AoOjA==

GET
H2 200 get Show response
am.freshrelevance.com/ 1 B
97 B 128ms
31ms XHR
text/plain 52.213.112.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22jx7knw3020%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36%22%2C%22w%22%3A%22cd3j3y96%22%7D%7D
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.112.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-112-161.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 03 May 2022 08:29:13 GMT
content-type: text/plain; charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ 4 KB
634 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:04:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 08:29:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 08:29:13 GMT

GET
H2 200 ouibounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.11/ 2 KB
1 KB 84ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.11/ouibounce.min.js?_=1651566552149

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5a698a2585cb484821302547d8f66b1cd0441303985ef4e847aa431f2168cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2300638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 652
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-63a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24%2BhiNkunhjhVC2WcXddox%2F3WnpcUFI9FK7uG89XTrGmSpDkJWveZhvGoFN7mgwyorm6LqEZ%2BmwMOeePlEejADvD%2BUBYi%2BG%2FtoINLGV4kVb2kq3KXDkwU3bN8VU%2Fa6IVF%2FGsoBYiC7AznfVmUw1cLy%2Bl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7057a0ac9c1d23df-ZRH
expires: Sun, 23 Apr 2023 08:29:13 GMT

GET
H2 200 event
api.responseiq.com/api/v1/ 574 B
631 B 206ms
195ms Image
image/jpeg 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.responseiq.com/api/v1/event?event_type=create_visitor&widget_code=17KS6KF4C3EAWPZY92&valid_till=2022-05-03T08%3A29%3A12.781Z&created_on=2022-05-03T08%3A29%3A12.781Z&event_date=2022-05-03T08%3A29%3A12.781Z&event_time=2022-05-03T08%3A29%3A12.781Z&event_source=&visitor_time=2022-05-03T08%3A29%3A12.781Z&in_time=2022-05-03T08%3A29%3A12.781Z&out_time=2022-05-03T08%3A29%3A12.781Z&visitor_timezone=Etc%2FUnknown&visitor_timezone_offset=0&session_id=1651566552780&session=1651566552780&session_count=undefined&visitor_id=73769490219339&company_id=3793&master_company_id=3793&domain_name=www.leger.co.uk&http_scheme=https&referrer_url=&content=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_keyword=&utm_source=newsletter&utm_medium=email&utm_campaign=WelcomeEmail3&utm_content=&google_ads_gclid=&ad_position=&match_type=&ga_client_id=&screen_resolution=1600x1200&visitor_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_title=AllExperiences%20%7C%20Leger%20Holidays&widget_page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences&latitude=0&longitude=0&attribution64=eyJmaXJzdF9jbGljayI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJsYXN0X2NsaWNrIjoiZW1haWxDYW1wYWlnbiAtIGVtYWlsIC0gTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyAtICIsInV0bV93ZWlnaHRlZCI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJ1dG1fcHJpb3JpdHkiOiIxIiwiZmlyc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sImxhc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sInV0bV93ZWlnaHRlZF9hdHRyaWJ1dGVzIjp7InNvdXJjZSI6ImVtYWlsQ2FtcGFpZ24iLCJtZWRpdW0iOiJlbWFpbCIsImNoYW5uZWwiOiJFbWFpbCIsImNhbXBhaWduIjoiTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyIsImtleXdvcmQiOiIiLCJ0ZXJtIjoiIiwiY29udGVudCI6IiIsInJlZmVycmVyIjoiIiwiZmJjbGlkIjoiIiwiZ2NsaWQiOiIifX0%3D&http_host=www.leger.co.uk&browser=Google%20Chrome&browser_version=101.0.4951.41&device=Desktop&platform=Windows%2010&widget=undefined&client_id=undefined&page_id=&cachebust=1651566553007
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773c87a18407488006bccdf766f7272b78a2e54705fae3f24faef5918b5fd16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 03 May 2022 08:29:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin
cache-control: max-age=31536000, public
access-control-allow-credentials: true
cf-ray: 7057a0ac6f0c0229-ZRH
access-control-allow-headers: Origin, Content-Type, Content-Range, Content-Disposition, Content-Description, X-Auth-Token

