beswicksclient.legl.com Open in urlscan Pro
2606:4700:20::681a:178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://beswicksclient.legl.com/
Effective URL:
https://beswicksclient.legl.com/pay/checkout/
Submission: On March 29 via automatic, source certstream-suspicious (March 29th 2023, 3:45:47 pm UTC) — Scanned from DE

Summary HTTP 60 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 60 HTTP transactions. The main IP is 2606:4700:20::681a:178, located in United States and belongs to CLOUDFLARENET, US. The main domain is beswicksclient.legl.com.
TLS certificate: Issued by R3 on March 29th 2023. Valid for: 3 months.

This is the only time beswicksclient.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 20	2606:4700:20:... 2606:4700:20::681a:178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
5	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1 2	2606:4700:440... 2606:4700:4400::ac40:9ab6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	54.73.53.134 54.73.53.134	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	52.40.72.233 52.40.72.233	16509 (AMAZON-02) (AMAZON-02)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	13.224.189.74 13.224.189.74	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
6	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
5	3.230.112.183 3.230.112.183	14618 (AMAZON-AES) (AMAZON-AES)
1	15.197.143.135 15.197.143.135	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.32 13.225.78.32	16509 (AMAZON-02) (AMAZON-02)
60	19

20 2606:4700:20::681a:178 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

beswicksclient.legl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9ab6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

js.banked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

crowdjustice.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.73.53.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

legl-posthog.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o32237.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.72.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-72-233.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.230.112.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-112-183.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.143.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: a69d63ecdf0f33068.awsglobalaccelerator.com

downloads.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-32.fra2.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	legl.com 2 redirects beswicksclient.legl.com	179 KB
7	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2734 downloads.intercomcdn.com — Cisco Umbrella Rank: 15628	535 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 m.stripe.com — Cisco Umbrella Rank: 1249	126 KB
6	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2392 api-iam.intercom.io — Cisco Umbrella Rank: 2744	15 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 444	12 KB
2	intercomassets.com static.intercomassets.com — Cisco Umbrella Rank: 18332	15 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	17 KB
2	sentry.io o32237.ingest.sentry.io	408 B
2	herokuapp.com legl-posthog.herokuapp.com	35 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	banked.com 1 redirects js.banked.com	155 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 284	397 B
1	gstatic.com fonts.gstatic.com	44 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4391	28 KB
1	imgix.net crowdjustice.imgix.net	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	30 KB
60	16

	Domain	Requested by
20	beswicksclient.legl.com	2 redirects beswicksclient.legl.com
6	js.intercomcdn.com	widget.intercom.io js.intercomcdn.com
6	js-agent.newrelic.com	beswicksclient.legl.com
5	api-iam.intercom.io	js.intercomcdn.com
3	q.stripe.com	beswicksclient.legl.com
3	js.stripe.com	beswicksclient.legl.com js.stripe.com
2	static.intercomassets.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	o32237.ingest.sentry.io	browser.sentry-cdn.com
2	legl-posthog.herokuapp.com	beswicksclient.legl.com js.banked.com
2	fonts.googleapis.com	beswicksclient.legl.com
2	js.banked.com	1 redirects beswicksclient.legl.com
1	downloads.intercomcdn.com
1	bam.nr-data.net	js-agent.newrelic.com
1	widget.intercom.io	beswicksclient.legl.com
1	m.stripe.com	m.stripe.network
1	fonts.gstatic.com	fonts.googleapis.com
1	browser.sentry-cdn.com	beswicksclient.legl.com
1	crowdjustice.imgix.net	beswicksclient.legl.com
1	code.jquery.com	beswicksclient.legl.com
60	20

This site contains links to these domains. Also see Links.

Domain
beswicks.com
legl.com

Subject Issuer	Validity	Valid
beswicksclient.legl.com R3	`2023-03-29` - `2023-06-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M02	`2023-02-09` - `2023-05-31`	4 months	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
intercom-attachments-10.com Amazon RSA 2048 M01	`2023-02-23` - `2023-09-06`	6 months	crt.sh
intercomassets.com Amazon RSA 2048 M01	`2023-02-23` - `2023-07-16`	5 months	crt.sh

This page contains 5 frames:

Primary Page: https://beswicksclient.legl.com/pay/checkout/
Frame ID: D309C8954727C23FF830DAE3FE27A9BF
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: B67D39DE6D35A7FA4048FDF80A3D780B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D7D116C1E32B7698839D4097F33800B7
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.5a2abcb6.js
Frame ID: E65018AB3B7B6B6D60320C325A7A9B60
Requests: 11 HTTP requests in this frame

Frame: https://downloads.intercomcdn.com/i/o/246680/2e0dcedd411a0fe92e1dc746/7e67e75d88bee3050a8c51f642c24833.png
Frame ID: 956B34A5578F699C07FFCADE96278FEF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout - Payments

Page URL History Show full URLs

https://beswicksclient.legl.com/ HTTP 302
https://beswicksclient.legl.com/pay/ HTTP 302
https://beswicksclient.legl.com/pay/checkout/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

37 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

1198 kB
Transfer

4430 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://beswicks.com/
Title: beswicks.com

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use/
Title: terms

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://beswicksclient.legl.com/ HTTP 302
https://beswicksclient.legl.com/pay/ HTTP 302
https://beswicksclient.legl.com/pay/checkout/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://js.banked.com/v3 HTTP 301
https://js.banked.com/v3/

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
beswicksclient.legl.com/pay/checkout/
Redirect Chain

https://beswicksclient.legl.com/
https://beswicksclient.legl.com/pay/
https://beswicksclient.legl.com/pay/checkout/

