beswicks.legl.com Open in urlscan Pro
2606:4700:20::ac43:47d9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beswicks.legl.com/
Effective URL:
https://beswicks.legl.com/pay/checkout/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On July 12 via api (July 12th 2023, 8:41:59 pm UTC) from DE — Scanned from DE

Summary HTTP 52 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 52 HTTP transactions. The main IP is 2606:4700:20::ac43:47d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is beswicks.legl.com.
TLS certificate: Issued by E1 on July 12th 2023. Valid for: 3 months.

This is the only time beswicks.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 20	2606:4700:20:... 2606:4700:20::ac43:47d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6812:9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	54.73.53.134 54.73.53.134	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	44.241.244.122 44.241.244.122	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	13.224.189.49 13.224.189.49	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	52.1.54.87 52.1.54.87	() ()
52	17

1 2606:4700:20::681a:178 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

beswicks.legl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::ac43:47d9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

beswicks.legl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9b2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

js.banked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

crowdjustice.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.53.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

legl-posthog.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.244.122 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-244-122.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o557392.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
o32237.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-49.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.54.87 (None, )

ASN- ()

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	legl.com 3 redirects beswicks.legl.com	177 KB
8	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 535	25 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1911 q.stripe.com — Cisco Umbrella Rank: 13866 m.stripe.com — Cisco Umbrella Rank: 1737	145 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3347	210 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2743 api-iam.intercom.io	5 KB
2	sentry.io o557392.ingest.sentry.io o32237.ingest.sentry.io	642 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2053	16 KB
2	herokuapp.com legl-posthog.herokuapp.com	36 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	2 KB
2	banked.com 1 redirects js.banked.com	159 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 331	466 B
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4934	28 KB
1	imgix.net crowdjustice.imgix.net	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	30 KB
52	15

	Domain	Requested by
21	beswicks.legl.com	3 redirects beswicks.legl.com
8	js-agent.newrelic.com	beswicks.legl.com
3	q.stripe.com	beswicks.legl.com
3	js.stripe.com	beswicks.legl.com js.stripe.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	legl-posthog.herokuapp.com	beswicks.legl.com js.banked.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	beswicks.legl.com
2	js.banked.com	1 redirects beswicks.legl.com
1	api-iam.intercom.io	js.intercomcdn.com
1	bam.nr-data.net	js.banked.com
1	widget.intercom.io	beswicks.legl.com
1	o32237.ingest.sentry.io	browser.sentry-cdn.com
1	o557392.ingest.sentry.io	js.banked.com
1	m.stripe.com	m.stripe.network
1	browser.sentry-cdn.com	beswicks.legl.com
1	crowdjustice.imgix.net	beswicks.legl.com
1	code.jquery.com	beswicks.legl.com
52	19

This site contains links to these domains. Also see Links.

Domain
beswicks.com
legl.com

Subject Issuer	Validity	Valid
beswicks.legl.com E1	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-28` - `2023-09-30`	3 months	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://beswicks.legl.com/pay/checkout/
Frame ID: 7FA291E2E250A6ACF36D1029A3E2978D
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: D7CAAE378AAD50BBB866A9643D60188A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 37F1EE7164FCE6B68CA7430C63B86E9C
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.9ff95336.js
Frame ID: 44F9B95064D3D3A6F4E4707CEB24D4F4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout - Payments

Page URL History Show full URLs

http://beswicks.legl.com/ HTTP 301
https://beswicks.legl.com/ HTTP 302
https://beswicks.legl.com/pay/ HTTP 302
https://beswicks.legl.com/pay/checkout/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

98 %
HTTPS

44 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

881 kB
Transfer

3100 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://beswicks.com/
Title: beswicks.com

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use/
Title: terms

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beswicks.legl.com/ HTTP 301
https://beswicks.legl.com/ HTTP 302
https://beswicks.legl.com/pay/ HTTP 302
https://beswicks.legl.com/pay/checkout/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://js.banked.com/v3 HTTP 301
https://js.banked.com/v3/

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beswicks.legl.com/pay/checkout/
Redirect Chain

http://beswicks.legl.com/
https://beswicks.legl.com/
https://beswicks.legl.com/pay/
https://beswicks.legl.com/pay/checkout/