GET
H2 200 event
api.responseiq.com/api/v1/ 574 B
631 B 143ms
133ms Image
image/jpeg 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.responseiq.com/api/v1/event?event_type=visitor_is_new&widget_code=17KS6KF4C3EAWPZY92&valid_till=2022-05-03T08%3A29%3A12.798Z&created_on=2022-05-03T08%3A29%3A12.798Z&event_date=2022-05-03T08%3A29%3A12.798Z&event_time=2022-05-03T08%3A29%3A12.798Z&event_source=&visitor_time=2022-05-03T08%3A29%3A12.798Z&in_time=2022-05-03T08%3A29%3A12.798Z&out_time=2022-05-03T08%3A29%3A12.798Z&visitor_timezone=Etc%2FUnknown&visitor_timezone_offset=0&session_id=1651566552780&session=1651566552780&session_count=1&visitor_id=73769490219339&company_id=3793&master_company_id=3793&domain_name=www.leger.co.uk&http_scheme=https&referrer_url=&content=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_keyword=&utm_source=newsletter&utm_medium=email&utm_campaign=WelcomeEmail3&utm_content=&google_ads_gclid=&ad_position=&match_type=&ga_client_id=&screen_resolution=1600x1200&visitor_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_title=AllExperiences%20%7C%20Leger%20Holidays&widget_page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences&latitude=0&longitude=0&attribution64=eyJmaXJzdF9jbGljayI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJsYXN0X2NsaWNrIjoiZW1haWxDYW1wYWlnbiAtIGVtYWlsIC0gTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyAtICIsInV0bV93ZWlnaHRlZCI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJ1dG1fcHJpb3JpdHkiOiIxIiwiZmlyc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sImxhc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sInV0bV93ZWlnaHRlZF9hdHRyaWJ1dGVzIjp7InNvdXJjZSI6ImVtYWlsQ2FtcGFpZ24iLCJtZWRpdW0iOiJlbWFpbCIsImNoYW5uZWwiOiJFbWFpbCIsImNhbXBhaWduIjoiTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyIsImtleXdvcmQiOiIiLCJ0ZXJtIjoiIiwiY29udGVudCI6IiIsInJlZmVycmVyIjoiIiwiZmJjbGlkIjoiIiwiZ2NsaWQiOiIifX0%3D&http_host=www.leger.co.uk&browser=Google%20Chrome&browser_version=101.0.4951.41&device=Desktop&platform=Windows%2010&widget=undefined&client_id=undefined&page_id=&cachebust=1651566553007
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773c87a18407488006bccdf766f7272b78a2e54705fae3f24faef5918b5fd16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 03 May 2022 08:29:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin
cache-control: max-age=31536000, public
access-control-allow-credentials: true
cf-ray: 7057a0ac6f0e0229-ZRH
access-control-allow-headers: Origin, Content-Type, Content-Range, Content-Disposition, Content-Description, X-Auth-Token

GET
H2 200 event
api.responseiq.com/api/v1/ 574 B
838 B 142ms
132ms Image
image/jpeg 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.responseiq.com/api/v1/event?event_type=page_load&widget_code=17KS6KF4C3EAWPZY92&valid_till=2022-05-03T08%3A29%3A12.799Z&created_on=2022-05-03T08%3A29%3A12.799Z&event_date=2022-05-03T08%3A29%3A12.799Z&event_time=2022-05-03T08%3A29%3A12.799Z&event_source=&visitor_time=2022-05-03T08%3A29%3A12.799Z&in_time=2022-05-03T08%3A29%3A12.799Z&out_time=2022-05-03T08%3A29%3A12.799Z&visitor_timezone=Etc%2FUnknown&visitor_timezone_offset=0&session_id=1651566552780&session=1651566552780&session_count=1&visitor_id=73769490219339&company_id=3793&master_company_id=3793&domain_name=www.leger.co.uk&http_scheme=https&referrer_url=&content=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_keyword=&utm_source=newsletter&utm_medium=email&utm_campaign=WelcomeEmail3&utm_content=&google_ads_gclid=&ad_position=&match_type=&ga_client_id=&screen_resolution=1600x1200&visitor_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_title=AllExperiences%20%7C%20Leger%20Holidays&widget_page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences&latitude=0&longitude=0&attribution64=eyJmaXJzdF9jbGljayI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJsYXN0X2NsaWNrIjoiZW1haWxDYW1wYWlnbiAtIGVtYWlsIC0gTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyAtICIsInV0bV93ZWlnaHRlZCI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJ1dG1fcHJpb3JpdHkiOiIxIiwiZmlyc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sImxhc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sInV0bV93ZWlnaHRlZF9hdHRyaWJ1dGVzIjp7InNvdXJjZSI6ImVtYWlsQ2FtcGFpZ24iLCJtZWRpdW0iOiJlbWFpbCIsImNoYW5uZWwiOiJFbWFpbCIsImNhbXBhaWduIjoiTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyIsImtleXdvcmQiOiIiLCJ0ZXJtIjoiIiwiY29udGVudCI6IiIsInJlZmVycmVyIjoiIiwiZmJjbGlkIjoiIiwiZ2NsaWQiOiIifX0%3D&http_host=www.leger.co.uk&browser=Google%20Chrome&browser_version=101.0.4951.41&device=Desktop&platform=Windows%2010&widget=undefined&client_id=undefined&page_id=&navigation_type=1&cachebust=1651566553008
Requested by: Host: www.leger.co.uk
URL: https://www.leger.co.uk/home/allexperiences?utm_medium=email&utm_source=newsletter&utm_campaign=WelcomeEmail3&r=1660&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_campaign=NEW%20-%20Europe%20Welcome%203&utm_source=emailCampaign&utm_content=&utm_medium=email&eid=A9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773c87a18407488006bccdf766f7272b78a2e54705fae3f24faef5918b5fd16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 03 May 2022 08:29:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin
cache-control: max-age=31536000, public
access-control-allow-credentials: true
cf-ray: 7057a0ac6f0f0229-ZRH
access-control-allow-headers: Origin, Content-Type, Content-Range, Content-Disposition, Content-Description, X-Auth-Token

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.34/ 53 KB
23 KB 290ms
97ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5668429.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
content-encoding: br
etag: "1d85c13ded4d154"
last-modified: Fri, 29 Apr 2022 21:55:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 hotjar-17464.js Show response
static.hotjar.com/c/ 4 KB
2 KB 79ms
42ms Script
application/javascript 65.9.63.46

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-17464.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.63.46 , United States, ASN (),