55 KB
19 KB

598ms
597ms

Document
text/html

2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6133d94280f15effe878e372848fb3ea7556fb08603952fa93cc485c81507b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7af93dc988d1905b-FRA
content-encoding: br
content-language: gb
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 15:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVC9GGSzhVxaaeVmDvVAHGj9PQ17hXODqLc01CYiWnkOumqgNgeQsEtwwFv1OQReaGDIHRLR2OBYhRhxhIXbHMxWNzku63jeyU6xmtmZwXZw1qPdcGEvYN9nNU21RT5UeWwpr2v28pEZMbMKctmp9TKe4WSd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7af93dc5df9d9b70-FRA
content-language: gb
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 15:45:41 GMT
location: /pay/checkout/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S18tbL7ePhOaObdQCCkX6lM995xb4htoiPFzR4%2BUFILdbVowNQ8bgA3xHlFgotcMAVTR%2BKLE17BRrVUJAqQRNYbXlRcXN2JTanzgQ0s7pC3pe0XdquGNo73i%2FD5kXiKHMZ%2FelsUUszw9EJ4A1yeGAbh6OP2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie
via: 1.1 vegur
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 66ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d84"
vary: Accept-Encoding
x-hw: 1680104742.dop122.am5.t,1680104742.cds149.am5.hn,1680104742.cds312.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 / Show response
js.stripe.com/v3/ 452 KB
122 KB 52ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

560c2de1688ada445c4f12d6cf8586d2c06401766d65af476e04fec25b998cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:45:42 GMT
via: 1.1 varnish
age: 29
x-cache: HIT
content-length: 124526
x-request-id: 48b91286-262a-4cab-9f92-b4556beacadd
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Tue, 28 Mar 2023 20:42:53 GMT
server: Fastly
etag: "069323856fdf327d3a76341b35b32aa1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2

200

/ Show response
js.banked.com/v3/
Redirect Chain

https://js.banked.com/v3
https://js.banked.com/v3/

749 KB
155 KB

63ms
63ms

Script
application/javascript

2606:4700:4400::ac40:9ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.banked.com/v3/

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Server

2606:4700:4400::ac40:9ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0c55510810e485d51fc83d93c90be0eb5b7fb5dc79ce108e8cddf4492f17dbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Mar 2023 15:29:54 GMT
server: cloudflare
content-encoding: gzip
x-powered-by: Express
etag: W/"bb5ac-187143d9950"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 7af93dcf0bd33aa0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 29 Mar 2023 15:45:42 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: /v3/
cf-ray: 7af93dce8b1e3aa0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fonts.e3d21e313d5a.css
beswicksclient.legl.com/static/css/ 2 KB
1 KB 74ms
73ms Stylesheet
text/css 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/css/fonts.e3d21e313d5a.css

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-973"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkxhgTBi5zoO%2B0HWA2QILB%2F%2BRH2iLzhMC1wLM5qGiUOTP%2FDMOEHBJZPiaAztpgUVzkHeDoENNt41CCf903sm%2Bp5RvzRKyMrgaiKNzpZdx30aetKPoDYDXHXCyqu49bncOjdapDBYQdD8aYTPnK45L43bFoYp"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dcd9dda905b-FRA

GET
H3 200 legl-icon.11118d854b30.css
beswicksclient.legl.com/static/icons/ 62 KB
6 KB 164ms
163ms Stylesheet
text/css 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/icons/legl-icon.11118d854b30.css

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-f9f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itH0MkLRliYYP%2FxlnOYKEeA90e2K9D2n5X8%2F4WYRFdZXIO0D0Lxyb%2B1t%2BIcPLEaag463zX3rRlS7wbTDa0vxq2389wRs1krQxXUhmAJp6Jo3UxUeJbHnJIGPDvFIPyQFcii8NbwGne9kUWBaAfuqsu7pfloa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dcd9ddd905b-FRA

GET
H3 200 lds-icon.5b527087f75c.css
beswicksclient.legl.com/static/lds-icons/ 4 KB
1 KB 117ms
117ms Stylesheet
text/css 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/lds-icons/lds-icon.5b527087f75c.css

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f524c7a94d11689cccc8068eec0e10ff5d3933ee968857af6b0259568aaf2ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-f20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eno3IMlZQALhU9xu41qoJ8zsal9pvbym4m3E1oSq7yy0rOj2eY%2F4nGatM4ADDtuvVYJdMjfbG5MEVTB4gkz7a%2B1D4SdQXbcOUgeM1xPSiyLOGpDkqDVWzHex4T6cjpYOnrETjlF1AX8EiJ%2FUnfekh5CPjqMn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dcd9dde905b-FRA

GET
H3 200 pay-92af85af5505adac3e59.bundle.624db530ec74.css
beswicksclient.legl.com/static/webpack_bundles/ 18 KB
5 KB 168ms
168ms Stylesheet
text/css 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.624db530ec74.css

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f551d8fea4f4f727034811ea6dfbe650966ac7eb301f659f4e95961d3a63e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-4985"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM%2BA3gPX460lD4vw1BA95LFMKTTx7Sj7mIHuppg65ObIYc66XIKEXgs5WFcUVEbeUINNB1qcEPtvu6pWWZoA8u0CDvLOKgla475dK0fWZacxV3wObD4L%2FUoP4tkCkQ7l0ag2OmqIpGJ8agRECdI33EB%2BB7lq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dcd9ddf905b-FRA

GET
H2 200 Beswicks_Logo.png
crowdjustice.imgix.net/company_logos/ 5 KB
6 KB 193ms
158ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crowdjustice.imgix.net/company_logos/Beswicks_Logo.png?ixlib=python-1.2.0

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a7609a9956cac91ef88827e462f6460ae9e522545da6e9e0436f3086dd5afabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
x-content-type-options: nosniff
age: 184
x-cache: HIT, MISS
x-imgix-id: c8ef49ad3d7747bb0cc5a05767cfd6760cff5b35
cross-origin-resource-policy: cross-origin
content-length: 5434
x-served-by: cache-sjc10034-SJC, cache-hhn-etou8220079-HHN
x-imgix-render-farm: 02.8744
last-modified: Tue, 28 Mar 2023 14:18:17 GMT
server: Google Frontend
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 verified-by-visa.9476aad90c7a.svg
beswicksclient.legl.com/static/payments/img/color/ 5 KB
2 KB 167ms
166ms Image
image/svg+xml 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicksclient.legl.com/static/payments/img/color/verified-by-visa.9476aad90c7a.svg

