beswicks.legl.com Open in urlscan Pro
2606:4700:20::ac43:47d9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://beswicks.legl.com/
Effective URL:
https://beswicks.legl.com/pay/checkout/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 09 via api (September 9th 2023, 11:15:00 pm UTC) from DE — Scanned from DE

Summary HTTP 49 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 49 HTTP transactions. The main IP is 2606:4700:20::ac43:47d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is beswicks.legl.com.
TLS certificate: Issued by E1 on September 9th 2023. Valid for: 3 months.

This is the only time beswicks.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 23	2606:4700:20:... 2606:4700:20::ac43:47d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::6812:2ac3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	54.220.192.176 54.220.192.176	16509 (AMAZON-02) (AMAZON-02)
5	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:1a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.236.147.194 44.236.147.194	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.18 13.224.189.18	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.49 18.66.147.49	16509 (AMAZON-02) (AMAZON-02)
1	34.239.100.113 34.239.100.113	14618 (AMAZON-AES) (AMAZON-AES)
49	17

23 2606:4700:20::ac43:47d9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

beswicks.legl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2ac3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

js.banked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

crowdjustice.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.192.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

legl-posthog.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o557392.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
o32237.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:1a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.147.194 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-147-194.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-49.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.100.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-100-113.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	legl.com 3 redirects beswicks.legl.com	179 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1511 q.stripe.com — Cisco Umbrella Rank: 9952 m.stripe.com — Cisco Umbrella Rank: 1424	135 KB
5	sentry.io o557392.ingest.sentry.io o32237.ingest.sentry.io	756 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2718	267 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2187 api-iam.intercom.io — Cisco Umbrella Rank: 2106	6 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1625	18 KB
2	herokuapp.com legl-posthog.herokuapp.com	36 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	2 KB
2	banked.com 1 redirects js.banked.com	160 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1103	7 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4937	28 KB
1	imgix.net crowdjustice.imgix.net	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 820	30 KB
49	14

	Domain	Requested by
23	beswicks.legl.com	3 redirects beswicks.legl.com js.banked.com
3	q.stripe.com	beswicks.legl.com
3	o557392.ingest.sentry.io	js.banked.com
3	js.stripe.com	beswicks.legl.com js.stripe.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	o32237.ingest.sentry.io	browser.sentry-cdn.com
2	legl-posthog.herokuapp.com	beswicks.legl.com js.banked.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	beswicks.legl.com
2	js.banked.com	1 redirects beswicks.legl.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	beswicks.legl.com
1	m.stripe.com	m.stripe.network
1	static.cloudflareinsights.com	beswicks.legl.com
1	browser.sentry-cdn.com	beswicks.legl.com
1	crowdjustice.imgix.net	beswicks.legl.com
1	code.jquery.com	beswicks.legl.com
49	18

This site contains links to these domains. Also see Links.

Domain
beswicks.com
legl.com

Subject Issuer	Validity	Valid
beswicks.legl.com E1	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.herokuapp.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://beswicks.legl.com/pay/checkout/
Frame ID: 8D054330E36572804486C5D638B0E20B
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: F981D5E9A8013F64DE5E1C35DA549FDA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5DC7352311DC3A8960D7BDD5DB137D4F
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0088f593.js
Frame ID: 01DAA4D60DFAE1C0D6D55CE996A9EEF9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout - Payments

Page URL History Show full URLs

http://beswicks.legl.com/ HTTP 301
https://beswicks.legl.com/ HTTP 302
https://beswicks.legl.com/pay/ HTTP 302
https://beswicks.legl.com/pay/checkout/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

913 kB
Transfer

3269 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://beswicks.com/
Title: beswicks.com

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://legl.com/terms-of-use/
Title: terms

Search URL Search Domain Scan URL

URL: https://legl.com/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://beswicks.legl.com/ HTTP 301
https://beswicks.legl.com/ HTTP 302
https://beswicks.legl.com/pay/ HTTP 302
https://beswicks.legl.com/pay/checkout/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://js.banked.com/v3 HTTP 301
https://js.banked.com/v3/

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
beswicks.legl.com/pay/checkout/
Redirect Chain

http://beswicks.legl.com/
https://beswicks.legl.com/
https://beswicks.legl.com/pay/
https://beswicks.legl.com/pay/checkout/