Reverse DNS

server-65-9-63-46.fra56.r.cloudfront.net

Software

Resource Hash

5140acb0e533d8bd813a31ba42e8a543321867b188f028dbef88485da274f094

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache-hit: 1
etag: W/54f5762b439b32aa73ad031d3f1a5190
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 2000
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-id: enh_rLBnbveo2cDhGDYtRkrP1XxCgImYeg7LChe8dcPYdoRxk7_ejw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 42ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: FcrGKkPBAdlGTXqOe+TsZo679ODTUkkvIaMGzXs9p7gExkl+AOURvGlR6/Kco97vl9CjD6RFDl4E0DSwKrHdJQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 03 May 2022 08:29:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&RedC=c.clarity.ms&MXFR=2AB7D2BD2490642F1AB0C32420906A85
https://c.clarity.ms/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&MUID=38FC7B6D273E6AA339CE6AF426EC6B9C

42 B
370 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&MUID=38FC7B6D273E6AA339CE6AF426EC6B9C
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 03 May 2022 08:29:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6849EE0705D146EA9D455E736D2BED0B Ref B: FRAEDGE1308 Ref C: 2022-05-03T08:29:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=59C167763A7B4E8491BC1C08F44AAAA9&MUID=38FC7B6D273E6AA339CE6AF426EC6B9C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 air-holidays-like.jpg
leger2.imgix.net/Includes/images/destination-img/air-holidays/ 60 KB
61 KB 8ms
8ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/air-holidays/air-holidays-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d481c354c7ac6e7df0f31626cb0f50d7a8b26a483594adee75e89d89847415de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 20:13:11 GMT
server: imgix
age: 44161
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 3df712d98af27a558d682de3fdc8858f7a5f0291
accept-ranges: bytes
content-length: 61876
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10048-SJC, cache-hhn4073-HHN

GET
H2 200 battlefields-like.jpg
leger2.imgix.net/Includes/images/destination-img/battlefields/ 97 KB
98 KB 8ms
8ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/battlefields/battlefields-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1ae4ff2c07cd6c17b4c0e921eed3483d207fef9807904a0c41d9d970f74db9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 May 2022 20:10:23 GMT
server: imgix
age: 130730
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: e8da10f574085a496bdf9ebb70d9dcf61c680fc1
accept-ranges: bytes
content-length: 99816
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-hhn4073-HHN

GET
H2 200 christmas-markets-like.jpg
leger2.imgix.net/Includes/images/destination-img/christmas-markets/ 124 KB
124 KB 8ms
8ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/christmas-markets/christmas-markets-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2c9380c5a32a8a75cc2222401e0fab8dcedf18d1020dbef851c88a42a0f486a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 08:07:53 GMT
server: imgix
age: 87680
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: cf19dfbdee0ea46639f984b9e2a60552b70bfbf7
accept-ranges: bytes
content-length: 127056
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10020-SJC, cache-hhn4073-HHN

POST
H2 204 collect Show response
f.clarity.ms/ 0
70 B 92ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.leger.co.uk
date: Tue, 03 May 2022 08:29:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 539850096153708 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 54ms
45ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/539850096153708?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e528ba1eb2fcb23271ef4a10306b83efbfb72479e3428f091537bfff7312641

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JFuZG9P6WEX+NCCthQUDHiOWLMxnk3s+KYsETtN/HjN20xKLAlBr5SJP4KQNOjpFbKBXyFURq2o8e/cRLEbmTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 03 May 2022 08:29:13 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651566553592
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.7dcb8d1c63f55eea3c48.js Show response
script.hotjar.com/ 237 KB
62 KB 38ms
10ms Script
application/javascript 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7dcb8d1c63f55eea3c48.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-17464.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-86.dus51.r.cloudfront.net

Software

Resource Hash

4c0685d53530f93590ed7ce3d3076e962dbc4c2f59a557e62ca0c1eaa97120dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 13:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69547
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63230
access-control-allow-origin: *
last-modified: Mon, 02 May 2022 13:10:05 GMT
etag: "060f671843c3a2decf6f0d091b4feb27"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FftSLNDRFzzXKEXtMsT5Cb1Ph9vLN68EnYdu9NIlW0_Ixp_Ha2o5eQ==

GET
H2 200 festive-new-year-like.jpg
leger2.imgix.net/Includes/images/destination-img/festive-new-year/ 121 KB
122 KB 152ms
152ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/festive-new-year/festive-new-year-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e7a6aeb1e3106a1eabb1bdf319b7bc6282a450ec7e157ba0a96194156c99d617

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 12:37:48 GMT
server: imgix
age: 71485
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 6bb0f6c5f32a39a62f821b3a32f3b2d1d88d4c68
accept-ranges: bytes
content-length: 124394
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10059-SJC, cache-hhn4073-HHN

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 21ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539850096153708&ev=PageView&dl=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&rl=&if=false&ts=1651566553629&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1651566553627.1401609358&it=1651566553539&coo=false&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 03 May 2022 08:29:13 GMT

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 4050 2 KB
1 KB 36ms
9ms Document
text/html 108.157.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-17464.js?sv=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-53.dus51.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer: https://www.leger.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15186234
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Nov 2021 14:05:19 GMT
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
vary: Accept-Encoding
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
x-amz-cf-id: LvgP35FnUz0JAc6CosidHMz55U3Tp7ir8aQcNuM7rM40ImDmpNAteg==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 204 17464 Show response
vc.hotjar.io/sessions/ 0
257 B 83ms
35ms XHR
text/plain 65.9.63.123