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-144e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MghL7uJulQZq%2BLrxRi8S4%2BX1HNUsSM0kTt0968ac4Opg0LD30NPRoaJg7wmT7wGOM1m2JHfTCaCTFhWfRgS3Um35e4QfsPQbDj%2BPG%2BCE%2FQIgyoUDp0MVqUwwKXTdKlsQqMib2jLR91D2yeIJ%2F12AfVNcAkV1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5e9c905b-FRA

GET
H3 200 mastercard-securecard.783601069452.svg
beswicksclient.legl.com/static/payments/img/color/ 13 KB
5 KB 124ms
123ms Image
image/svg+xml 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicksclient.legl.com/static/payments/img/color/mastercard-securecard.783601069452.svg

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-3223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uox4VTrYpB0Mktc6Gr3DqdLodrfrmSXfBcR9u9vI7OsxbOFJd2ostHLV8ZoOSQaZ6wKh%2FFaFB5rATo%2Bpf5gZdj%2Fh2ZB%2FtxNzqn21FTUaRlUU8MkBInXiGjx2GvbSDyIYewPaRhjlgATjaD2ysmY%2FPjWqs7jN"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5e9d905b-FRA

GET
H3 200 secured-by-legl.58640b8dd409.svg
beswicksclient.legl.com/static/payments/img/color/ 12 KB
5 KB 148ms
147ms Image
image/svg+xml 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicksclient.legl.com/static/payments/img/color/secured-by-legl.58640b8dd409.svg

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-2ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeJ%2FIhNlonu4K34TKugGUXAEAnxnt2jE%2FgPqRj5ipS2hzCAnxStjBE36yDM0hxIOrxRJLCtiIiSM2lG9pZketjkX6qWAtyOKo%2ByR2MNfobGLnTGsR8GKE6oVjIR2za%2FfFObZiQzQyzb0xWxT%2FplLNSE0okvs"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5e9e905b-FRA

GET
H3 200 warning-triangle.e5d88151e287.svg
beswicksclient.legl.com/static/payments/img/ 2 KB
1 KB 143ms
142ms Image
image/svg+xml 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicksclient.legl.com/static/payments/img/warning-triangle.e5d88151e287.svg

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx%2FJSPPcVCVI%2Fsp17czZGr050hks5PTGGEBUjM%2BXCnN1Ffixt6AdDQ9OeGtkXk6afpe8RlKqI9RWE7L%2BN6jyx0%2BkZnT%2Fnp7D4KdRnVskFm8RYbhbHMey3TyIcgC4aYn7eocXhTbrWRiQDwzz%2FG%2BEqXSW5D6i"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5e9f905b-FRA

GET
H3 200 secured-online-payment.3d1a4939d65c.svg
beswicksclient.legl.com/static/payments/img/ 4 KB
2 KB 144ms
143ms Image
image/svg+xml 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicksclient.legl.com/static/payments/img/secured-online-payment.3d1a4939d65c.svg

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-fe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvmWsEpRTCpufaAXY%2BqtiwoRDcWsaMUbsMVxoh8YS8p6vZ%2B5OTbrpwZAX%2Bo7hYhomsevjgxjoyq8VPme4y4gC491CkZnYJGZxWEfus3Ay2jknaihVe1SWDkeb6AeWslHaGQkynBdD%2BsRyF848hg0juJNN%2BV4"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5ea1905b-FRA

GET
H3 200 email-decode.min.js Show response
beswicksclient.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6419a395-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nZrzkrGNm11Ek1GrmeujzLqVkxU4wAdfUCOo1hnkzLXyvyr7bd5Bj%2BOYhMaCmKpbBlZJ9VjIzkYHAddCoAGPpCSFu4KFn1ch90Ph3jibYuiTlfpFWpTTX2xzt3jjVU9VozLhu%2Fp7vSybBYem7L9g2qKRQo0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7af93dce4e99905b-FRA
expires: Fri, 31 Mar 2023 15:45:42 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.2.3/ 89 KB
28 KB 32ms
14ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://beswicksclient.legl.com/
Origin: https://beswicksclient.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 19 Mar 2021 18:16:34 GMT
server: Fastly
age: 1993633
etag: "44bea9771dbc4ce7cb75efc4b8a39dd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27994
expires: Tue, 05 Mar 2024 13:58:28 GMT

GET
H3 200 pay-92af85af5505adac3e59.bundle.03298edb2204.js Show response
beswicksclient.legl.com/static/webpack_bundles/ 289 KB
70 KB 224ms
222ms Script
text/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.03298edb2204.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c3d1f930328a8394c5b2175029ff88e7b98ce37170cbee6ccc9e77cc9d40d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: W/"642443f2-48347"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfLgzgNv%2BnMOr8W%2FUhh5rOx8nuEVBeGH%2BjWBHc1yDn2jMCWSoC69fz%2B9UetwDtIW2SmHFXJmTMZ5ShldbsVlbl6t6o%2BseO4zb%2F5YzQZ9aLauy4VVpS6grl3ELrR5D3Qr1FKa0VTUmHYTsp8TfHBQVdCbQzzS"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 7af93dce5e9a905b-FRA

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 141ms
58ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/css/fonts.e3d21e313d5a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72d90f648bbd5234b40fd2c02744aedb6549a048c5c3625193a0b3a8acf8495f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Mar 2023 15:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 15:45:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Mar 2023 15:45:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
867 B 142ms
58ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/css/fonts.e3d21e313d5a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Mar 2023 15:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 15:45:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Mar 2023 15:45:42 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 127ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beswicksclient.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 112083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:39 GMT