22 KB
8 KB

259ms
259ms

Document
text/html

2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bce26396e9ee73c57abb7c491a0544aeba6f73e6d045baf42f68802c86df28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8043215798b81947-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sat, 09 Sep 2023 23:14:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vryiDgIHx1zO1oWasG3WYuYFOOum%2BPbzZx7N09CzfosGJvk7b7jJfvKANZdf3w8ZJJCEsDg4lMRuTS%2BSHveT5jahcH11olJmpK6Wrk4MDQowgn2ob43qf%2BQBntHZTZjSVtiwrsQyafq1pRA47ifO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-request-id: 6dde7f68-18f2-4fec-8834-2e627a1f090b

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 804321562dd0910a-FRA
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Sat, 09 Sep 2023 23:14:55 GMT
location: /pay/checkout/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ6oaoCUaysz6kxkEuNDhuYFqOxI9C5k6aP50AA%2BFlwthn6cQCkSIO6HNfFl9pWvMAqyxhQTR57g5g3d1hxTAU%2FobvgEiupuKUNO95fk3wqsF%2BxDPDF5KSYm6nRm53fNe9M1JbnPYumMfyI5gmPY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Language, Cookie
via: 1.1 vegur
x-content-type-options: nosniff
x-request-id: 849538cd-312a-4110-84e0-9f8e45f58428

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 36ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1694301295.dop231.fr8.t,1694301295.cds101.fr8.hn,1694301295.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 / Show response
js.stripe.com/v3/ 525 KB
130 KB 48ms
8ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8cafa1e7b2db2ad1030259053de96a92a15d528ed59bf0b93b4cc8633bb29fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Sep 2023 23:14:52 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 9
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Sep 2023 22:01:04 GMT
server: Cloudfront
etag: W/"abd91db5626472f38e45360077f2033f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: _QzACAeC4lxipnnbdq47_Jv-MF2huAb0FmijhW87WaHRE2svvdZcDQ==

GET
H2

200

/ Show response
js.banked.com/v3/
Redirect Chain

https://js.banked.com/v3
https://js.banked.com/v3/

744 KB
159 KB

54ms
54ms

Script
application/javascript

2606:4700:4400::6812:2ac3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.banked.com/v3/

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Server

2606:4700:4400::6812:2ac3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

16b6c9ab85aa1818c6d5d75b2e97be01672b3a047ab8d11f17bc85a4a771feab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 30 Aug 2023 12:22:12 GMT
server: cloudflare
content-encoding: gzip
x-powered-by: Express
etag: W/"ba110-18a4664e520"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 8043215adfcf3737-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: Express
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: /v3/
cf-ray: 8043215a4f5b3737-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fonts.256cad8881d0.css
beswicks.legl.com/static/css/ 2 KB
1 KB 145ms
145ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: a5a044ac-ae43-41e1-9765-7de3871b28bf
last-modified: Fri, 08 Sep 2023 11:41:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa41-96e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia5x%2B7wM3HzFYX2l5BWm%2F%2F%2BRHRC4A84ME9s4H191huhpjPGKygv5ZXTFWX3Wq3SiGaREKTJ%2B9VVkxYdcjsBekLbXPbKSvJLBdKIBOPROxZRXTaPuc59tczaLKTGs0VEF2fL4X6Qi6WiV2Bk5GMl9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 804321598a001947-FRA

GET
H3 200 legl-icon.11118d854b30.css
beswicks.legl.com/static/icons/ 62 KB
6 KB 192ms
192ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: e270b3dc-677e-480c-9f9d-9667bc4509f3
last-modified: Fri, 08 Sep 2023 11:41:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa41-f9f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3No%2FCYYtbQVRasM2%2B4Ih4EUXCmbtzX%2FKNZ%2FGkdS8SfS7i98XOQR5i3EC8TIXkwtl8gQwNP7ZERaNbm8hWTSqDCy0At43nNVY%2BEArl3bjTpFcnoluS4mCv5gb99viwA9o1sgVZMfwXbMqo9%2B%2Brwo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 804321598a021947-FRA