48 KB
17 KB

118ms
118ms

Document
text/html

2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86ebab457dd17330fc3ec76af925934fce6f2cb22a72d2e6b258868442a201da

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e5c1c11df77923b-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 12 Jul 2023 20:41:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSnv%2FoN8X4sX4T5RcWIkStz4ismnXwbtO4Y3EI16ZESvElyJEkzn8QfQ3FbtSBJzf6PHGtAOe4cSoKzipllHWPi53giCoxp0zbHey31clxQe1C%2BcC15Y9k2005Qikg%2F9O8jl2DhyygmY6giqWprY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e5c1c116f1f923b-FRA
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Wed, 12 Jul 2023 20:41:54 GMT
location: /pay/checkout/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deuD6kvdlJrUe5tRlxcHr9mo4n7GJyW%2FfTPy7rAVhXbtcPegcCDQT64bfk8tq2sM9smTbgHA9rudSGFzwqsObnwWIdRsVQefGldtUsrxFJlKBAq%2BAqvIHTGuruHhGwpcy38pvmFUEA49Dejy66dz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie
via: 1.1 vegur
x-content-type-options: nosniff

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 68ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
x-hw: 1689194514.dop131.am5.t,1689194514.cds220.am5.hn,1689194514.cds312.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 / Show response
js.stripe.com/v3/ 506 KB
141 KB 38ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

91446af8650b5df7e0578f32e9b8996206d1114317056f99b40a823bfd34d308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 20:41:54 GMT
via: 1.1 varnish
age: 10
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 143645
x-request-id: 23ea7095-feae-4a62-9b93-bc46a4889177
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Wed, 12 Jul 2023 17:58:21 GMT
server: Fastly
etag: "885c98cf89560c54df1a21715634390d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2

200

/ Show response
js.banked.com/v3/
Redirect Chain

https://js.banked.com/v3
https://js.banked.com/v3/

767 KB
158 KB

55ms
55ms

Script
application/javascript

2606:4700::6812:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.banked.com/v3/

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Server

2606:4700::6812:9b2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

af3fa583b95fdbfc1b71a9317ca63012996aa758acabe0e2734ceacd572d5afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 03 Jul 2023 13:59:30 GMT
server: cloudflare
content-encoding: gzip
x-powered-by: Express
etag: W/"bfcc5-1891c0d21d0"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 7e5c1c146a364d3e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 12 Jul 2023 20:41:54 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: /v3/
cf-ray: 7e5c1c1409c44d3e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fonts.256cad8881d0.css
beswicks.legl.com/static/css/ 2 KB
965 B 129ms
128ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681d-96e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsKGwiocgZDCldiHlfVqPsZlyUhk8FdXylKdEbrcppwsXzpsi4rauNaSJT1adWxNXeACK1NpjRUUG%2Frtd2AexNXX7w5lM%2Ft569mPhL%2BX6Ie5XpEbcox7FH5EQPYCHHlyozkO%2FO0eq0heLJFfhkHM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c12f893923b-FRA

GET
H2 200 legl-icon.11118d854b30.css
beswicks.legl.com/static/icons/ 62 KB
6 KB 184ms
183ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681d-f9f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxwSPsfub0V9EvRIbRf9jD4yhtJqNcvVFL0i4PxpzUSZzWZC%2Ftn3svk2kl3Ynh6LiqW7K5JflKrykC%2FzJUroUvLczY%2BRFlMDZ0yFIsZG0m2uQNpRFEjG4aZUiFq4roA3L%2BmTlU18dsa0PNSfk04q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c12f894923b-FRA

GET
H2 200 lds-icon.c4a886798fb7.css
beswicks.legl.com/static/lds-icons/ 4 KB
1 KB 136ms
136ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/lds-icons/lds-icon.c4a886798fb7.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bc95f65c47f5295471b24e418f47517af9c336e0e19338fd2b13f7b3e0b88ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681d-f44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi0O6UN2bfJfgj6Lw8mjkQy9MJjvvOQu8QFfBZNNh4yHLqqWQzrIW1659vOrUTcakX0fJVbPEAK%2BLFzIJZV%2BMnoFuB6PdHj6%2BVuGkK3aZwJFxIWNwORR0%2FhpY9vYtVPzimLsFm84%2BVMmUTSabE5G"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c12f895923b-FRA