GET
H3 200 legl-icon.d254260158ba.woff2
beswicksclient.legl.com/static/icons/ 22 KB
22 KB 128ms
127ms Font
font/woff2 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/icons/legl-icon.d254260158ba.woff2?e5283ed51cd54ef164f11b492e4f92c1

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/icons/legl-icon.11118d854b30.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beswicksclient.legl.com/static/icons/legl-icon.11118d854b30.css
Origin: https://beswicksclient.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22124
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: "642443f2-566c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtUXtNwOi8O1as0sk09UQJPnrpZfMwYtV%2FeLF6v12f0wDaO%2FrH4inOJw2e4EdJpCaPt8nG9HV7kep2q395SAdQbXgHANyFLGis82bke2mAvR51I3UcimpvC6LupjQS%2FHE9a%2FNiTAln4fT%2FaFdn3qlNPE%2Fsyq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7af93dcf4fb2905b-FRA

GET
H/1.1 200
OK array.js Show response
legl-posthog.herokuapp.com/static/ 113 KB
34 KB 154ms
33ms Script
text/javascript 54.73.53.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/static/array.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 15:45:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Mon, 28 Jun 2021 13:10:15 GMT
Server: gunicorn
Via: 1.1 vegur
Etag: "60d9ca37-1c5a7"
Vary: Accept-Encoding, Cookie
X-Frame-Options: DENY
Content-Type: text/javascript; charset="utf-8"
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public
Connection: keep-alive
Content-Length: 34742

GET
H3 200 2180-92af85af5505adac3e59.bundle.js Show response
beswicksclient.legl.com/static/webpack_bundles/ 24 KB
9 KB 145ms
145ms Script
text/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/2180-92af85af5505adac3e59.bundle.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.03298edb2204.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de378b091b2ee9f5b83618134b42a25ea67678bdf4aa3fd096b46546f6efc672

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:09 GMT
server: cloudflare
etag: W/"642443f1-5fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0s%2BEzD%2FflGYoqGWXnVuVg%2FTbTHsr69d3iq59DWjWKqY7VA3HiGXppPD%2Bp7ChUoL2xp30VQU7PZQRCRqeAhRbuMSJ9jHGVZN3OUgumxvAMSdAtVUjyviSI6LoEPGPlHcr4PU4M5VU%2FRUlGENceFwJg54lvhkg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7af93dd07908905b-FRA

GET
H3 200 1400-92af85af5505adac3e59.bundle.js Show response
beswicksclient.legl.com/static/webpack_bundles/ 36 KB
9 KB 146ms
145ms Script
text/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/1400-92af85af5505adac3e59.bundle.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.03298edb2204.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

940bf6e0cd129237cb227037cbf0f1aa3ace8c9a85cc9409e7586e93a463984b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:09 GMT
server: cloudflare
etag: W/"642443f1-9125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbYI1wkQdUqJkF5pil92GkjhboNDsQBVdRE6CjJc6%2FEe2QvGdLqhatwdQbGY%2B0EoBH0STpUcW6xRAxB%2BVqzE9hSPrLWN%2ByJKvwSDe2qf%2Ft2S4CZ8AVtddLDjmbn3bjOuZgBrDIVd5tcl6nwpL6fdvUj6w2o3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7af93dd0790a905b-FRA

GET
H3 200 6256-92af85af5505adac3e59.bundle.js Show response
beswicksclient.legl.com/static/webpack_bundles/ 32 KB
7 KB 155ms
154ms Script
text/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/6256-92af85af5505adac3e59.bundle.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.03298edb2204.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c20fe8122237cc2fd343247c602a416513ddaa9fe05407e00dee636b52177d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:09 GMT
server: cloudflare
etag: W/"642443f1-81a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aT5tQsdpYIbwJeoxlmkPXRWUSOKWnrRWGgKX1EbcA1HC%2BhPM83EyK7O14uGOMWC%2BkcaXxiYN4uV3zW0gr9H%2Bys%2BOjdRRDFOwdAzzzjyPuJm1cGuY%2FLyBgBAbXYOy1kSWfUEwwElIzSmnjsvvJ3wMJK7x%2B9ap"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7af93dd0790b905b-FRA

GET
H3 200 lds-icon.34fca2d4769e.woff2
beswicksclient.legl.com/static/lds-icons/ 8 KB
9 KB 132ms
132ms Font
font/woff2 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/lds-icons/lds-icon.34fca2d4769e.woff2?f191d4b85988b6a6ae937891b13250e1

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/lds-icons/lds-icon.5b527087f75c.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9e65f999beba332382697ec851db1421cfaffdfa73690396369efec66e6ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://beswicksclient.legl.com/static/lds-icons/lds-icon.5b527087f75c.css
Origin: https://beswicksclient.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8564
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:10 GMT
server: cloudflare
etag: "642443f2-2174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdY2FFWAFGiGKR035uRm7BBuYQWnf1GxFyXx%2FSay6CciX4juI9KBRC1F6mPeob33Qgo3HZNnoh90A78AInn%2B83nKYwYPazt4mqamx6tAFvj8thy%2BwRN3LHochbpft5mvtgbY%2BlEglsw2VetYPi%2B%2FPhmYL7Rp"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7af93dd0a93f905b-FRA

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame B67D 200 B
786 B 7ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicksclient.legl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7317195
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 15:45:42 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 398069
x-content-type-options: nosniff
x-request-id: 77c062a1-d5af-43ad-97ac-52f08731116a
x-served-by: cache-fra-eddf8230137-FRA

POST
H/1.1 200
OK / Show response
legl-posthog.herokuapp.com/decide/ 193 B
660 B 38ms
38ms XHR
application/json 54.73.53.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/decide/?ip=1&_=1680104742656