GET
H3 200 lds-icon.23040acb0eb2.css
beswicks.legl.com/static/lds-icons/ 4 KB
2 KB 140ms
139ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2dcfe912b1afd867ab818c60627d395717c223331ff8f7494f2ccf80cbb9a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: e5803e09-da5e-49f1-b595-dc9ef6d0b395
last-modified: Fri, 08 Sep 2023 11:41:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa41-fa7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ndV%2B6M%2BFjdmnr4%2FSSRD4LaRByo1NDXVJnObKBl6Ni3u%2Fft%2BBZLItZ8CSpqw2ldMkSvFYk6t%2Faou9DvVeramZFDCF5nriFNy1BP7SupZLjHNTcP2zvmFWpeI%2Btu3YVyb8s56QSknb7g8OdrhdVJG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 804321598a031947-FRA

GET
H3 200 pay-b7bb41dce08dc4a1dc06.bundle.bd23c0bf7cb1.css
beswicks.legl.com/static/webpack_bundles/ 19 KB
5 KB 161ms
160ms Stylesheet
text/css 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.bd23c0bf7cb1.css

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 287fccaa-794c-4788-8d9e-a289a74318a0
last-modified: Fri, 08 Sep 2023 11:41:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa41-4a4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffDD1K7v%2BL9isHapuxlzHL1q6nw%2F6d2ywQD2T3tRHY0K2d6gU9ZMXQQIzngSDk%2BOvVMbfHA%2FMzfJJPCoO0FMNz5MTnQWcQWtDml0ZaZHNATlOCTwwGWOYj02nmRHZj1U4oQM15DkCjdBQbuLxlsD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 804321598a041947-FRA

GET
H2 200 beswicks_logo.svg
crowdjustice.imgix.net/company_logos/ 4 KB
2 KB 82ms
25ms Image
image/svg+xml 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crowdjustice.imgix.net/company_logos/beswicks_logo.svg?ixlib=python-1.2.0

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1067035
x-cache: HIT, HIT
x-imgix-id: 08b4952f60615c069e7e61841fb04def48a7acae
cross-origin-resource-policy: cross-origin
content-length: 1547
x-served-by: cache-sjc10029-SJC, cache-fra-etou8220088-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 16 Mar 2023 14:03:56 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 verified-by-visa.9476aad90c7a.svg
beswicks.legl.com/static/payments/img/color/ 5 KB
2 KB 155ms
154ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/verified-by-visa.9476aad90c7a.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 1ef23ec4-81e3-4a30-a47b-fdde563ce409
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa40-144e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW4te1Ze8GDitISKYrc3m%2FoTD1B7b7OF3ZADNnr12SdakXCQHUnL0Cc1qziyDS8hL0ddyiKqQov9V0o8ppxt57sTj6NwAff0mWtJpm0l5LCc1ALC7A7CGiiZZwoKIkPl6q3laMVYRmr5Wl3r7GDE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a7a1947-FRA

GET
H3 200 mastercard-securecard.783601069452.svg
beswicks.legl.com/static/payments/img/color/ 13 KB
5 KB 151ms
150ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/mastercard-securecard.783601069452.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 0c9a9985-ace9-424a-babc-9c59ec38a3a2
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa40-3223"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Of0tyJAWlmlzsfrb%2BYr%2BUAefZX7hQS11BYqWKEGKhys9jh1nuJYzR2HZMrVhtjFkenLw0foIAIsii7dO3IO1K4E%2FTawxLMM1BgZhg418Ds3Z93ijzAI6Iq8nufgb0WekC0YnG0lAAAsvIjY2FktA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a7b1947-FRA

GET
H3 200 secured-by-legl.58640b8dd409.svg
beswicks.legl.com/static/payments/img/color/ 12 KB
5 KB 135ms
134ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/color/secured-by-legl.58640b8dd409.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 2a621628-539a-4fd6-829a-7ed53ffcfde3
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa40-2ea1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOe7wHKq2BzgS%2F6eBV8B%2Fzgp1RTofge%2Fh7VpRS17giPTO2x2%2FA2KM7M2jfmhSO4wKWWTZ65GIg1plsSht6GJ4lb1eeSpkE2ICVilifT3rdzVdvwOJbq6uf76NZtI7uCOmn2uuHrkERGOmDlLV2yk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a7c1947-FRA