GET
H2 200 pay-f0227239a0d19cf0caa4.bundle.bd23c0bf7cb1.css
beswicks.legl.com/static/webpack_bundles/ 19 KB
4 KB 165ms
165ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.bd23c0bf7cb1.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681d-4a4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMCJ1N2iqPl9Y2TtSolu2foLN1SE0t7peiXi9EtLZ7v6DpBuAM1pvQCNDsfYz35EWlwKOWDiQ%2FjkjEq7WN1SknAwjTYA1qsqCNF4m7K%2BFI1NEbinl0IE4byraDCcpxgnJ3s%2BRiVyf9X4qQrrvlab"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c12f897923b-FRA

GET
H2 200 beswicks_logo.svg
crowdjustice.imgix.net/company_logos/ 4 KB
2 KB 223ms
190ms Image
image/svg+xml 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crowdjustice.imgix.net/company_logos/beswicks_logo.svg?ixlib=python-1.2.0

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199376
x-cache: HIT, MISS
x-imgix-id: 8f3ba43e3ee42842688f60e3904cd4c7a62116ff
cross-origin-resource-policy: cross-origin
content-length: 1547
x-served-by: cache-sjc10029-SJC, cache-fra-eddf8230046-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 16 Mar 2023 14:03:56 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 verified-by-visa.9476aad90c7a.svg
beswicks.legl.com/static/payments/img/color/ 5 KB
2 KB 149ms
147ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/verified-by-visa.9476aad90c7a.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681c-144e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEriRpR2hJMM9pZ1TkKZfMT1akAkioEKTbV8ywiHVVzr3gtuXuho3KMYu7Uh4AkdkdcsUJrPPOU4eBW%2FSV2fx%2BZyC%2FWp738JF%2FFdqdlKEIcfw9dUn7E%2Btim2qQvl1Qpw%2FcyxE7Ue9Og%2B%2FM94UccK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afca365f-FRA

GET
H3 200 mastercard-securecard.783601069452.svg
beswicks.legl.com/static/payments/img/color/ 13 KB
5 KB 135ms
133ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/mastercard-securecard.783601069452.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681c-3223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBSiXxB88wYy4eo8wEF2dNgjwLRxWZ%2BfTYF6o1lXyoK3SDNQrpeu8h3xh5QNUG7uzxTmzQBEYY6zYiy%2FRMPuxUbDoAZTqYJ06vp2FTuhijNps9kGgEmNwhdByk9l8OQnnSHpZkLpLpZj3iiiwYR9"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afcb365f-FRA

GET
H3 200 secured-by-legl.58640b8dd409.svg
beswicks.legl.com/static/payments/img/color/ 12 KB
5 KB 141ms
140ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/secured-by-legl.58640b8dd409.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681c-2ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7G739yYCNEcAwEXvEv9aiJxg8aP1IhqSVVTE1BmwQ7gIY12o5RsOh8LzHnt5xOg7kzmP0jWLf0epug36b9Uw9Ghe7wGXXZSqy8vF1tqMOLIWbiqUtK2K7pmBDE0X8nHxBKFYq3eimc0t%2BSs5H%2FEh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afcd365f-FRA

GET
H3 200 warning-triangle.e5d88151e287.svg
beswicks.legl.com/static/payments/img/ 2 KB
1 KB 157ms
155ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/warning-triangle.e5d88151e287.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681c-62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl2vvSN3h%2BoDJAiPztlDQRfhpVtvqtY%2BAMQ2WHeHx6tfSV5S86kNvjViBjkWVwvW4JLcp8kBKotOfAAl76EvHx47BXUUJ0d%2Buva0flgm1bZaDPnJVwDvZbUgStdQQoiinGbZuJLFdT62H%2Brl8EMQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afce365f-FRA

GET
H3 200 secured-online-payment.3d1a4939d65c.svg
beswicks.legl.com/static/payments/img/ 4 KB
2 KB 147ms
145ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/secured-online-payment.3d1a4939d65c.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681c-fe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU08zrvzS5Si4l8JzLFgDgOQHn4RXhRVChMpzx4yNJ6sG0VodaJ4aP85M7pf99YRWls8VUHWzgK6elwwcre0hC%2B940KH5IuMlE9zh7sjHdfvkSdyOyJOS1xuNuGFPjpFfkxCBBI4%2F7IE3sUH9lHD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afd0365f-FRA