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.53.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-53-134.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beswicksclient.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 29 Mar 2023 15:45:42 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://beswicksclient.legl.com
Vary: Cookie
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 193

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 2 B
301 B 115ms
26ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicksclient.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H2 200 csp-report
q.stripe.com/ Frame B67D 0
640 B 559ms
179ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680104743166689
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B67D 0
641 B 558ms
179ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680104743166729
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B67D 631 B
468 B 7ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:45:42 GMT
via: 1.1 varnish
age: 11734852
x-cache: HIT
content-length: 332
x-request-id: d91719b0-eb3e-4136-bbb1-371e3bc131af
x-served-by: cache-fra-eddf8230137-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 336823

GET
H3 200 6429-92af85af5505adac3e59.bundle.js Show response
beswicksclient.legl.com/static/webpack_bundles/ 4 KB
2 KB 117ms
117ms Script
text/javascript 2606:4700:20::681a:178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicksclient.legl.com/static/webpack_bundles/6429-92af85af5505adac3e59.bundle.js

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/static/webpack_bundles/pay-92af85af5505adac3e59.bundle.03298edb2204.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:178 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129c60694a568e97cb57880b2bcae515817f6b99256afaf3916e01e7dd040b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:42 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 14:58:09 GMT
server: cloudflare
etag: W/"642443f1-e13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2XeXT%2BQcnsDrH6ZSHbKIBFdjtz%2BIwaN7PhrY8xW03dlvQsuHXibtOlInAW5X8t2BNSs5duhqIszoxhtc3jJKn9hR3IGcKZ18sWkGkPyGfcTPPQVbcR6SmxpPC34bPpOyb%2FBYAFSRNpFcHiL1WZtFW96cA2O"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7af93dd20adb905b-FRA

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D7D1 930 B
1 KB 37ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 286
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 15:45:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 206
x-content-type-options: nosniff
x-request-id: 7b11d858-8b62-45f4-8cb6-62d6cafd4e1c
x-served-by: cache-fra-eddf8230137-FRA
x-timer: S1680104743.762626,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame D7D1 0
414 B 481ms
180ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680104743166779
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame D7D1 86 KB
16 KB 7ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 29 Mar 2023 15:45:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 139
x-cache: HIT
content-length: 16031
x-request-id: 14f97d98-4972-4a75-a9bc-fa03f6e92f75
x-served-by: cache-fra-eddf8230137-FRA
server: Fastly
x-timer: S1680104743.782399,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 113

POST
H2 200 6 Show response
m.stripe.com/ Frame D7D1 156 B
669 B 590ms
184ms XHR
application/json 52.40.72.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.72.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-72-233.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a805d3cc27853b7cc3ffd42e7c7032ea242d601e1dd1688565452e3587202727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680104743387433
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680104743386860
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 async-api.61caf4d9-1228.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 34ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: J0GluopGath26np.0jFNgGyfwhEN0LgG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 9FMWS4WPWY7EZ9EX
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1122
x-amz-id-2: m5O/ZxhL6IxD/PHJ5gg8gZ5ieOhDplAFXadRB7lvTdr5BZtWt/v0Tt/YANg/8nyaKCetOkMMe8k=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.933816,VS0,VE0
etag: "5a15fa90d5c9cf59729e937de488758b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6344

GET
H2 200 lazy-loader.37550b27-1228.min.js Show response
js-agent.newrelic.com/ 928 B
901 B 33ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: veSIorK788CursSmiZNo6DAf4uBLqr8D
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 9FMHB0H5PAPXX05N
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 415
x-amz-id-2: DdqH6btxjH5A9UtVrMMpouH7xGE+OAKyaqdEl6ejHZTBQPEGdIjGGmQl8w0OT+0H7GBFPy/OEII=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.933909,VS0,VE0
etag: "b6eaf4dad9b3e3384b0e9366ff9d0080"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6401

GET
H2 200 smi9tjbm Show response
widget.intercom.io/widget/ 8 KB
4 KB 50ms
11ms Script
application/javascript 13.224.189.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/smi9tjbm
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-74.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 046a89b6f3e9e7e3e6012ac2450cdf2e24894949e1b5358a6fa01b70a0a03ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: fnx.HGiUd2UOkvg6pYTpGRqH6RtpbBHi
content-encoding: gzip
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 15:25:54 GMT
x-amz-cf-pop: FRA2-C1
age: 1303
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3264
last-modified: Wed, 29 Mar 2023 12:55:58 GMT
server: AmazonS3
etag: "bec5806bc8d332de272fcd4363a4b799"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: Rp_EewbVooSJ9vlmqbtvtGmir41bPYjSUNOwm7XMwSELbsiFsy8mgQ==

GET
H2 200 862.e74e95d2-1228.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 7ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: gDL8cpdspH3IxcZPeLUXHRvPqJEXPWmp
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 0CQ374JYPQSZE8RM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3271
x-amz-id-2: 1eiw/boBIzZDP1eTnPQ4hdq14uuKnqr57sdKoL/Nm2QxKz1x3mEBuFw/JA8C4p7ehbm8ZRGjHT4=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.944289,VS0,VE0
etag: "ff02f82193fd2ec047cb131aa65a0dd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6283

GET
H2 200 page_view_event-aggregate.46b69e61-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: KBeqQAET2qZgk2U9E4XZJmVRm1HOq8Rk
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 0CQ9YAQ072F5ZWKR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1729
x-amz-id-2: LRuzqZ+dmaI8VSsSWLGxoTDOiYppoorL9aSEWXOQZrPUsN0F1Uc/gxQMuoxZMlwS4owAKvohzr8=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.944966,VS0,VE0
etag: "75e56b9529bc3582d1ee120d4a1d49e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6279