GET
H3 200 warning-triangle.e5d88151e287.svg
beswicks.legl.com/static/payments/img/ 2 KB
1 KB 169ms
168ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/warning-triangle.e5d88151e287.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 301cface-351a-4d23-ac11-4dac39bcb218
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa40-62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LpdCMaEP25hcLIm8iUE6oeurVu7YdBvXdiy5YoQ%2B%2Fos%2FZN7fzNPICuZwZZYLU2yzA59ua18DjYuzXx2S3Dc%2FKQcEvVZ9Xfl3SR8rCEW73tzMAa4NvI7R57goxrDry4PXcZ%2FaW7ZLBihcuBivDZz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a7d1947-FRA

GET
H3 200 secured-online-payment.3d1a4939d65c.svg
beswicks.legl.com/static/payments/img/ 4 KB
2 KB 150ms
149ms Image
image/svg+xml 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beswicks.legl.com/static/payments/img/secured-online-payment.3d1a4939d65c.svg

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 6b09297c-25a9-48b7-b469-becf2af88215
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa40-fe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eKoNw8%2BatPd4OTcysgWq4IMuYU9ftaSfh%2FBQ0oIaJwEB9F7suBFhOanzZggbL7LMC2VYjaHKlmubjdduWWtnFr%2B8g%2BTxRuVdxvLwHFQXxJzd%2BcTfgSgXKu%2BBzx1bZv0JWARpE7iRwjgz8ys0x6u"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a7e1947-FRA

GET
H3 200 email-decode.min.js Show response
beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 14:34:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f73c7d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsNMlYQ5LPsbLtAgZcGAEe6ZM736ilT3sly79LvGDho08sRiSz49yIBetyCes4fahu3j8onPhhH5%2BXQQwt2w6BDlUdmsrRHWxnsDccfGge9wU2kyvaL1m8kmPH4jhgmUSMwc4ortd74Wf1gW1Wwl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8043215a1a781947-FRA
expires: Mon, 11 Sep 2023 23:14:55 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.2.3/ 89 KB
28 KB 24ms
7ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://beswicks.legl.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 19 Mar 2021 18:16:34 GMT
server: Fastly
age: 3344722
etag: "44bea9771dbc4ce7cb75efc4b8a39dd1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27994
expires: Thu, 01 Aug 2024 06:09:33 GMT

GET
H3 200 pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js Show response
beswicks.legl.com/static/webpack_bundles/ 292 KB
71 KB 273ms
272ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca597a768a48d981e6ba6a33e08fff727fdb3cc870406853fd5e1853bcadb971

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 6b7b7779-7f50-4461-861a-6d2577289462
last-modified: Fri, 08 Sep 2023 11:41:05 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa41-48f85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPOhAtCSJbRHtWkPCMusnxmp4zuMvi2CsXtACDBg30p6v8ej3jb6oUEzZUvyvlUCIV%2FWCoKlv0U3%2FaLMM96MvIcJ4ZrF1Rfu%2FwEgCPNa09d5%2Bd80%2BdG0B2%2BbGFDupfV2OVip33yD9Nsaf8mrQidH"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
cf-ray: 8043215a1a791947-FRA

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 58ms
41ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://beswicks.legl.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8043215a3eff9a3f-FRA

GET
H2 200 css
fonts.googleapis.com/ 6 KB
745 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ec43a16303bbd86b6195bc96d7422e7fd483bc21842db1f303485bf2ac7b6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 23:14:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Sep 2023 23:14:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
850 B 36ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Sep 2023 23:14:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Sep 2023 23:14:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Sep 2023 23:14:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:23:50 GMT
x-content-type-options: nosniff
age: 6665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:23:50 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 6982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 21:18:33 GMT

GET
H3 200 legl-icon.d254260158ba.woff2
beswicks.legl.com/static/icons/ 22 KB
22 KB 146ms
146ms Font
font/woff2 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/icons/legl-icon.d254260158ba.woff2?e5283ed51cd54ef164f11b492e4f92c1

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400
content-length: 22124
x-request-id: 1eb19f1b-56ad-4917-8882-5f0f99faedf7
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "64fafa40-566c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GojTer8lSgs1obumEnDtORV11MnjPsoAjqD32jAOVhkwzKoQgZmQS5YBakFSeuaTplfWP0X0T%2F0BoEOElCTNa9lImLWpNuNFUcF%2F7%2Bs3jooB9GkZMEKohdDWVywnRVYqxlZVkDpqBfmaXj4s7qh0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8043215abaf81947-FRA

