lws29100qa1.legwork.dev Open in urlscan Pro
34.54.28.225  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lws29100qa1.legwork.dev/	16 KB 16 KB	265ms 176ms	Document text/html	34.54.28.225 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lws29100qa1.legwork.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.54.28.225 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 225.28.54.34.bc.googleusercontent.com Software nginx/1.10.3 / Express Resource Hash 22d3d9e6a705da95c48fe31e8e4ca1fc276d6c7f19b96347c38046d421f64337 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15893 content-type text/html; charset=utf-8 date Tue, 30 Jul 2024 20:26:35 GMT etag "249558301" server nginx/1.10.3 via 1.1 google x-powered-by Express
GET H3	200	bootstrap.min.css netdna.bootstrapcdn.com/bootstrap/3.0.2/css/	100 KB 20 KB	78ms 49ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.0.2/css/bootstrap.min.css Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e3b05336944dc8257502af3b9d063bd66295c799afe9ae1368eddfb4db6e250 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 755 strict-transport-security max-age=31536000; includeSubDomains; preload age 12023023 cdn-cachedat 08/02/2023 10:10:11 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:56 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"072e95329879934d29384b7a0b24345e" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 4b87da5c48be3c199c43233b0f4383e2 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8ab815a4ec211c01-FRA cdn-requestpullsuccess True
GET H3	200	font-awesome.css netdna.bootstrapcdn.com/font-awesome/4.0.3/css/	21 KB 5 KB	52ms 23ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 strict-transport-security max-age=31536000; includeSubDomains; preload age 12023035 cdn-cachedat 09/09/2023 15:04:09 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:53 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"1f9e9d1a5a1d347d945ef4b7727f2ea0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 712ee4b3c17826367971d61ec7639739 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8ab815a4ec1e1c01-FRA cdn-requestpullsuccess True
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response static.lwcrm.com/assets/javascripts/	90 KB 91 KB	984ms 520ms	Script application/javascript	35.185.195.91 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.lwcrm.com/assets/javascripts/jquery-1.9.1.min.js Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.185.195.91 The Dalles, United States, ASN15169 (GOOGLE, US), Reverse DNS 91.195.185.35.bc.googleusercontent.com Software nginx/1.10.3 (Ubuntu) / Express Resource Hash 89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Tue, 30 Jul 2024 20:26:36 GMT Strict-Transport-Security max-age=63072000 Last-Modified Thu, 24 Apr 2014 23:22:53 GMT Server nginx/1.10.3 (Ubuntu) X-Powered-By Express ETag "92594-1398381773000" Content-Type application/javascript Cache-Control public, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 92594
GET H2	200	legwork-planetdds-logo.png static.lws29100qa1.legwork.dev/assets/images/	45 KB 45 KB	240ms 170ms	Image image/png	34.54.28.225 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://static.lws29100qa1.legwork.dev/assets/images/legwork-planetdds-logo.png Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.54.28.225 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 225.28.54.34.bc.googleusercontent.com Software nginx/1.10.3 / Express Resource Hash daf9bcba93a2a05b6fd85a687ef5136a96ce13b6c72a0961d4a58c951dfa614e Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:35 GMT via 1.1 google last-modified Mon, 29 Jul 2024 22:02:23 GMT server nginx/1.10.3 x-powered-by Express etag "46075-1722290543000" content-type image/png cache-control public, max-age=86400 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46075
GET H2	200	js Show response www.googletagmanager.com/gtag/	127 KB 48 KB	55ms 21ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 81fa5159e481cee69688348f5e5a23b22f828712149fb59315cefbbbbf8d806e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 49241 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Jul 2024 20:26:35 GMT