GET
H3 200 email-decode.min.js Show response
beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
17ms Script
application/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 15:32:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a82ff0-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1p3%2B1F41xp%2B3577cObryfG0csdYOhfopAayH%2BPI%2Ber2K5Cf%2BVIJZe1rTUndviZmQslHSLgx0xWKNpermfkpaVYFVnLiK5cw6OilLmLJ6yM0UwVjs%2FB9kCxElTrxxmsRyx6nrhYzwNNYQH9Q9xIrS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e5c1c13afc3365f-FRA
expires: Fri, 14 Jul 2023 20:41:54 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.2.3/ 89 KB
28 KB 27ms
8ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://beswicks.legl.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 19 Mar 2021 18:16:34 GMT
server: Fastly
age: 1340635
etag: "44bea9771dbc4ce7cb75efc4b8a39dd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27994
expires: Wed, 26 Jun 2024 08:18:00 GMT

GET
H3 200 pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js Show response
beswicks.legl.com/static/webpack_bundles/ 290 KB
70 KB 236ms
234ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b307731846dbaf926d43364a8629766b29d74228480e59893c4ea1b2fffd400e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:54 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:17 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681d-488c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V0uts5DrYPpgQv4Upiqpz4BZ%2FKvLThK%2BviZcwRqB7gofnoy58fBFTNTT8bzuPIsPxSznbTXLjEtEbqWyjf4q2cpNe5tqUHUcXKeQR%2F1OCxUEE7xb1o1sqHfJTGwrvOad2kFCurEvZhfIDM%2BczUp"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7e5c1c13afc7365f-FRA

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 375ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44a3c2bfdcaa07c6e1398fd97ca82292eedec49c5c76a5d2ff7bfc3c677953ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 20:41:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jul 2023 20:41:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
491 B 375ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jul 2023 20:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 20:41:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jul 2023 20:41:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 363609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 15:41:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 148ms
69ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 371444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 13:31:10 GMT

GET
H3 200 legl-icon.d254260158ba.woff2
beswicks.legl.com/static/icons/ 22 KB
22 KB 150ms
150ms Font
font/woff2 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/icons/legl-icon.d254260158ba.woff2?e5283ed51cd54ef164f11b492e4f92c1

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400
content-length: 22124
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "64ae681c-566c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7CWvJavIKbnsvvpOXPUnYJnkdnBBIbvu42o4eiWe0s%2BW5pSvha9KsxtRXXSerRnEbmJxWlYSSeibZr2ye%2FK0ztSFebRIs408G26XpNd6Ns3XjcTBVcV1xfqSzn7ykwTNHvmhbddrA6meqiejYLG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7e5c1c162b5f365f-FRA

GET
H/1.1 200
OK array.js Show response
legl-posthog.herokuapp.com/static/ 118 KB
36 KB 1253ms
122ms Script
text/javascript 54.73.53.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/static/array.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 12 Jul 2023 20:41:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 31 May 2023 18:15:11 GMT
Server: gunicorn
Via: 1.1 vegur
Etag: "64778eaf-1d8af"
Vary: Accept-Encoding, Cookie
X-Frame-Options: DENY
Content-Type: text/javascript; charset="utf-8"
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public
Connection: keep-alive
Content-Length: 36084

GET
H3 200 2180-f0227239a0d19cf0caa4.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 24 KB
9 KB 152ms
152ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/2180-f0227239a0d19cf0caa4.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b660824bb26529bee2e50aaa0a0aedac26304a7ff510baf9bbed7bf2ff98786

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:15 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681b-5ff8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTv%2BxYrXtX0uq6C9KKHm9wI7O250Y7pKxvIU9rv5N3Uctveblc9Ygf1z3hpwPY4zDpd2tPPkjJpO7dLfhumBzMx9KVDvey4uxCEouXc4WE6cQkn1R9C%2F4BwqoIdH5l%2BKC3EqWUrreRxjimFQY8hw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7e5c1c169bf3365f-FRA