GET
H/1.1 200
OK array.js Show response
legl-posthog.herokuapp.com/static/ 118 KB
36 KB 150ms
36ms Script
text/javascript 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/static/array.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sat, 09 Sep 2023 23:14:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 31 May 2023 18:15:11 GMT
Server: gunicorn
Via: 1.1 vegur
Etag: "64778eaf-1d8af"
Vary: Accept-Encoding, Cookie
X-Frame-Options: DENY
Content-Type: text/javascript; charset="utf-8"
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public
Connection: keep-alive
Content-Length: 36084

POST
H2 200 / Show response
o557392.ingest.sentry.io/api/6734447/envelope/ 41 B
373 B 65ms
9ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d5bfe550c3b7f10c2d5a309d6e2e493c3b22ed5963c2b201b7c3280f7560b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 9075-b7bb41dce08dc4a1dc06.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 23 KB
9 KB 166ms
165ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/9075-b7bb41dce08dc4a1dc06.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ba0f9d94a5882c91926915f3898b8415bfaf877037dc43226bb192b7eb6b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 811b2c25-24a7-4933-84d9-e06fe00aab90
last-modified: Fri, 08 Sep 2023 11:41:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa3f-5bfb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXeryK1Gg1dsWQj0WJ1b5uUlh5eAh%2FMJBr%2Fayzw0N7s6IWUt8psSC9ziWQSRjzszS1h62Pel72KKIcgIVbQ4JxtD2cP4u8vKQde12FPZGgTFlPibvMtytVuHEIAmOyKUlaGdzqlc4ukSLPJlOuZh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8043215c5cb11947-FRA

GET
H3 200 8907-b7bb41dce08dc4a1dc06.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 37 KB
10 KB 149ms
149ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/8907-b7bb41dce08dc4a1dc06.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

513a02962c128526f4eebbc2c3bd8772412ec5c49d9b86dd4f4bc1f923d218d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 5bf1dcdc-fb8e-482a-b4ab-c0b1348182bd
last-modified: Fri, 08 Sep 2023 11:41:03 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa3f-94a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqHRnqIRWlBbxUgRjpnqsHXWQC4LxmOJMK%2FjL5B1FtEwG8e4ZLlkTLumaV2j%2Bus2PczThiF4jiwrH7iU8oQd1nbNCYw9AqoL5Z11fj5QLf%2F0k8%2Beq0wGH12DByTbZhpsu2l%2BjtNMbzSNwNGlihCz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8043215c5cb31947-FRA

GET
H3 200 7244-b7bb41dce08dc4a1dc06.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 32 KB
7 KB 166ms
166ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/7244-b7bb41dce08dc4a1dc06.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5982ce3431a6274bb952723926296191c6baed6faf9042328604ef21d23966e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: 7a274a47-e8d5-4e58-b607-be03bf7b2f7f
last-modified: Fri, 08 Sep 2023 11:41:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa3e-81f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK1CyfW8a9LIE%2BWHTkyvXiOXCI04oepO7b57GPIjyQi4138um%2Bo07Y4M0uekAxkETswHAoNx6CL25SJ6rvh1h%2Bwi8IsEuIt6H0OQ%2BWpgmC3%2Ffbo915DRWUnsLMhj7qkELEq%2BgsfvwK%2F7wzNs9yhE"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8043215c5cb61947-FRA

POST
H2 200 / Show response
o557392.ingest.sentry.io/api/6734447/envelope/ 41 B
105 B 39ms
14ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c4cc62f396e93803fdf56b61d7db0869fa231b3f94c547957e43a1cad218d1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 200 / Show response
o557392.ingest.sentry.io/api/6734447/envelope/ 41 B
105 B 37ms
13ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5009e393927e7746c234e6226224d24eeb8d29523cf364548a3d9a7c4693b678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 lds-icon.73c0668fb496.woff2
beswicks.legl.com/static/lds-icons/ 9 KB
9 KB 129ms
128ms Font
font/woff2 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/lds-icons/lds-icon.73c0668fb496.woff2?62a260f99cb6c6a87358ff78577365c7