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/17464?s=0.25&r=0.18132607667301204
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.123 , United States, ASN (),
Reverse DNS: server-65-9-63-123.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: Fh8b9Tz-x1lVzLaOhrShfTEUHf5trWiCKFkhtoE9QFPFa6dtWJM-7A==

GET
H2 200 store_ga_client Show response
app.responseiq.com/asteriskcallwidgets/ 0
95 B 145ms
145ms XHR
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/asteriskcallwidgets/store_ga_client?visitor_id=73769490219339&ga_client_id=1074189473.1651566553

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:13 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0b15b3c23c7-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH
content-length: 0
x-content-type-options: nosniff

GET
H2 200 grand-explorer-like.jpg
leger2.imgix.net/Includes/images/destination-img/grand-explorer/ 118 KB
119 KB 154ms
154ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/grand-explorer/grand-explorer-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9dbe60ad3c4b1eb5831acbc8ac20472388e96e530878e1481521bb5291ee32ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 06:47:46 GMT
server: imgix
age: 92488
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: 5343e6f86dcbe369727b0644ab03a7afab3c7d4e
accept-ranges: bytes
content-length: 121217
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10026-SJC, cache-hhn4073-HHN

GET
H2 200 flowers-gardens-like.jpg
leger2.imgix.net/Includes/images/destination-img/flowers-gardens/ 120 KB
121 KB 153ms
153ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leger2.imgix.net/Includes/images/destination-img/flowers-gardens/flowers-gardens-like.jpg?w=737&h=553&auto=enhance&fit=crop&crop=edges

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

059b5ca1d2e194fba67357558742d0fdb15c103d03feae3deba050dee914f448

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 12:37:48 GMT
server: imgix
age: 71485
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
x-imgix-id: d39a5d167d921c141ab62efeece605bc17b50e75
accept-ranges: bytes
content-length: 123366
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10082-SJC, cache-hhn4073-HHN

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 393ms
210ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.leger.co.uk
date: Tue, 03 May 2022 08:29:14 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 css
fonts.googleapis.com/ 4 KB
634 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:03:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 03 May 2022 08:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 May 2022 08:29:14 GMT

GET
H3 200 ouibounce.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.11/ 2 KB
1 KB 37ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.11/ouibounce.min.js?_=1651566552150

Requested by

Host: www.leger.co.uk
URL: https://www.leger.co.uk/bundles/includes/layout/js?v=v9PK2wFP4DgOTIkqvjSYmLNdBumlqTizrFGMknJTpR01

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5a698a2585cb484821302547d8f66b1cd0441303985ef4e847aa431f2168cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2300639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 652
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-63a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcb7EXv4DrqKvWjbMtNtop85LRiK8qA99Vb2v60uN0GLvlbi3nfEQo4BHoMqVxIajRCc5HYClMVJNfSHVYL5ld0VP2ArMBGj2YAzBFP6DB%2FitMlmkTjfqGJ8tiX9HgeXqbleoV%2BL8XgLK%2BEWkGiO5MDP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7057a0b6386301df-ZRH
expires: Sun, 23 Apr 2023 08:29:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 566965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 18:59:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.leger.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 562879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Apr 2023 20:07:55 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=539850096153708&ev=Microdata&dl=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&rl=&if=false&ts=1651566555162&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22AllExperiences%20%7C%20Leger%20Holidays%22%2C%22meta%3Adescription%22%3A%22From%20Christmas%20Markets%20to%20Live%20Events%2C%20Battlefield%20tours%20to%20Motorsport%20Breaks%2C%20join%20us%20for%20an%20incredible%20experience%20on%20your%20next%20holiday.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1651566553627.1401609358&it=1651566553539&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 03 May 2022 08:29:15 GMT

GET
H2 200 1580472684leger.png
storage.responseiq.com/files/images/ 10 KB
10 KB 66ms
24ms Image
image/png 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.responseiq.com/files/images/1580472684leger.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f6176bebfc040d43facd011f4279506bc1960e0b1a50dc6b0a5025a503891c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:15 GMT
cf-cache-status: HIT
age: 623
x-guploader-uploadid: ADPycdvEwSk8F7obUysxuCNDKnHrHMjKWQILUoyphjtJw3VkR2wfdgQOAw__ztyy7E_T5hwIrKZGylVK4fhSCwwiuNopzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 9983
last-modified: Fri, 31 Jan 2020 12:11:24 GMT
server: cloudflare
etag: "f91a08188f136b95731c0c96629453e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LjDLaQ==, md5=+RoIGI8Ta5VzHAyWYpRT4Q==
x-goog-generation: 1580472684792771
cache-control: public, max-age=7200
x-goog-stored-content-length: 9983
accept-ranges: bytes
cf-ray: 7057a0be2b150229-ZRH
expires: Tue, 03 May 2022 09:18:52 GMT

GET
DATA 200
OK truncated
/ 576 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfcb3d8914184ed9ee1e50471d6551470f7e16a9195a693f18c08e4ca646ba6d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 723 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86fec357350ab3186ab65c752661361e2dd53a3e1fa58d038425bfd7b4f7aa1f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47152f3e4503aeb2cc76bcab2d457b7ee4383c1d88f73c0b44f854684a70d07a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68db4f6bd9fec988da897a14d3357ef1f8876c6425bf08cb309415989341129