GET
H2 200 page_view_timing-aggregate.ced8c919-1228.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: ktDXvd_Dmea2UVJNoozUGAPGaGpVn1ZV
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 0CQ4BNC476WRMW02
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: zMhzRI586H6gPM5M+5wj7DWLs0l93dLE8G05e9fvgHPJtfolaxYbQ3fk4muER2Ta8LvvorNBZtg=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.945247,VS0,VE0
etag: "ddb946a277f5c644d555e8e1bcf23b77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6299

GET
H2 200 metrics-aggregate.56d9a464-1228.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by: Host: beswicksclient.legl.com
URL: https://beswicksclient.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: cAHIZ8FQmEPf2jyMvAgXJXAVQ_Jrw1XM
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Mar 2023 15:45:42 GMT
x-amz-request-id: 0CQ4BYN4NB859E9P
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1751
x-amz-id-2: jH1Vds6YpzUEt7xvQv69cxN1HUsXTcIXJgBtMwxhYMcL7POvkDoPHUiOfLxbZ/bjJA/YNygpyDs=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 20 Mar 2023 23:57:31 GMT
server: AmazonS3
x-timer: S1680104743.945570,VS0,VE0
etag: "04475d81e10a8c7213d39d14e581c599"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1080853

GET
H/1.1 200
OK 6735f40c76 Show response
bam.nr-data.net/1/ 49 B
397 B 249ms
217ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6735f40c76?a=15255801&v=1228.PROD&to=ZFZbbRNTXBUHARIPWV0cf0wPUUYPCQxJFkRcWVxaFUEcFgcbSBZXSl5cVxVBHBAPBxEVGFBfUFwPRgglDgcFDVlGR29QBEUcAQMW&rst=2337&ck=0&s=8123b5d94b372ec6&ref=https://beswicksclient.legl.com/pay/checkout/&qt=7&ap=493&be=1390&fe=896&dc=584&perf=%7B%22timing%22:%7B%22of%22:1680104740621,%22n%22:0,%22r%22:0,%22re%22:741,%22f%22:741,%22dn%22:741,%22dne%22:741,%22c%22:741,%22s%22:741,%22ce%22:741,%22rq%22:741,%22rp%22:1338,%22rpe%22:1361,%22dl%22:1350,%22di%22:1974,%22ds%22:1974,%22de%22:1977,%22dc%22:2284,%22l%22:2285,%22le%22:2293%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=1715&fcp=1715&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicksclient.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:43 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230130-FRA

GET
H2 200 frame-modern.5a2abcb6.js Show response
js.intercomcdn.com/ Frame E650 500 KB
132 KB 38ms
9ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

baeb317d7672cf4bac0e8c88700725c199c259102669eaaf431ea7e058f735d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 5LBSoEqN8_8otbC8755rGVUAzXmsLcRO
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 14:56:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 134515
last-modified: Wed, 29 Mar 2023 12:54:10 GMT
server: AmazonS3
etag: "e8be6c6f3539bbe7fc12ad4bbb9025d2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Hu0yPuthj828GKPrkxCobkA7w0b6QyAGSDIKGeNnUt2RB2NsgGKyug==

GET
H2 200 vendor-modern.86231db0.js Show response
js.intercomcdn.com/ Frame E650 237 KB
73 KB 58ms
30ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.86231db0.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0571b14e3510f871421e234631b1452947c13d5239b69bd96c6b997de6ff8edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: e_EQ_Te6bVq4KhDTaqHMCwxcIl.fPKQf
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 13:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6944
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74589
last-modified: Wed, 29 Mar 2023 10:24:09 GMT
server: AmazonS3
etag: "6f008e7f886950e9c3b9e535cfe19554"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 8beRzwhEpS_KRBllCU4nXWUBo304VaAlCBtGnshjw2w3jxbCvvU5gg==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame E650 4 KB
2 KB 663ms
445ms XHR
application/json 3.230.112.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.112.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-112-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bd6be289fce8f8fd88054951a915348d89e78cce40af873bfa7cbccc17426c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0000afk0a7kc7o4s35pg
x-runtime: 0.308002
server: nginx
etag: W/"bd6be289fce8f8fd88054951a915348d"
x-ratelimit-remaining: 13331
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicksclient.legl.com
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1680104750
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 41 B
107 B 35ms
35ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2bcaddebe5faff88672bb1f8aa09c17370da633ca7097bc14444e1c00fecd4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicksclient.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 15:45:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 200 open Show response
api-iam.intercom.io/messenger/web/ Frame E650 5 KB
2 KB 290ms
289ms XHR
application/json 3.230.112.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/open

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.112.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-112-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b5271385251848fe50064704f1c7f3ef3c8d5ec5ccd8d2aed3fa9006ba10e497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 15:45:44 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0002jhq4umbr7stjcjo0
x-runtime: 0.140603
server: nginx
etag: W/"b5271385251848fe50064704f1c7f3ef"
x-ratelimit-remaining: 13330
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicksclient.legl.com
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1680104750
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 vendors~app~tooltips-modern.11c09511.js Show response
js.intercomcdn.com/ Frame E650 503 KB
98 KB 10ms
8ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app~tooltips-modern.11c09511.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ab72d5ae14ca3f5ca6930381f75459fd5d9c400622a5e7c24435ab36a87d49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: FHsTB29908tD62OwEK0zHv7WDhai2yXt
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 14:59:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2784
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 99363
last-modified: Wed, 29 Mar 2023 12:54:10 GMT
server: AmazonS3
etag: "f12441c2903228839b2c5b6bde349827"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Tw9R_Y2KUBbWpaREqv4ez77CvtqwcSz2OCkAKcMmK0bkYQzABuQz3g==