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beca612852cf66d873c8339f81347c5940052ce6061488190a4a0e2fe252c6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css
Origin: https://beswicks.legl.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
alt-svc: h3=":443"; ma=86400
content-length: 8936
x-request-id: 1cd433bb-a64b-4ba2-85e1-6182f38b5544
last-modified: Fri, 08 Sep 2023 11:41:04 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "64fafa40-22e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNeX2pT3ORa5Is1EZczFIO1BBMjmXtz7ybi2dx5jhyYG5G7r0BsSDoYqbIr6RYmHZVqiLp29h%2Bt48Ez%2FRp%2Fs23nuiM9flBwbl%2FhZ3YVDIcJXsJJliwGOHUbaCLDEV9hltrY%2Fu5AMfe3JFgEQGdM5"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8043215c7ce41947-FRA

POST
H/1.1 200
OK / Show response
legl-posthog.herokuapp.com/decide/ 193 B
654 B 153ms
153ms XHR
application/json 54.220.192.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://legl-posthog.herokuapp.com/decide/?v=2&ip=1&_=1694301296110

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-220-192-176.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 09 Sep 2023 23:14:56 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://beswicks.legl.com
Vary: Cookie
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 193

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 2 B
68 B 50ms
9ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame F981 200 B
1 KB 8ms
8ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beswicks.legl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3052
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Sep 2023 22:24:09 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: 2JRwcXE63nNBSQk9u7451ltxMuuZ7VfumoW_67gC4bqgi704XyXdqA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F981 631 B
996 B 8ms
8ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 09 Sep 2023 22:24:06 GMT
x-content-type-options: nosniff
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
age: 3051
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2IjCscxZwh58cZbgU2vC6a4fBIf8lei7Za2snTx36Ub6DHyWwR6_IQ==

POST
H2 200 csp-report
q.stripe.com/ Frame F981 0
716 B 531ms
176ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694301296596548
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694301296596199
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F981 0
716 B 532ms
177ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694301296596706
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1694301296596278
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5DC7 930 B
2 KB 44ms
8ms Document
text/html 2600:9000:2057:1a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 151
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 09 Sep 2023 23:12:26 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-id: -npsfIItjyFmjUeePtD8i7_Am-Q7wZJxyA7NpM6Vz9iuP-dFFj8Blg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 5DC7 0
491 B 479ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694301296596777
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1694301296596214
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 5DC7 87 KB
16 KB 8ms
8ms Script
text/javascript 2600:9000:2057:1a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:1a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Sep 2023 23:14:36 GMT
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"69cb7809b5011312e716f29b3d19dce6"
age: 20
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: p1OnO9d194U7P0I0yQAeJSJzUjn_eaTzZ2k7UnqCBGQQYx0exXB7cQ==

GET
H3 200 7799-b7bb41dce08dc4a1dc06.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 51 KB
9 KB 171ms
170ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/7799-b7bb41dce08dc4a1dc06.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac067cce8423552db61bda4a6fda32e9135e256eac7de9440a263e74d4e5b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: e43136c2-3e0a-4b79-ae50-a41f7921c03e
last-modified: Fri, 08 Sep 2023 11:41:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa3e-cc1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJgumIrA%2BYM8pwSFGF5PaXIvQ9ujFdv6ZqKccLmt8j5L%2BRRPl1mg%2BOSC6rbXFBkmVyU%2Bz39LbuqjKGG%2FhQO0Wswfl8atF63ufDEfmyDoLKom6Tx6N0FemIDBnq1l4LY%2BImZpClGXoj8%2FiAzq%2BQlr"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8043215dada51947-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 5DC7 156 B
668 B 506ms
169ms XHR
application/json 44.236.147.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.236.147.194 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-236-147-194.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

10c3a646dbc77aa3f6cd63d94dbd66cc460e9fa9224c403d35e746cab5a818ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1694301296679448
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1694301296679257
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 8491-b7bb41dce08dc4a1dc06.bundle.js Show response
beswicks.legl.com/static/webpack_bundles/ 3 KB
2 KB 66ms
66ms Script
text/javascript 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/static/webpack_bundles/8491-b7bb41dce08dc4a1dc06.bundle.js