GET
H3 200 1400-f0227239a0d19cf0caa4.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 36 KB
9 KB 159ms
158ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/1400-f0227239a0d19cf0caa4.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9474959fc6dab942a99b11234c456ec90ab70c7f08037bb05dfa2dd8fd2ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:15 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681b-911b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pApETGd87Ny9ctD9MPgPpQp7MRv0fEn8IbR8RMlQbAUSF%2BHzgxjZBw%2Bugx%2BKTI%2Bcbp8ovoBjigyfoOXBm1sW9SuXo%2B30RBOwNhXai94BELMj9iT2FgkHkaOpGmUSJj64LzNzxVEnL5NPmStmkN7J"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7e5c1c169bf5365f-FRA

GET
H3 200 6256-f0227239a0d19cf0caa4.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 32 KB
7 KB 156ms
156ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/6256-f0227239a0d19cf0caa4.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c423cb356a2a515be3c02e4e02f163cb9868bc053c877e6186bebd2c6752175

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:15 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681b-818b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfJ4vcSujNm81IiCHPGIy4tiofkFiBPkU16wvAThL%2FtsG5wwh8UcPSm6ggPeEMhYyZRiZYtWl9YLiJjwiqdBH60%2FA70o1soOHhYGruosgR1XJye%2Fwhnv5AQjTdB%2FFEM1D6gSnMyFVf6wk2Xmy%2BAj"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7e5c1c169bf7365f-FRA

GET
H3 200 lds-icon.c3c891278b5b.woff2
beswicks.legl.com/static/lds-icons/ 9 KB
9 KB 126ms
126ms Font
font/woff2 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/lds-icons/lds-icon.c3c891278b5b.woff2?271db65c401ce5d4b35056310d4606c5

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/lds-icons/lds-icon.c4a886798fb7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb8cdeceb2dc2be70b854c8f4b5bc44e5bfd70f69a5dcb2ebc95378ca583ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/static/lds-icons/lds-icon.c4a886798fb7.css
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400
content-length: 8716
last-modified: Wed, 12 Jul 2023 09:45:16 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "64ae681c-220c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMEn%2BQBWRGDpNJrKJ7wZWY1qEWX4pUsZpjeicN6SqY%2Bq1w8fzAhc8MEeOZTANlHuQwdYgOZ3vQDn1HMS3tb4B0WXZHF4DXM1my2tqR09r6KHX5NWMMCcvPrfT%2FqwHISTO9MgGqrVM15fDcuVcpDc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7e5c1c16cc50365f-FRA

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame D7CA 200 B
811 B 8ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16406967
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 20:41:55 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 283119
x-content-type-options: nosniff
x-request-id: 7028ca1f-f3c8-4885-903d-41b6a786e82e
x-served-by: cache-fra-eddf8230133-FRA

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D7CA 631 B
532 B 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Jul 2023 20:41:55 GMT
via: 1.1 varnish
age: 2935601
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396
x-request-id: 3f5428e0-c064-4652-b2c4-b2e4e1018165
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Thu, 08 Jun 2023 20:06:50 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 267690

POST
H2 200 csp-report
q.stripe.com/ Frame D7CA 0
717 B 554ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689194515516737
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689194515516062
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D7CA 0
717 B 554ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689194515517007
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1689194515516159
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 37F1 930 B
1 KB 123ms
116ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 12 Jul 2023 20:41:55 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 54
x-content-type-options: nosniff
x-request-id: 8694669b-9fa9-4d3b-8740-539f4af5ba63
x-served-by: cache-fra-eddf8230133-FRA
x-timer: S1689194515.090553,VS0,VE0

GET
H3 200 6429-f0227239a0d19cf0caa4.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 4 KB
2 KB 124ms
124ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/6429-f0227239a0d19cf0caa4.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-f0227239a0d19cf0caa4.bundle.3068526c005f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67bbdc9c8c3878096e33d2b2fa0ccbe1b66e71bd8829064e34969f3ade8e417