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 483 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0e9012a61cac2549d343c2e3417814228ffd05a9d1290e01cca84a3fbd805e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 93ms
93ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.leger.co.uk
date: Tue, 03 May 2022 08:29:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 savewidgetimpression Show response
app.responseiq.com/asteriskcallwidgets/ 0
67 B 222ms
218ms Script
application/javascript 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.responseiq.com/asteriskcallwidgets/savewidgetimpression?widget=17KS6KF4C3EAWPZY92&session_id=1651566552780&callback=__jp3

Requested by

Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:19 GMT
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
feature-policy: sync-xhr *; usermedia *; payment *;
cf-ray: 7057a0d0cf810229-ZRH
access-control-allow-headers: Content-Type, X-REQUESTED-WITH
content-length: 0
x-content-type-options: nosniff

GET
H2 200 event
api.responseiq.com/api/v1/ 574 B
677 B 168ms
166ms Image
image/jpeg 2606:4700:10::6816:21a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.responseiq.com/api/v1/event?event_type=widget_impression&widget_code=17KS6KF4C3EAWPZY92&valid_till=2022-05-03T08%3A29%3A18.816Z&created_on=2022-05-03T08%3A29%3A18.816Z&event_date=2022-05-03T08%3A29%3A18.816Z&event_time=2022-05-03T08%3A29%3A18.816Z&event_source=&visitor_time=2022-05-03T08%3A29%3A18.816Z&in_time=2022-05-03T08%3A29%3A18.816Z&out_time=2022-05-03T08%3A29%3A18.816Z&visitor_timezone=Etc%2FUnknown&visitor_timezone_offset=0&session_id=1651566552780&session=1651566552780&session_count=1&visitor_id=73769490219339&company_id=3793&master_company_id=3793&domain_name=www.leger.co.uk&http_scheme=https&referrer_url=&content=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&utm_keyword=&utm_source=newsletter&utm_medium=email&utm_campaign=WelcomeEmail3&utm_content=&google_ads_gclid=&ad_position=&match_type=&ga_client_id=1074189473.1651566553&screen_resolution=1600x1200&visitor_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DWelcomeEmail3%26r%3D1660%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466%26utm_campaign%3DNEW%2520-%2520Europe%2520Welcome%25203%26utm_source%3DemailCampaign%26utm_content%3D%26utm_medium%3Demail%26eid%3DA9438447213855390383514405zzzzz64cbb09e9fd3ed287d963f6402460deec45004f5c044385c88c2cfe16fe764f466&page_title=AllExperiences%20%7C%20Leger%20Holidays&widget_page_url=https%3A%2F%2Fwww.leger.co.uk%2Fhome%2Fallexperiences&latitude=0&longitude=0&attribution64=eyJmaXJzdF9jbGljayI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJsYXN0X2NsaWNrIjoiZW1haWxDYW1wYWlnbiAtIGVtYWlsIC0gTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyAtICIsInV0bV93ZWlnaHRlZCI6ImVtYWlsQ2FtcGFpZ24gLSBlbWFpbCAtIE5FVyAtIEV1cm9wZSBXZWxjb21lIDMgLSAiLCJ1dG1fcHJpb3JpdHkiOiIxIiwiZmlyc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sImxhc3RfY2xpY2tfYXR0cmlidXRlcyI6eyJzb3VyY2UiOiJlbWFpbENhbXBhaWduIiwibWVkaXVtIjoiZW1haWwiLCJjaGFubmVsIjoiRW1haWwiLCJjYW1wYWlnbiI6Ik5FVyAtIEV1cm9wZSBXZWxjb21lIDMiLCJrZXl3b3JkIjoiIiwidGVybSI6IiIsImNvbnRlbnQiOiIiLCJyZWZlcnJlciI6IiIsImZiY2xpZCI6IiIsImdjbGlkIjoiIn0sInV0bV93ZWlnaHRlZF9hdHRyaWJ1dGVzIjp7InNvdXJjZSI6ImVtYWlsQ2FtcGFpZ24iLCJtZWRpdW0iOiJlbWFpbCIsImNoYW5uZWwiOiJFbWFpbCIsImNhbXBhaWduIjoiTkVXIC0gRXVyb3BlIFdlbGNvbWUgMyIsImtleXdvcmQiOiIiLCJ0ZXJtIjoiIiwiY29udGVudCI6IiIsInJlZmVycmVyIjoiIiwiZmJjbGlkIjoiIiwiZ2NsaWQiOiIifX0%3D&http_host=www.leger.co.uk&browser=Google%20Chrome&browser_version=101.0.4951.41&device=Desktop&platform=Windows%2010&widget=1651566552804&client_id=undefined&page_id=&cachebust=1651566558819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773c87a18407488006bccdf766f7272b78a2e54705fae3f24faef5918b5fd16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.leger.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:18 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 03 May 2022 08:29:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin
cache-control: max-age=31536000, public
access-control-allow-credentials: true
cf-ray: 7057a0d0cf820229-ZRH
access-control-allow-headers: Origin, Content-Type, Content-Range, Content-Disposition, Content-Description, X-Auth-Token

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: static.responseiq.com
URL: https://static.responseiq.com/1650957891/js/vendor.de521b7c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.leger.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.leger.co.uk
date: Tue, 03 May 2022 08:29:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