Requested by

Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

176dd86c4a3689442d3077d25d53e261d32bd092d96d9c66dea1cf048376cd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/pay/checkout/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 vegur
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-request-id: f1bc01c1-fcbd-48ef-8c72-e0df02efc05c
last-modified: Fri, 08 Sep 2023 11:41:02 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"64fafa3e-a60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPCLoJTCWxQ9x32za%2FI2PzX74%2F70qV4OJhgO8DQo5Xun4U7pQtVC7Now29K0FGxLDEN4n4aweBD940x69M4fz5TKKe6k5HtSnH0TZOxnbCKXx2MQXz2jBGnl%2BK4Xzxt5v6CwhZDp7OvMoJEF%2FwR6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8043215eee581947-FRA

GET
H2 200 smi9tjbm Show response
widget.intercom.io/widget/ 7 KB
3 KB 410ms
382ms Script
application/javascript 13.224.189.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/smi9tjbm
Requested by: Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beswicks.legl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: vK0uYYDgB4F.DO_vvx419j.KuAeTQ5sM
content-encoding: gzip
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
date: Sat, 09 Sep 2023 22:56:59 GMT
x-amz-cf-pop: FRA2-C1
age: 1108
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2706
last-modified: Fri, 08 Sep 2023 13:49:34 GMT
server: AmazonS3
etag: "4dea6beecd24ba580408d9c9b70e8595"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: njWerrP--1bPlFgN7AdZCO0R4Z0un0q4N4qtVcPkvpASA53GVhHVPw==

POST
H3 204 rum Show response
beswicks.legl.com/cdn-cgi/ 0
142 B 9ms
9ms XHR
text/plain 2606:4700:20::ac43:47d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beswicks.legl.com/cdn-cgi/rum?

Requested by

Host: js.banked.com
URL: https://js.banked.com/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beswicks.legl.com/pay/checkout/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://beswicks.legl.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8043215f8ed31947-FRA

POST
H2 200 / Show response
o32237.ingest.sentry.io/api/5427794/envelope/ 41 B
105 B 16ms
15ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d13531886b752319c88f68901032fedba2eb19b69800c28cb7061c7e09512586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://beswicks.legl.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 frame-modern.0088f593.js Show response
js.intercomcdn.com/ Frame 01DA 506 KB
140 KB 39ms
7ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.0088f593.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: iq1uecPdLrfZiZyRurZDKr2QCvxS916F
content-encoding: gzip
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
date: Sat, 09 Sep 2023 21:49:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 5121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143127
last-modified: Fri, 08 Sep 2023 13:48:34 GMT
server: AmazonS3
etag: "800e98ccbe28f7fbe7b4a11ad33d2751"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: jXBhs9XbL8QhGy5tl0OAAM-pGAHi4hGvjqnvyna4z1izRbuCRoZIHg==

GET
H2 200 vendor-modern.1f7f821f.js Show response
js.intercomcdn.com/ Frame 01DA 409 KB
126 KB 53ms
21ms Script
application/javascript 18.66.147.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.1f7f821f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-49.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: e6b0of2zh6VmxPzKKTHVSimea6gIp5kh
content-encoding: gzip
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
date: Sat, 09 Sep 2023 22:46:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 1731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 128314
last-modified: Wed, 06 Sep 2023 14:44:14 GMT
server: AmazonS3
etag: "ab3e894af9301f1134cecc568095b249"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: TwXv24yVApgze-Hdqf_mgiXmMRw-2H6pk2ghJk1PwTsFjJHxrRSUIA==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 01DA 4 KB
2 KB 1099ms
898ms XHR
application/json 34.239.100.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0088f593.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.239.100.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-100-113.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1157ae8043aa03284fef51dd97ea63049c994621e9d9efee5e906a2cdbb4cfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Sep 2023 23:14:58 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0dc23bde2e40c2d7e
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00318j673phonn563i1g
x-runtime: 0.780556
server: nginx
etag: W/"1157ae8043aa03284fef51dd97ea6304"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://beswicks.legl.com
x-intercom-version: d1d319525a1538c675dfbe2eb849cdfcbf352e27
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beswicks.legl.com/	1970-01-20 23:22:30	Name: csrftoken Value: ayUbcsUQWYP0KYXbvsKwTY3E84S8hfYs
.legl.com/	1970-01-20 23:23:57	Name: ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog Value: %7B%22distinct_id%22%3A%2218a7c3a15ecab2-04b23e64a1872-6332525b-1d4c00-18a7c3a15ed1135%22%2C%22%24device_id%22%3A%2218a7c3a15ecab2-04b23e64a1872-6332525b-1d4c00-18a7c3a15ed1135%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
m.stripe.com/	1970-01-21 00:14:21	Name: m Value: e7444d3e-3c4c-4c2a-a15b-3f0ef62626ecc7bacd
.beswicks.legl.com/	1970-01-20 23:23:57	Name: __stripe_mid Value: c6dcd597-5471-404e-b0e5-85a0041d43a689de1a
.beswicks.legl.com/	1970-01-20 14:38:23	Name: __stripe_sid Value: ac48b005-a63f-46f4-bc3e-e27b5a93b4891f245e
.legl.com/	1970-01-20 21:07:11	Name: intercom-id-f4wk485h Value: 343e2d32-b8cd-4b93-8ff5-e4349c33e5d2
.legl.com/	1970-01-20 14:48:26	Name: intercom-session-f4wk485h Value:
.legl.com/	1970-01-20 21:07:11	Name: intercom-device-id-f4wk485h Value: f5778c69-26d4-4152-8cf9-ee41e7075d36