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 09:45:15 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64ae681b-e5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQ%2BB1H0aQtHTnWH0P7Oy6CzytWqfa%2Bw81C%2FUUyjhZZ7lVARw7eU7g4RIlBE9VJrUx2WlPgo0722tc5sbvJHbTmXdfBgzLQ0J%2FDq2gjuuWsi5KLTvtm4aNaYSAp3XgpZ7PQlluDgAUVZZzdfL9aSL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7e5c1c17adfb365f-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 37F1 0
492 B 422ms
182ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689194515516348
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1689194515516099
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 37F1 87 KB
15 KB 16ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 12 Jul 2023 20:41:55 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 25
x-cache: HIT
content-length: 15509
x-request-id: e8abbb3a-84a3-4f4d-af18-f55bd45103ce
x-served-by: cache-fra-eddf8230133-FRA
server: Fastly
x-timer: S1689194515.189848,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 28

POST
H2 200 6 Show response
m.stripe.com/ Frame 37F1 156 B
669 B 554ms
184ms XHR
application/json 44.241.244.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.244.122 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-244-122.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

271436cd7dad8dab45bd22d170924d688784b1e563e882b6154b24bcab1cbfda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 12 Jul 2023 20:41:55 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1689194515736309
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1689194515735895
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 / Show response
o557392.ingest.sentry.io/api/6734447/envelope/ 41 B
341 B 1108ms
34ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6f9c03d768c7aef15400534b0fe18c8878968da4d4c51ddc3dbde5811d8cf2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H/1.1 200
OK / Show response
legl-posthog.herokuapp.com/decide/ 193 B
654 B 56ms
55ms XHR
application/json 54.73.53.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/decide/?v=2&ip=1&_=1689194516228

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 12 Jul 2023 20:41:56 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://beswicks.legl.com
Vary: Cookie
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 193

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 2 B
301 B 120ms
24ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 107ms
15ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGF3EKJ20GJ2M0B
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1418
x-amz-id-2: 7Bnp/acDFEVPOk4KkO8G7KCaEAPmVl9BEz+T2W3GECp7L6ot5oleCbOlovAlxmFTFBTt4vF0h30=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.355187,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7748

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
5 KB 107ms
16ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG37M53ZHPNPYPQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5273
x-amz-id-2: gv55Gg66aMmrHkB8Fge6lNpTz6cyGgp4g3hGLfVUoXX8Ywtm0u+nP7Cq83BuwsuHuDSgB7+4MC4=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.355144,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 589

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
1 KB 106ms
15ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: F0T0KRXCF42HDR2X
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 677
x-amz-id-2: chmyyZ+gRR6zkYZ+3vMJ32qO1vXfDlOxAuZMMzIY+AS2GnAwDXG8hGK8xI4QRjD1cmRKC3VRKOI=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.355638,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7127

GET
H2 200 smi9tjbm Show response
widget.intercom.io/widget/ 7 KB
3 KB 101ms
10ms Script
application/javascript 13.224.189.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/smi9tjbm
Requested by: Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-49.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13b91916f718b98a5982418868c5a1957febe35307eea9cb6800655ef3d809b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: eQc.YrvE1GOWrVlz6BD5g2biN7E7qF8T
content-encoding: gzip
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 20:28:20 GMT
x-amz-cf-pop: FRA2-C1
age: 888
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2678
last-modified: Wed, 12 Jul 2023 14:00:20 GMT
server: AmazonS3
etag: "af8ef3399b55062335421076e64384d1"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: Ny0klJspRvOew1kn2dPgV25xnmViRijYR9x9U5AiauW_7vt72cnqTQ==

GET
H2 200 frame-modern.9ff95336.js Show response
js.intercomcdn.com/ Frame 44F9 485 KB
136 KB 289ms
11ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.9ff95336.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9b4eeafb9307bcc4acf6d376b3584c8f737d743283892f69b29075e249a91af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: sVJFcvnY_cUUr1TbT91kUFHNN2P5xleC
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 20:00:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 138163
last-modified: Wed, 12 Jul 2023 13:58:32 GMT
server: AmazonS3
etag: "2e0cf2359fb0200845dbeaa267f3e698"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Hw74rnhVlPH3PzouEAcFtRp6FjmDXGNRbm3lpdrF2dP5pUcsyaKjuw==

GET
H2 200 vendor-modern.a16075a9.js Show response
js.intercomcdn.com/ Frame 44F9 241 KB
75 KB 311ms
33ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a16075a9.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ZRpyfRbVDp25jD6RjRF9edQqhOmAQ1i0
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Wed, 12 Jul 2023 18:51:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6621
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 75744
last-modified: Thu, 06 Jul 2023 10:47:54 GMT
server: AmazonS3
etag: "de7446f5260b9a6b1464b6bb2aa48747"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: vaj_N5gSC7lZHI5FWMupGa767w15ak3cWQbxOpO0DKvuBWvAfBdT4A==