365 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.leger.co.uk/	1970-01-20 02:56:11	Name: ts-query_coach Value: {"FD":[],"HT":[],"CT":[],"DP":[],"DS":"2022-05-03T00:00:00+01:00","DSP":4,"DSM":4,"FPL":0.0,"FPH":7000.0,"FN":[],"FX":2,"FTPL":0.0,"FTPH":30000.0,"FTP":false}
www.leger.co.uk/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: MwjF1-PRRCuin5CoWIW58wwvQV0r8Lv3tqeImmtPC0JahdUwr2LtISBpAq72tZb-40zOcOCjYmnv67GbuzrlrrKoV72PMHdL0KsugdjDcio1
www.leger.co.uk/	1970-01-20 02:46:10	Name: NSC_MC_134.213.141.135_80_1 Value: 14b5a3d9a0fe98cdd826fb8a8a008ce57059b4f26435c0b5a9a7a2eec27bb915d3c6f3e5
app.responseiq.com/	1970-01-20 11:31:42	Name: riq_cookie_widget_id_3293 Value: %7B%22visitors_id%22%3A73769490219339%2C%22select_visitor_time%22%3A%22%22%2C%22countrycode%22%3A%22DE%22%2C%22ipaddress%22%3A%228c2e24a24f43175435262f4fec6d9243%22%2C%22city%22%3A%22%22%2C%22browser%22%3A%22Chrome%22%2C%22device%22%3A%22Desktop%22%2C%22region%22%3A%22%22%2C%22countryname%22%3A%22DE%22%2C%22timezone_name%22%3A%22%22%2C%22browsersession%22%3A%221651566552944%22%2C%22googleanalatics%22%3Anull%2C%22tooltip_close_click%22%3A0%2C%22tooltip_close%22%3A0%2C%22tooltip_animation%22%3A0%2C%22saveattempts_to_exit%22%3A0%2C%22cookie_created_date%22%3A%222022-05-03%22%7D
www.leger.co.uk/	1970-01-20 03:29:18	Name: campaign Value: null%2C10126%2CEuropean%20Emails
.bing.com/	1970-01-20 12:07:42	Name: MUID Value: 38FC7B6D273E6AA339CE6AF426EC6B9C
.leger.co.uk/	1970-01-20 04:55:42	Name: _gcl_au Value: 1.1.2063547177.1651566552
.leger.co.uk/	1970-01-20 20:17:18	Name: _ga Value: GA1.3.1074189473.1651566553
.leger.co.uk/	1970-01-20 02:47:32	Name: _gid Value: GA1.3.1166554537.1651566553
.leger.co.uk/	1970-01-20 02:47:32	Name: _uetsid Value: 1c777e70cabb11ec9783d320dfc41a5b
.leger.co.uk/	1970-01-20 12:07:42	Name: _uetvid Value: 1c77a5a0cabb11ec95476fd01df74e61
.leger.co.uk/	1970-01-20 02:46:08	Name: __adal_ses Value: *
.leger.co.uk/	1970-01-20 07:05:18	Name: __adal_ca Value: so%3DemailCampaign%26me%3Demail%26ca%3DNEW%2520-%2520Europe%2520Welcome%25203%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29
.leger.co.uk/	1970-01-20 20:17:18	Name: __adal_id Value: a3a99819-5476-4e59-8f56-1ec9434357ac.1651566553.2.1651566553.1651566553.78003ed0-fa0f-44bb-ac0c-8746aa301151
.leger.co.uk/	1970-01-20 02:56:11	Name: __adal_cw Value: 1651566552703
www.leger.co.uk/	1970-01-24 02:44:40	Name: _omappvp Value: GplaSuHgpVgJ4yxwvnEbeBkmMBea6Kc7DJUpcBW47PC4VUrzUB7gGo72V3LgGXUrF8uAn4uOMhq1nvuDQ29kmoo5mAfsjt8K
www.leger.co.uk/	1970-01-20 02:46:07	Name: _omappvs Value: 1651566552736
.leger.co.uk/	1970-01-20 02:46:06	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 02:46:07	Name: test_cookie Value: CheckForPermission
www.leger.co.uk/	1970-01-20 16:12:30	Name: tms_VisitorID Value: jx7knw3020
www.leger.co.uk/	1970-01-20 02:46:08	Name: tms_wsip Value: 1
.leger.co.uk/	1970-01-20 11:31:42	Name: _clck Value: 1izjg4t\|1\|f15\|0
.c.bing.com/	1970-01-20 12:07:42	Name: SRM_B Value: 38FC7B6D273E6AA339CE6AF426EC6B9C
.leger.co.uk/	1970-01-20 04:55:42	Name: _fbp Value: fb.2.1651566553627.1401609358
.leger.co.uk/	1970-01-20 02:47:32	Name: _clsk Value: h1tmdy\|1651566553634\|1\|1\|f.clarity.ms/collect
.facebook.com/	1970-01-20 04:55:42	Name: fr Value: 0wcRhh292YkxavfyW..BicOfZ...1.0.BicOfZ.
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:07:42	Name: MUID Value: 38FC7B6D273E6AA339CE6AF426EC6B9C
.c.clarity.ms/	1970-01-20 02:46:07	Name: ANONCHK Value: 0
.leger.co.uk/	1970-01-20 11:31:42	Name: _hjSessionUser_17464 Value: eyJpZCI6ImExZGI0MTljLWJjNjQtNThlOS05OWY3LTgxYWM4MzUwMDZlMyIsImNyZWF0ZWQiOjE2NTE1NjY1NTM2NjEsImV4aXN0aW5nIjpmYWxzZX0=
.leger.co.uk/	1970-01-20 02:46:08	Name: _hjFirstSeen Value: 1
www.leger.co.uk/	1970-01-20 02:46:06	Name: _hjIncludedInSessionSample Value: 0
.leger.co.uk/	1970-01-20 02:46:08	Name: _hjSession_17464 Value: eyJpZCI6IjMxNjM3NDFhLWE0NGQtNDVkNi05M2VkLTI2MjEyNzEwMjc1YSIsImNyZWF0ZWQiOjE2NTE1NjY1NTM3MTgsImluU2FtcGxlIjpmYWxzZX0=