GET H2	200	1694637.js Show response js.hs-scripts.com/	1 KB 1 KB	179ms 154ms	Script application/javascript	2606:4700::6810:89d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/1694637.js Requested by Host: lws29100qa1.legwork.dev URL: https://lws29100qa1.legwork.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ecf5371010952dd33a82600fa6a50e754ab01c61afe6dbc006a67ab3e9ba200 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:36 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 54958ee7-e1df-46ba-b351-4809dffeceda x-envoy-upstream-service-time 17 content-length 602 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 54958ee7-e1df-46ba-b351-4809dffeceda last-modified Tue, 30 Jul 2024 20:26:36 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://lws29100qa1.legwork.dev x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-7dd59b876-rwf85 access-control-allow-credentials true cache-control public, max-age=90 accept-ranges bytes cf-ray 8ab815a739e918e7-FRA expires Tue, 30 Jul 2024 20:28:06 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/1694637/	71 KB 26 KB	742ms 340ms	Script text/javascript	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/1694637/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/1694637.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8cd3475a731f0c0db0690543f0c30ec95f7f1b3fb7b633e0e67395cfae7f310 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:37 GMT x-amz-version-id JmGCwrCzUy3cgZfpNzjN5XcwjJYyxA7_ content-encoding gzip cf-cache-status REVALIDATED x-amz-request-id 9KJ4T3M2X16EJE8C x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 6ce2496a-4211-481b-8d3a-492d471d7393 x-envoy-upstream-service-time 113 x-amz-id-2 t39ECbHsb+ePsMNiCB6ppotJfcjSwmPAdROxBBOB0rW22lZR3T++XI086rd7iUNKKoKKO3fvRvMMKUGHbf5yfjJPs3VoF1pPYDgjPM4raaE= x-evy-trace-listener listener_https x-request-id 6ce2496a-4211-481b-8d3a-492d471d7393 x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 14:03:47 GMT server cloudflare etag W/"6271eba57d13e4c9dced1c3a6f4c4fac" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://qadocument.legwork.dev x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-lw9wf vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 8ab815aeaa38bb85-FRA expires Tue, 30 Jul 2024 20:31:37 GMT
GET H2	200	1694637.js Show response js.hs-analytics.net/analytics/1722371100000/	68 KB 24 KB	487ms 151ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1722371100000/1694637.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/1694637.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42a6decb5e2ff5840660e2f56fd1693f1c11596385181b8bb214ae22dcc6f479 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:37 GMT x-amz-version-id null content-encoding gzip cf-cache-status MISS x-amz-request-id B206Q0RHBMT3YXK2 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 11e1673d-de2a-4e9e-9336-24c623dc6054 x-envoy-upstream-service-time 29 x-amz-id-2 cLEXjy/6R0yeB00Wq9Q7FGND/U7Y7VurCmFBqBDboosnJDdw0szAC8PAUV5dPQ7LF/S9EaMBoDY= x-evy-trace-listener listener_https x-request-id 11e1673d-de2a-4e9e-9336-24c623dc6054 x-evy-trace-route-configuration listener_https/all last-modified Mon, 29 Jul 2024 20:17:16 GMT server cloudflare etag W/"6d96bd5382b63a8a0697435bfb877db6" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-lw9wf cache-control max-age=300,public access-control-allow-credentials false cf-ray 8ab815ae5b7c8f2d-FRA expires Tue, 30 Jul 2024 20:31:37 GMT
GET H2	200	leadflows.js Show response js.hsleadflows.net/	551 KB 92 KB	516ms 124ms	Script application/javascript	2606:4700::6812:8a11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsleadflows.net/leadflows.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/1694637.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8a11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ Origin https://lws29100qa1.legwork.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:37 GMT x-amz-version-id TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu content-encoding gzip x-content-type-options nosniff via 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 23624d0a-434a-47a1-afdb-e8d10c479595 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8ab815aeaff29956-FRA x-cache Hit from cloudfront cache-tag staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 2 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 23624d0a-434a-47a1-afdb-e8d10c479595 last-modified Tue, 23 Jul 2024 12:57:23 UTC server cloudflare etag W/"b6c788efa3b3fd53687b2c92c85a5a5f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=86400, max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-65f7f7c749-5bdqs cf-ray 8ab815aeaff29956-FRA x-amz-cf-id PgHTYBqyeE3diQ3r3C39rD25CH8JLDnvgcAAuRyUZFGKKXp3bU2txQ== x-hs-target-asset lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