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://beswicks.legl.com/pay/checkout/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
beswicks.legl.com
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
fonts.googleapis.com
fonts.gstatic.com
js.banked.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
o557392.ingest.sentry.io
q.stripe.com
static.cloudflareinsights.com
widget.intercom.io
13.224.189.18
18.66.147.49
2001:4de0:ac18::1:a:1b
2600:9000:2057:1a00:19:7d10:bd80:93a1
2606:4700:20::ac43:47d9
2606:4700:4400::6812:2ac3
2606:4700::6810:3965
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a04:4e42:400::729
2a04:4e42:8e::720
34.120.195.249
34.239.100.113
44.236.147.194
54.186.23.98
54.220.192.176
99.86.4.122
0ac067cce8423552db61bda4a6fda32e9135e256eac7de9440a263e74d4e5b60
10c3a646dbc77aa3f6cd63d94dbd66cc460e9fa9224c403d35e746cab5a818ac
1157ae8043aa03284fef51dd97ea63049c994621e9d9efee5e906a2cdbb4cfcf
12d5bfe550c3b7f10c2d5a309d6e2e493c3b22ed5963c2b201b7c3280f7560b3
16b6c9ab85aa1818c6d5d75b2e97be01672b3a047ab8d11f17bc85a4a771feab
176dd86c4a3689442d3077d25d53e261d32bd092d96d9c66dea1cf048376cd36
1bce26396e9ee73c57abb7c491a0544aeba6f73e6d045baf42f68802c86df28b
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
1ec43a16303bbd86b6195bc96d7422e7fd483bc21842db1f303485bf2ac7b6ad
23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31ba0f9d94a5882c91926915f3898b8415bfaf877037dc43226bb192b7eb6b5e
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5009e393927e7746c234e6226224d24eeb8d29523cf364548a3d9a7c4693b678
513a02962c128526f4eebbc2c3bd8772412ec5c49d9b86dd4f4bc1f923d218d9
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
5982ce3431a6274bb952723926296191c6baed6faf9042328604ef21d23966e7
70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7
71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
8cafa1e7b2db2ad1030259053de96a92a15d528ed59bf0b93b4cc8633bb29fe9
914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7
ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442
adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9
aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57
b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131
beca612852cf66d873c8339f81347c5940052ce6061488190a4a0e2fe252c6bd
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2dcfe912b1afd867ab818c60627d395717c223331ff8f7494f2ccf80cbb9a5d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4cc62f396e93803fdf56b61d7db0869fa231b3f94c547957e43a1cad218d1f0
ca597a768a48d981e6ba6a33e08fff727fdb3cc870406853fd5e1853bcadb971
d13531886b752319c88f68901032fedba2eb19b69800c28cb7061c7e09512586
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

beswicks.legl.com Open in urlscan Pro 2606:4700:20::ac43:47d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

53 %IPv6

14 Domains

18 Subdomains

17 IPs

4 Countries

913 kBTransfer

3269 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

beswicks.legl.com Open in urlscan Pro
2606:4700:20::ac43:47d9 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

913 kB
Transfer

3269 kB
Size

8
Cookies

49 HTTP transactions
0 data transactions