.leger.co.uk/	1970-01-20 02:46:08	Name: _hjAbsoluteSessionInProgress Value: 1
www.leger.co.uk/	1970-01-20 04:55:42	Name: abandonment-email-returners Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.optnmstr.com
ajax.googleapis.com
am.freshrelevance.com
api.omappapi.com
api.responseiq.com
app.responseiq.com
bat.bing.com
c.bing.com
c.clarity.ms
c2.dycdn.net
c5.adalyser.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d81mfvml8p5ml.cloudfront.net
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
emails-leger.co.uk
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.maxmind.com
leger.imgix.net
leger2.imgix.net
phone.legerbookings.co.uk
script.hotjar.com
static.hotjar.com
static.responseiq.com
stats.g.doubleclick.net
storage.googleapis.com
storage.responseiq.com
td.yieldify.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.leger.co.uk
108.157.4.53
108.157.4.86
134.213.141.135
142.250.185.226
151.101.192.233
20.84.22.197
2600:9000:206f:2e00:e:98bf:5f00:21
2600:9000:206f:da00:2:36a1:2f40:21
2600:9000:206f:e000:7:5031:dc0:21
2600:9000:224a:6800:16:f02f:46c0:93a1
2606:4700:10::6816:21a2
2606:4700::6810:252f
2606:4700::6810:5614
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:803::2010
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:1b::720
35.190.84.153
5.79.35.180
52.142.114.2
52.213.112.161
52.213.150.210
52.214.58.10
65.9.63.123
65.9.63.46
84.17.46.53
99.86.4.69
02ce220ddaeb97a63f6f0c43ba8e7a96d6abf019716c69e26932f0cff0e85142
059b5ca1d2e194fba67357558742d0fdb15c103d03feae3deba050dee914f448
05d26fb052eb9b7b5f09ad640321d184fa0cad5b8a0eb6f977dca19d112487d2
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0a2922a2bea318fe39af61440b389e7758a4ba4b132988e3ba27d5b4f9a37a14
0d1fb528b257981c5aa7bb529368340a6f34d0eddcbd3cfb4d712ae591bd4674
0e5a698a2585cb484821302547d8f66b1cd0441303985ef4e847aa431f2168cb
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eff31e7443445ce5dd0fd4d9e146f5a757311ba7efba65d8f7b852b36690228
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f96975ae8bff08811ea7ae846b813002125de3da98a45595a586c3fb9da68b
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
18c2e6655a114de9da36a1a455e77233493b0409746da2a768b99fb46b8ac56b
1ae4ff2c07cd6c17b4c0e921eed3483d207fef9807904a0c41d9d970f74db9aa
21267a6ba9df4cbd1176138cf66f9e5f53a0c0c1c7689875c8cb280e5d80c56c
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
267eca358fe39e16ec726192e3ed787f1c7e2b54717cfa21a649c614df75b09c
2c9380c5a32a8a75cc2222401e0fab8dcedf18d1020dbef851c88a42a0f486a0
2d4675d0e24d470e9f1726cd74ec411c1cdcc7fbc70d03206159232e4510797d
2e57eec3cdcf9e8dc838a6efd5fb0997e1949536d6d81c6e1f4f8d30a31fa86a
2e6aa0983471e8e4796c3bcd2fa728cee6ae36b1794e99705311756df013cfac
339b8b952c090bb6410ece848862dbd3d7fe8df8315a329b4ccfb513dccb8e34
348c89fe00759507db3d852c7b751c91268dda95dd37b2862350acbe90466002
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3816e94cbff9f9a4b7122b135118799391e2d52a32c82503115d908bb263f597
47152f3e4503aeb2cc76bcab2d457b7ee4383c1d88f73c0b44f854684a70d07a
4a9b6603ef41adb1bea50a3b32b75d3cb2b3b836e78bcbdbcb2b71ac41b882a9
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4c0685d53530f93590ed7ce3d3076e962dbc4c2f59a557e62ca0c1eaa97120dd
4e0e9012a61cac2549d343c2e3417814228ffd05a9d1290e01cca84a3fbd805e
5140acb0e533d8bd813a31ba42e8a543321867b188f028dbef88485da274f094
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78
5909c60bc5361d746e7f244a9af3bd06b090ce926f4622c2cc388f1919032b67
59842be9b8c6ad2b63480726cdb0300e46e907f6255a439855411872c67ca28e
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5cdeb5252092d3a4fa2d5fb5f78e215e8166429464ed81c98a4fb9fe331ea665
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
65723dda498817ca0cdc80f86bba0548aa32651574c172e982cfbce2cfc60e14
6e528ba1eb2fcb23271ef4a10306b83efbfb72479e3428f091537bfff7312641
71bcb7f98c221b9878209b3f248fc76c80835f0b56246560261d2521b6e501ef
7275ab0dc049326fda0d120dcc0f15dce0460127a11baa1f93097cc725f7712c