GET
H2 200 vendors~app-modern.502d9236.js Show response
js.intercomcdn.com/ Frame E650 52 KB
16 KB 17ms
16ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendors~app-modern.502d9236.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3a68c1e0d0aa0314c116589ffd453e0815bf46f3dbf69d36ff90e8aa4862d7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: pe9ix568Zdb9jokI7CTs6PTFdH5RU7Rp
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 14:40:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 3889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15864
last-modified: Wed, 29 Mar 2023 10:24:09 GMT
server: AmazonS3
etag: "2b3984790d3e11f83a48ba4e45bdea63"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: depbUht9ZRLViqLUCMr42skTr6RBmXnalymte3i_Kot1I2lNeWwBcA==

GET
H2 200 app~tooltips-modern.e9e63c15.js Show response
js.intercomcdn.com/ Frame E650 217 KB
54 KB 17ms
17ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app~tooltips-modern.e9e63c15.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d535f967c1561e240ac98f65890ec1711c079526ecfeeda35b27031b05d8c847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 14:26:20 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-version-id: qW_d0.CsfToSXgR_ruLjSdfKhw7aI60n
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 4764
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 54534
last-modified: Wed, 29 Mar 2023 12:54:10 GMT
server: AmazonS3
etag: "f2625dcf82933e7b19b7743a9649c392"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: jHs04uXknj5G9bOU9rPTOXB15pZgtva2blRQU1WSnBAtanehssLg1w==

GET
H2 200 app-modern.2a77f738.js Show response
js.intercomcdn.com/ Frame E650 593 KB
152 KB 20ms
20ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/app-modern.2a77f738.js

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6728fa31e9f2ef973d695bd19a3dfe687810eb9bc87f279012e95aeb34680bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Ri8xswvXrUnjHSXMC53hE867x4WtfFIE
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Wed, 29 Mar 2023 14:56:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2980
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 155010
last-modified: Wed, 29 Mar 2023 12:54:10 GMT
server: AmazonS3
etag: "9f5a4b15b62324065b57837077f5d70a"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Tj8fBjLsqJtJxsB98bD9sEkt885_-TyzcEpiXQamnt6ZurkcPnjEhA==

POST
H2 200 home Show response
api-iam.intercom.io/messenger/web/ Frame E650 2 KB
1 KB 437ms
437ms XHR
application/json 3.230.112.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/home

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.112.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-112-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

48eef70871522e521da4f2d42bb739ba7c34cb0c0e0af3e55342cbe42b3c4f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 15:45:44 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0006j28hlnd6t3sv0jq0
x-runtime: 0.266534
server: nginx
etag: W/"48eef70871522e521da4f2d42bb739ba"
x-ratelimit-remaining: 13329
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicksclient.legl.com
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1680104750
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 conversations Show response
api-iam.intercom.io/messenger/web/ Frame E650 96 B
768 B 203ms
203ms XHR
application/json 3.230.112.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/conversations

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.112.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-112-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

39a701f2a0d913d59c88cb7830c7f560f673d81bc7f501cc0f1eca191ad80c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 15:45:44 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0002cmsmv6b6cvlttivg
x-runtime: 0.070726
server: nginx
etag: W/"39a701f2a0d913d59c88cb7830c7f560"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicksclient.legl.com
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 200 help_center_content Show response
api-iam.intercom.io/messenger/web/ Frame E650 21 KB
5 KB 397ms
397ms XHR
application/json 3.230.112.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/help_center_content

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.5a2abcb6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.230.112.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-112-183.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d2a64c3c84d82d007d4b7a00ba294959b2b59bcb67f18fc490815cb27e817ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 15:45:44 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00089h6ghkub633093jg
x-runtime: 0.239235
server: nginx
etag: W/"d2a64c3c84d82d007d4b7a00ba294959"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicksclient.legl.com
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 7e67e75d88bee3050a8c51f642c24833.png
downloads.intercomcdn.com/i/o/246680/2e0dcedd411a0fe92e1dc746/ Frame 956B 9 KB
10 KB 390ms
178ms Image
image/png 15.197.143.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://downloads.intercomcdn.com/i/o/246680/2e0dcedd411a0fe92e1dc746/7e67e75d88bee3050a8c51f642c24833.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.197.143.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a69d63ecdf0f33068.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5280b4c882d61a36e36a63f76c426afe83b69f1f941d962bc71248975e20c127

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 15:45:44 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0ab3c99401b68739b
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
status: 200 OK
content-transfer-encoding: binary
content-disposition: inline; filename="7e67e75d88bee3050a8c51f642c24833.png"; filename*=UTF-8''7e67e75d88bee3050a8c51f642c24833.png
x-xss-protection: 1; mode=block
x-request-id: 000uh18ele46obqsgfa0
x-runtime: 0.056713
last-modified: Wed, 30 Dec 2020 10:55:13 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: image/png
x-intercom-version: 7a3aa8237556aa60c7077170c126d2106b23ee4d
cache-control: max-age=86400, private

GET
H2 200 3348bb93-bcc1-4631-b1de-a85ebe77f7fd-2-1640006891.JPG
static.intercomassets.com/avatars/5329554/square_128/ Frame 956B 4 KB
5 KB 74ms
14ms Image
image/jpeg 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/5329554/square_128/3348bb93-bcc1-4631-b1de-a85ebe77f7fd-2-1640006891.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 679f7339db7153c7bce02c906276a502894e341730883b8cc7fbed18c5ce0ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 29 Mar 2023 13:33:08 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 7957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4369
last-modified: Mon, 20 Dec 2021 13:28:13 GMT
server: AmazonS3
etag: "5d5555a89f5e022117f559813c2af655"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: nSSjw1jEONUBaz93pBUr5aOhxney3Hi3p6dNLiU77YD0LScn7cW2Ew==

GET
H2 200 Ellie_headshot_small-1609344311.jpg
static.intercomassets.com/avatars/4431711/square_128/ Frame 956B 10 KB
10 KB 73ms
12ms Image
image/jpeg 13.225.78.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/4431711/square_128/Ellie_headshot_small-1609344311.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-32.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1d40f4ec2334010be5f221ed67f6264035678e6132ea6f755d978cea2a04028