GET H3	200	fontawesome-webfont.woff netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/	43 KB 44 KB	122ms 107ms	Font font/woff	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 Requested by Host: netdna.bootstrapcdn.com URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css Origin https://lws29100qa1.legwork.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 1076 cdn-cachedat 10/31/2023 18:59:39 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 44432 last-modified Mon, 25 Jan 2021 22:04:53 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag "3293616ec0c605c7c2db25829a0a509e" vary Accept-Encoding content-type font/woff access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 531f67bd50c5966fcc4c4761f2b25075 accept-ranges bytes timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8ab815ac7dd82c16-FRA cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	208 KB 75 KB	31ms 29ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-57928460-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ed8c6e5c99c2f6177824cf143c21ad7e6cd8ff9cd672155887075a9a30c1c459 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76575 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Jul 2024 20:26:36 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	258 KB 90 KB	30ms 30ms	Script application/javascript	142.250.185.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6816Q97LSY&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-57928460-1&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.168 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f8.1e100.net Software Google Tag Manager / Resource Hash 3513b5001385ffd11ceff0bc6c1c3916cb3ec51a47323649814b0add7a7758e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92376 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Jul 2024 20:26:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	108ms 25ms	Script text/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-57928460-1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 30 Jul 2024 19:15:05 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4292 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 30 Jul 2024 21:15:05 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 212 B	16ms 15ms	XHR text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=943136455&t=pageview&_s=1&dl=https%3A%2F%2Flws29100qa1.legwork.dev%2F&ul=de-de&de=UTF-8&dt=Legwork%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=689605428&gjid=2116556765&cid=1521681990.1722371197&tid=UA-57928460-1&_gid=23425497.1722371197&_r=1&gtm=457e47t0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&jsscut=1&npa=1&z=488714694 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 30 Jul 2024 20:26:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lws29100qa1.legwork.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	46ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-6816Q97LSY&gtm=45je47t0v9125877999za200&_p=1722371196797&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1521681990.1722371197&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722371197&sct=1&seg=0&dl=https%3A%2F%2Flws29100qa1.legwork.dev%2F&dt=Legwork%20Login&en=page_view&_fv=1&_ss=1&tfd=1981 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6816Q97LSY&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 30 Jul 2024 20:26:37 GMT server Golfe2 content-type text/plain access-control-allow-origin https://lws29100qa1.legwork.dev cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	549ms 134ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=1694637&pu=https%3A%2F%2Flws29100qa1.legwork.dev%2F&t=Legwork+Login&cts=1722371197578&vi=bfb32463104a64cd2fdff4216422b8f0&nc=true&u=183362873.bfb32463104a64cd2fdff4216422b8f0.1722371197575.1722371197575.1722371197575.1&b=183362873.1.1722371197575&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 12278b97-fd3f-40d6-a60f-ec02831ad7d7 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 7 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 12278b97-fd3f-40d6-a60f-ec02831ad7d7 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lX6Ci6zEDHHwvuDRisq0hQflwoWZ8xQy01AFBIk8UXv2O1m2bfC1QEofcwu0DS0CbSLrd1fL53bcLgC%2FOFa5vAXBPJPvXeH%2B4lOvfAwR1uLfUIB6gzgrqPDelnXX%2FVuRsAwzn%2BKBjesf1xI3cIpV"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-756b8c8b56-d65qg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 8ab815b37cb0362a-FRA x-robots-tag none
GET H2	200	json Show response forms.hubspot.com/lead-flows-config/v1/config/	177 B 1 KB	611ms 188ms	XHR application/json	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1694637&utk=bfb32463104a64cd2fdff4216422b8f0&__hstc=183362873.bfb32463104a64cd2fdff4216422b8f0.1722371197575.1722371197575.1722371197575.1&__hssc=183362873.1.1722371197575&currentUrl=https%3A%2F%2Flws29100qa1.legwork.dev%2F Requested by Host: js.hsleadflows.net URL: https://js.hsleadflows.net/leadflows.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16799819ef6e9869cd53ba46714c8062a6e0c4c07a32de02990b59b2e3eae968 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 4b4cd71c-c058-483f-9a35-4b678ff7bfc8 content-encoding br x-envoy-upstream-service-time 42 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 4b4cd71c-c058-483f-9a35-4b678ff7bfc8 server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://lws29100qa1.legwork.dev x-evy-trace-virtual-host all cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-776cb5686f-m98d8 access-control-max-age 180 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcGcnvO7%2F6k9xUoE6XMDovMHN%2BfGsAhCirYg4dgKCaTZ8JnMyKWLaBhKB395T1mnavuEdl%2BQvHmSjM7p8lTwErHwuH47yg2obrcCJxMbDSG4v9Ims5HbqCPZTSC6wDAWwQLalGZ1sE%2FeFDfiWK32"}],"group":"cf-nel","max_age":604800} x-robots-tag none access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 8ab815b38b5b18dd-FRA