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
883 B 8ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGDKDYAMFQT6R5V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 435
x-amz-id-2: xrQ60wqPVy7njbGQJaMAoxW1ZbXN7jToII+PgtVwmYfznO3vHvTB0zXoVanUjEaGc5Y6C1AIk5c=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.381264,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 582

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 8ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEGCSGC0W9EB60VT
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3249
x-amz-id-2: RnX/69X59j0YEmOJZIej61dk2R6E0i47JxJl2JtlBTegNG/hLBJslK0O+SoecA24IzWGVFxnPg0=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.391565,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6538

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 9ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG0G20JAAY1G1GR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4102
x-amz-id-2: ZmI1+PZGzHgg/9HTiUZurwSqPtQNpHBccTB2Chdf6IKRzVHz3wtddTZoDy1FX7PpqNnW+ncvqWc=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.391777,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 584

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
5 KB 9ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: QEG9E846R1QCFG8V
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5367
x-amz-id-2: VXMN1ilK2pe4fta289xr7NSuAjTDPPdDBLrxuZ6WNJ2P9qLnLApxA5pESOv4R5er+ii418WL2hI=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.391828,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 583

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 10ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding: gzip
via: 1.1 varnish
date: Wed, 12 Jul 2023 20:41:56 GMT
strict-transport-security: max-age=300
x-amz-request-id: T9WATCNZXDW4W0PE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2880
x-amz-id-2: JlOL3h6YW9l3T5Wv3UIKced+6cWRgJjfCT3Vya4XA1nU1Xlf0KKGjRI7kguETxTd+dI2djlaEAs=
x-served-by: cache-fra-eddf8230082-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1689194516.392101,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6141

POST
H/1.1 200
OK 6735f40c76 Show response
bam.nr-data.net/1/ 40 B
466 B 335ms
262ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6735f40c76?a=15255801&v=1.236.0&to=ZFZbbRNTXBUHARIPWV0cf0wPUUYPCQxJFkRcWVxaFUEcFgcbSBZXSl5cVxVBHBAPBxEVGFBfUFwPRgglDgcFDVlGR29QBEUcAQMW&rst=2824&ck=0&s=dc2462e236af4506&ref=https://beswicks.legl.com/pay/checkout/&ap=73&be=746&fe=1925&dc=697&perf=%7B%22timing%22:%7B%22of%22:1689194513587,%22n%22:0,%22f%22:628,%22dn%22:628,%22dne%22:628,%22c%22:628,%22s%22:628,%22ce%22:628,%22rq%22:628,%22rp%22:746,%22rpe%22:769,%22di%22:1441,%22ds%22:1441,%22de%22:1443,%22dc%22:2667,%22l%22:2667,%22le%22:2671%7D,%22navigation%22:%7B%7D%7D&fp=1343&fcp=1343
Requested by: Host: js.banked.com
URL: https://js.banked.com/v3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 12 Jul 2023 20:41:56 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://beswicks.legl.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7e5c1c200c7b2c45-FRA
Content-Length: 40

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 44F9 4 KB
2 KB 706ms
483ms XHR
application/json 52.1.54.87