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 29 Mar 2023 13:33:08 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 7957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9866
last-modified: Wed, 30 Dec 2020 16:05:12 GMT
server: AmazonS3
etag: "2d4a9d7c55bcf7da4b689282a887ceb8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 2QA4oVzG4TkkOfoc8n3qZHpo_z6vQrgNX6huUZjY_TseIyYqjYy1Wg==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beswicksclient.legl.com/	1970-01-20 19:25:54	Name: csrftoken Value: Ta4kD4QhCMxv6J46cfzlclKYKQoLUOL0s3BFNioTnL8ithEUFqNFa5K846llsYLt
m.stripe.com/	1970-01-20 20:17:44	Name: m Value: 7cdb1992-cb94-4fb3-a8de-cc09a5e86b54952007
.beswicksclient.legl.com/	1970-01-20 19:27:20	Name: __stripe_mid Value: cc7dc745-501d-4d67-ad09-18b60b490ec68d2e2e
.beswicksclient.legl.com/	1970-01-20 10:41:46	Name: __stripe_sid Value: 5a86d099-4793-4f84-9563-72f1081e88da4a1347
.legl.com/	1970-01-20 17:10:34	Name: intercom-id-f4wk485h Value: 3b1f971d-aa49-4798-ad09-f9f307df2702
.legl.com/	1970-01-20 10:51:49	Name: intercom-session-f4wk485h Value:
.legl.com/	1970-01-20 17:10:34	Name: intercom-device-id-f4wk485h Value: 61ee9a62-c262-4e49-b823-99217278fcc8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam.nr-data.net
beswicksclient.legl.com
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
downloads.intercomcdn.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.banked.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
q.stripe.com
static.intercomassets.com
widget.intercom.io
13.224.189.74
13.225.78.32
15.197.143.135
151.101.0.176
151.101.2.137
162.247.243.29
18.66.147.5
2001:4de0:ac18::1:a:2b
2606:4700:20::681a:178
2606:4700:4400::ac40:9ab6
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a04:4e42:200::729
2a04:4e42:8e::720
3.230.112.183
34.120.195.249
52.40.72.233
54.186.23.98
54.73.53.134
046a89b6f3e9e7e3e6012ac2450cdf2e24894949e1b5358a6fa01b70a0a03ff0
0571b14e3510f871421e234631b1452947c13d5239b69bd96c6b997de6ff8edb
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
0c55510810e485d51fc83d93c90be0eb5b7fb5dc79ce108e8cddf4492f17dbf6
129c60694a568e97cb57880b2bcae515817f6b99256afaf3916e01e7dd040b99
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bcaddebe5faff88672bb1f8aa09c17370da633ca7097bc14444e1c00fecd4db
364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
39a701f2a0d913d59c88cb7830c7f560f673d81bc7f501cc0f1eca191ad80c24
3a68c1e0d0aa0314c116589ffd453e0815bf46f3dbf69d36ff90e8aa4862d7af
3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981
3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48eef70871522e521da4f2d42bb739ba7c34cb0c0e0af3e55342cbe42b3c4f1f
4ab72d5ae14ca3f5ca6930381f75459fd5d9c400622a5e7c24435ab36a87d49b
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
4f9e65f999beba332382697ec851db1421cfaffdfa73690396369efec66e6ba4
5280b4c882d61a36e36a63f76c426afe83b69f1f941d962bc71248975e20c127
560c2de1688ada445c4f12d6cf8586d2c06401766d65af476e04fec25b998cba
6133d94280f15effe878e372848fb3ea7556fb08603952fa93cc485c81507b83
6728fa31e9f2ef973d695bd19a3dfe687810eb9bc87f279012e95aeb34680bff
679f7339db7153c7bce02c906276a502894e341730883b8cc7fbed18c5ce0ce3
70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7
72d90f648bbd5234b40fd2c02744aedb6549a048c5c3625193a0b3a8acf8495f
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
89c20fe8122237cc2fd343247c602a416513ddaa9fe05407e00dee636b52177d
8c3d1f930328a8394c5b2175029ff88e7b98ce37170cbee6ccc9e77cc9d40d89
914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc
940bf6e0cd129237cb227037cbf0f1aa3ace8c9a85cc9409e7586e93a463984b
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7609a9956cac91ef88827e462f6460ae9e522545da6e9e0436f3086dd5afabf
a805d3cc27853b7cc3ffd42e7c7032ea242d601e1dd1688565452e3587202727
adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9
b5271385251848fe50064704f1c7f3ef3c8d5ec5ccd8d2aed3fa9006ba10e497
baeb317d7672cf4bac0e8c88700725c199c259102669eaaf431ea7e058f735d2
bd6be289fce8f8fd88054951a915348d89e78cce40af873bfa7cbccc17426c42
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
d2a64c3c84d82d007d4b7a00ba294959b2b59bcb67f18fc490815cb27e817ccd
d535f967c1561e240ac98f65890ec1711c079526ecfeeda35b27031b05d8c847
d8f551d8fea4f4f727034811ea6dfbe650966ac7eb301f659f4e95961d3a63e0
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de378b091b2ee9f5b83618134b42a25ea67678bdf4aa3fd096b46546f6efc672
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e
f1d40f4ec2334010be5f221ed67f6264035678e6132ea6f755d978cea2a04028
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f524c7a94d11689cccc8068eec0e10ff5d3933ee968857af6b0259568aaf2ab0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3

beswicksclient.legl.com Open in urlscan Pro 2606:4700:20::681a:178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

98 %HTTPS

37 %IPv6

16 Domains

20 Subdomains

19 IPs

4 Countries

1198 kBTransfer

4430 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beswicksclient.legl.com Open in urlscan Pro
2606:4700:20::681a:178 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

98 %
HTTPS

37 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

1198 kB
Transfer

4430 kB
Size

7
Cookies

60 HTTP transactions
0 data transactions