75af7aa053331cd2d6a8c5b95e823b179d4f6a009b948376da59ef888777b5ac
773c87a18407488006bccdf766f7272b78a2e54705fae3f24faef5918b5fd16c
7997f6d733aa90967501449e93dc417dd49b3ee00f42cc95a76adf12bc536877
7d189041e53ccf894646f6febdd42036bee534371d42f84320bec962c1046c9a
7f6176bebfc040d43facd011f4279506bc1960e0b1a50dc6b0a5025a503891c9
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
86fec357350ab3186ab65c752661361e2dd53a3e1fa58d038425bfd7b4f7aa1f
873fda54c250eb4c96155d983a55a3171fb8954d7d75c68c8b7fec13dd8867c1
89f8554ce154ff087529c85a9c4ffae4da0b5d39a181881c49f0151dc0385794
8b24300be2067844038bbc7d0b128fc0625a6c8a62e99daa4b4d264757a5c5a1
8f297d764c3833e9a76615751204b521f06480be4246b6321de25c437f907dd9
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
99b5dd8da992845d9909731e4aaaae777f60552a0a57a163be67d85dcba78c1f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e08664d390e882a12505d0a4c28b1d72a553693e86cf5cbc79934ba66ffbd7
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
9b902759586d9adacb9ab2893de0c999aa477b0dd5f9ce608034def2bee3b23b
9cf52d056b0eea8df1d439a92d4fd0c31af6bf7f2ebf1a421e9d8e13b66f8dbd
9dbe60ad3c4b1eb5831acbc8ac20472388e96e530878e1481521bb5291ee32ac
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0ff51fee329802506a2b8a7205382b6d1b86dfbb214adb891a5db48f5600580
a11d8a17e1a01dd497076fb96c7193c559e13b96e72f2d82482870e039cc2b8d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e1b8867a6bddf34881e09c0e93e32e4c510f9d6f7a50584f352fa5bb16d351
a7998bc1c7a6abf6a909a4fc45a321f77621d6849ba89bf6ae499e35b2f6682e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abf64a760b7555505c5c39ff77587640dc134f4cfd0c9e9ec26da21d83d185ae
ae9b73c375c9e702af012b37a92de7e50a64caf010004ccdc3b92126ee8a3e5f
af3461f1efd55debddeac319c082cb89744175e36c8e302d07ea9c210625ddc0
af5b33072be50567d82257c41f7f344706276753ccfe4f48f670c918fddf1e62
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bf609322545a4d518d15c7425e7cc8de445789e29d04ae477e6c1d41ecf352e1
c11af5c813389c85cadbbd29a0cddf9cb0af97980646c055813c533f9f372d6a
c276f639d59888152dbb34f7e65207185d298939eb1fe32f7587d7c64159d92a
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c6de0b4496340304feebde4bdb2c0406001223f8d313faae986dd4279d3885cf
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdddd360c4bfa76e54eac8053db03049efbdb01b3bfe50ef8f2247c156929ef3
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d310c6930db18091f88847f0207c03f1e1f0e68d2864e758dfe251b0f06c1190
d481c354c7ac6e7df0f31626cb0f50d7a8b26a483594adee75e89d89847415de
d68db4f6bd9fec988da897a14d3357ef1f8876c6425bf08cb309415989341129
d87195c5f81592b739ac9e4deb08b8961fedb4423f344bc8c40f541882241584
d97a54c35a0a53492693e7b9aa80c0ef4e0f31c7b227b308b1e3743cd1c9018a
daaf94303e630d7620a0eebdfd9549baf79b9b409befdd86b6e75ac8fa1f6ce7
dfcb3d8914184ed9ee1e50471d6551470f7e16a9195a693f18c08e4ca646ba6d
dfd43ffe16e73f8abf4d46c77f994b0ed16d4d11cd64b933cf97994149d90151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a6aeb1e3106a1eabb1bdf319b7bc6282a450ec7e157ba0a96194156c99d617
e8b2034213670a556d55ec3c5c79de158e1db272a239062a47d34f8257203713
e95588cc70dff5a833b7a6644d2d48331c1fc28d78b4e1601fa1e9c470cbe90b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2954ec06bcbada6cbda6cfb36388d4b96808766ab09949b74805259bb0a9f37
f2c15b80ccf92bc26f86403b3dfcf5c34ebfad15320c3c2602efaea5b68acc9c
f35141da3536de7c88048485660c06d4aa9837683ca641ee3b96c35512d70896

www.leger.co.uk Open in urlscan Pro 134.213.141.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

99 %HTTPS

58 %IPv6

29 Domains

43 Subdomains

38 IPs

6 Countries

2787 kBTransfer

6692 kBSize

35 Cookies

14 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.leger.co.uk Open in urlscan Pro
134.213.141.135 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

99 %
HTTPS

58 %
IPv6

29
Domains

43
Subdomains

38
IPs

6
Countries

2787 kB
Transfer

6692 kB
Size

35
Cookies

121 HTTP transactions
6 data transactions