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.9ff95336.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.1.54.87 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a7f3536cd1b3b91919bdec7161a82dffaecd344ce73d404bd56c2f757adfbfd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 12 Jul 2023 20:41:57 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-09843e20bb945f6e1
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00034s3qsu8mufu68ag0
x-runtime: 0.346121
server: nginx
etag: W/"a7f3536cd1b3b91919bdec7161a82dff"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicks.legl.com
x-intercom-version: 3612871deb2a21e2b939c99f7f1507506f54da9e
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beswicks.legl.com/	1970-01-20 21:57:24	Name: csrftoken Value: VOszczWJMV0B3zOgt7LgweckuM3eiTvN
m.stripe.com/	1970-01-20 22:49:14	Name: m Value: 20a04c43-0e8f-4c45-a723-776608ad4b84d84758
.beswicks.legl.com/	1970-01-20 21:58:50	Name: __stripe_mid Value: 9eb1d546-d9e7-4771-925a-23cb3d2801a7d2102e
.beswicks.legl.com/	1970-01-20 13:13:16	Name: __stripe_sid Value: 501f0aba-eb4e-476c-a6c0-69eee9ab17ee50dad2
.legl.com/	1970-01-20 21:58:50	Name: ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog Value: %7B%22distinct_id%22%3A%221894bd6cf018be-06a564b70b51a-6a335054-1d4c00-1894bd6cf02d7a%22%2C%22%24device_id%22%3A%221894bd6cf018be-06a564b70b51a-6a335054-1d4c00-1894bd6cf02d7a%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
.legl.com/	1970-01-20 19:42:04	Name: intercom-id-f4wk485h Value: a4508a8b-c88a-442e-934e-84da4cd5990f
.legl.com/	1970-01-20 13:23:19	Name: intercom-session-f4wk485h Value:
.legl.com/	1970-01-20 19:42:04	Name: intercom-device-id-f4wk485h Value: 96a61720-e19f-4560-9bf3-ef152d554455

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://beswicks.legl.com/pay/checkout/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam.nr-data.net
beswicks.legl.com
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.banked.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
o557392.ingest.sentry.io
q.stripe.com
widget.intercom.io
13.224.189.49
151.101.130.137
151.101.192.176
162.247.241.14
18.66.147.3
2001:4de0:ac18::1:a:1b
2606:4700:20::681a:178
2606:4700:20::ac43:47d9
2606:4700::6812:9b2
2a00:1450:4001:801::2003
2a00:1450:4001:827::200a
2a04:4e42:8d::720
2a04:4e42::729
34.120.195.249
44.241.244.122
52.1.54.87
54.186.23.98
54.73.53.134
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
13b91916f718b98a5982418868c5a1957febe35307eea9cb6800655ef3d809b4
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
271436cd7dad8dab45bd22d170924d688784b1e563e882b6154b24bcab1cbfda
2c423cb356a2a515be3c02e4e02f163cb9868bc053c877e6186bebd2c6752175
364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a3c2bfdcaa07c6e1398fd97ca82292eedec49c5c76a5d2ff7bfc3c677953ed
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
5bc95f65c47f5295471b24e418f47517af9c336e0e19338fd2b13f7b3e0b88ee
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
6f9c03d768c7aef15400534b0fe18c8878968da4d4c51ddc3dbde5811d8cf2f8
70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7
71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280
7b660824bb26529bee2e50aaa0a0aedac26304a7ff510baf9bbed7bf2ff98786
7f7420399b133e72b82d97986510702d79945995bbdcdf725570eda135b4e89a
86ebab457dd17330fc3ec76af925934fce6f2cb22a72d2e6b258868442a201da
91446af8650b5df7e0578f32e9b8996206d1114317056f99b40a823bfd34d308
914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9b4eeafb9307bcc4acf6d376b3584c8f737d743283892f69b29075e249a91af1
a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7
a7f3536cd1b3b91919bdec7161a82dffaecd344ce73d404bd56c2f757adfbfd0
ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442
adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9
af3fa583b95fdbfc1b71a9317ca63012996aa758acabe0e2734ceacd572d5afb
b307731846dbaf926d43364a8629766b29d74228480e59893c4ea1b2fffd400e
b67bbdc9c8c3878096e33d2b2fa0ccbe1b66e71bd8829064e34969f3ade8e417
b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
dc9474959fc6dab942a99b11234c456ec90ab70c7f08037bb05dfa2dd8fd2ea9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb8cdeceb2dc2be70b854c8f4b5bc44e5bfd70f69a5dcb2ebc95378ca583ede
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

beswicks.legl.com Open in urlscan Pro 2606:4700:20::ac43:47d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

44 %IPv6

15 Domains

19 Subdomains

17 IPs

4 Countries

881 kBTransfer

3100 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beswicks.legl.com Open in urlscan Pro
2606:4700:20::ac43:47d9 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

44 %
IPv6

15
Domains

19
Subdomains

17
IPs

4
Countries

881 kB
Transfer

3100 kB
Size

8
Cookies

52 HTTP transactions
0 data transactions