GET H2	200	favicon.ico lws29100qa1.legwork.dev/	4 KB 893 B	161ms 160ms	Other image/x-icon	34.54.28.225 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://lws29100qa1.legwork.dev/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.54.28.225 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 225.28.54.34.bc.googleusercontent.com Software nginx/1.10.3 / Resource Hash 4406eb823f4ece4e843cf7aefbff00fc2966d3af2063f61cada19abcf89b28ac Request headers Referer https://lws29100qa1.legwork.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 20:26:38 GMT content-encoding gzip via 1.1 google server nginx/1.10.3 etag "1a54fd234751e324754780f657a90a2fd8d5c76f" vary Accept-Encoding content-type image/x-icon cache-control max-age=3600, private content-disposition inline; filename="favicon.ico" accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Jul 2024 21:26:38 GMT

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| showLoginForm function| showForgotPasswordForm function| clearFormMessages function| toggleResetPassword function| submitFormOnEnter function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| _hsp string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lws29100qa1.legwork.dev/	1970-01-20 22:26:47	Name: lwsid Value: s%3AqOIy4KrRQA8nPqP%2F8T45rzu5.ebxGWiXOoqjSsyEyszD96%2FROl5FIN2JEjWdmDg3uCxE
			.legwork.dev/	1970-01-20 22:27:37	Name: _gid Value: GA1.2.23425497.1722371197
			.legwork.dev/	1970-01-20 22:26:11	Name: _gat_gtag_UA_57928460_1 Value: 1
			.legwork.dev/	1970-01-21 08:02:11	Name: _ga_6816Q97LSY Value: GS1.1.1722371197.1.0.1722371197.0.0.0
			.legwork.dev/	1970-01-21 08:02:11	Name: _ga Value: GA1.1.1521681990.1722371197
			lws29100qa1.legwork.dev/	1970-01-21 02:45:23	Name: __hstc Value: 183362873.bfb32463104a64cd2fdff4216422b8f0.1722371197575.1722371197575.1722371197575.1
			lws29100qa1.legwork.dev/	1970-01-21 02:45:23	Name: hubspotutk Value: bfb32463104a64cd2fdff4216422b8f0
			lws29100qa1.legwork.dev/	1969-12-31 23:59:59	Name: __hssrc Value: 1
			lws29100qa1.legwork.dev/	1970-01-20 22:26:12	Name: __hssc Value: 183362873.1.1722371197575
			.hubspot.com/	1970-01-20 22:26:12	Name: __cf_bm Value: 7eux0nwjRP2lKF9Gd19ZdUtEfpr5rXVSE57xnRvj6OM-1722371198-1.0.1.1-YeBmexAOy3K1ZaLxkUrreR2pTmoZfrcieDh44PAcuahfC8dD0FN3Lj77bFjB8u8kflsMeFL9gDQyOXvJt7omKA
			.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: G1T1kIQ_x0cDLKX3MXCTcNc1UxuQ4EOlhP6CP3Vp2r4-1722371198125-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://lws29100qa1.legwork.dev/ Message: [DOM] Found 2 elements with non-unique id #email: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://lws29100qa1.legwork.dev/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forms.hubspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
lws29100qa1.legwork.dev
netdna.bootstrapcdn.com
region1.google-analytics.com
static.lwcrm.com
static.lws29100qa1.legwork.dev
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
104.18.11.207
142.250.185.168
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:7574
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6812:8a11
2a00:1450:4001:811::200e
2a00:1450:4001:81d::2008
34.54.28.225
35.185.195.91
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
16799819ef6e9869cd53ba46714c8062a6e0c4c07a32de02990b59b2e3eae968
1e3b05336944dc8257502af3b9d063bd66295c799afe9ae1368eddfb4db6e250
22d3d9e6a705da95c48fe31e8e4ca1fc276d6c7f19b96347c38046d421f64337
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3513b5001385ffd11ceff0bc6c1c3916cb3ec51a47323649814b0add7a7758e4
42a6decb5e2ff5840660e2f56fd1693f1c11596385181b8bb214ae22dcc6f479
4406eb823f4ece4e843cf7aefbff00fc2966d3af2063f61cada19abcf89b28ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ecf5371010952dd33a82600fa6a50e754ab01c61afe6dbc006a67ab3e9ba200
81fa5159e481cee69688348f5e5a23b22f828712149fb59315cefbbbbf8d806e
89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079
daf9bcba93a2a05b6fd85a687ef5136a96ce13b6c72a0961d4a58c951dfa614e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ed8c6e5c99c2f6177824cf143c21ad7e6cd8ff9cd672155887075a9a30c1c459
f8cd3475a731f0c0db0690543f0c30ec95f7f1b3fb7b633e0e67395cfae7f310