Submitted URL: http://beswicks.legl.com/
Effective URL: https://beswicks.legl.com/pay/checkout/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 09 via api from DE — Scanned from DE

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 49 HTTP transactions. The main IP is 2606:4700:20::ac43:47d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is beswicks.legl.com.
TLS certificate: Issued by E1 on September 9th 2023. Valid for: 3 months.
This is the only time beswicks.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 23 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 99.86.4.122 16509 (AMAZON-02)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:8e:... 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 54.220.192.176 16509 (AMAZON-02)
5 34.120.195.249 396982 (GOOGLE-CL...)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 44.236.147.194 16509 (AMAZON-02)
1 13.224.189.18 16509 (AMAZON-02)
2 18.66.147.49 16509 (AMAZON-02)
1 34.239.100.113 14618 (AMAZON-AES)
49 17
Apex Domain
Subdomains
Transfer
23 legl.com
beswicks.legl.com
179 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1511
q.stripe.com — Cisco Umbrella Rank: 9952
m.stripe.com — Cisco Umbrella Rank: 1424
135 KB
5 sentry.io
o557392.ingest.sentry.io
o32237.ingest.sentry.io
756 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2718
267 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2187
api-iam.intercom.io — Cisco Umbrella Rank: 2106
6 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1625
18 KB
2 herokuapp.com
legl-posthog.herokuapp.com
36 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
2 KB
2 banked.com
js.banked.com
160 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1103
7 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4937
28 KB
1 imgix.net
crowdjustice.imgix.net
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
30 KB
49 14
Domain Requested by
23 beswicks.legl.com 3 redirects beswicks.legl.com
js.banked.com
3 q.stripe.com beswicks.legl.com
3 o557392.ingest.sentry.io js.banked.com
3 js.stripe.com beswicks.legl.com
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 m.stripe.network js.stripe.com
m.stripe.network
2 o32237.ingest.sentry.io browser.sentry-cdn.com
2 legl-posthog.herokuapp.com beswicks.legl.com
js.banked.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com beswicks.legl.com
2 js.banked.com 1 redirects beswicks.legl.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io beswicks.legl.com
1 m.stripe.com m.stripe.network
1 static.cloudflareinsights.com beswicks.legl.com
1 browser.sentry-cdn.com beswicks.legl.com
1 crowdjustice.imgix.net beswicks.legl.com
1 code.jquery.com beswicks.legl.com
49 18

This site contains links to these domains. Also see Links.

Domain
beswicks.com
legl.com
Subject Issuer Validity Valid
beswicks.legl.com
E1
2023-09-09 -
2023-12-08
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-07-31 -
2023-11-30
4 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1
2023-03-05 -
2024-04-05
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-01 -
2024-09-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.herokuapp.com
Amazon RSA 2048 M01
2023-04-02 -
2024-04-30
a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-25 -
2024-08-24
a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-08-01 -
2023-11-02
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-31 -
2023-10-26
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02
2023-02-14 -
2024-03-14
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01
2023-02-21 -
2024-01-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://beswicks.legl.com/pay/checkout/
Frame ID: 8D054330E36572804486C5D638B0E20B
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: F981D5E9A8013F64DE5E1C35DA549FDA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5DC7352311DC3A8960D7BDD5DB137D4F
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0088f593.js
Frame ID: 01DAA4D60DFAE1C0D6D55CE996A9EEF9
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Checkout - Payments

Page URL History Show full URLs

  1. http://beswicks.legl.com/ HTTP 301
    https://beswicks.legl.com/ HTTP 302
    https://beswicks.legl.com/pay/ HTTP 302
    https://beswicks.legl.com/pay/checkout/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

18
Subdomains

17
IPs

4
Countries

913 kB
Transfer

3269 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://beswicks.legl.com/ HTTP 301
    https://beswicks.legl.com/ HTTP 302
    https://beswicks.legl.com/pay/ HTTP 302
    https://beswicks.legl.com/pay/checkout/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://js.banked.com/v3 HTTP 301
  • https://js.banked.com/v3/

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
beswicks.legl.com/pay/checkout/
Redirect Chain
  • http://beswicks.legl.com/
  • https://beswicks.legl.com/
  • https://beswicks.legl.com/pay/
  • https://beswicks.legl.com/pay/checkout/
22 KB
8 KB
Document
General
Full URL
https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bce26396e9ee73c57abb7c491a0544aeba6f73e6d045baf42f68802c86df28b
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8043215798b81947-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 09 Sep 2023 23:14:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vryiDgIHx1zO1oWasG3WYuYFOOum%2BPbzZx7N09CzfosGJvk7b7jJfvKANZdf3w8ZJJCEsDg4lMRuTS%2BSHveT5jahcH11olJmpK6Wrk4MDQowgn2ob43qf%2BQBntHZTZjSVtiwrsQyafq1pRA47ifO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=3600
vary
Accept-Language, Cookie, Accept-Encoding
via
1.1 vegur
x-content-type-options
nosniff
x-request-id
6dde7f68-18f2-4fec-8834-2e627a1f090b

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
804321562dd0910a-FRA
content-language
en-us
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 09 Sep 2023 23:14:55 GMT
location
/pay/checkout/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ6oaoCUaysz6kxkEuNDhuYFqOxI9C5k6aP50AA%2BFlwthn6cQCkSIO6HNfFl9pWvMAqyxhQTR57g5g3d1hxTAU%2FobvgEiupuKUNO95fk3wqsF%2BxDPDF5KSYm6nRm53fNe9M1JbnPYumMfyI5gmPY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=3600
vary
Accept-Language, Cookie
via
1.1 vegur
x-content-type-options
nosniff
x-request-id
849538cd-312a-4110-84e0-9f8e45f58428
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15d84"
vary
Accept-Encoding
x-hw
1694301295.dop231.fr8.t,1694301295.cds101.fr8.hn,1694301295.cds327.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
/
js.stripe.com/v3/
525 KB
130 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8cafa1e7b2db2ad1030259053de96a92a15d528ed59bf0b93b4cc8633bb29fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 23:14:52 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
9
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 08 Sep 2023 22:01:04 GMT
server
Cloudfront
etag
W/"abd91db5626472f38e45360077f2033f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
_QzACAeC4lxipnnbdq47_Jv-MF2huAb0FmijhW87WaHRE2svvdZcDQ==
/
js.banked.com/v3/
Redirect Chain
  • https://js.banked.com/v3
  • https://js.banked.com/v3/
744 KB
159 KB
Script
General
Full URL
https://js.banked.com/v3/
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Server
2606:4700:4400::6812:2ac3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
16b6c9ab85aa1818c6d5d75b2e97be01672b3a047ab8d11f17bc85a4a771feab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 30 Aug 2023 12:22:12 GMT
server
cloudflare
content-encoding
gzip
x-powered-by
Express
etag
W/"ba110-18a4664e520"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
8043215adfcf3737-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-security-policy
default-src 'none'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-powered-by
Express
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/v3/
cf-ray
8043215a4f5b3737-FRA
alt-svc
h3=":443"; ma=86400
fonts.256cad8881d0.css
beswicks.legl.com/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://beswicks.legl.com/static/css/fonts.256cad8881d0.css
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
a5a044ac-ae43-41e1-9765-7de3871b28bf
last-modified
Fri, 08 Sep 2023 11:41:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa41-96e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia5x%2B7wM3HzFYX2l5BWm%2F%2F%2BRHRC4A84ME9s4H191huhpjPGKygv5ZXTFWX3Wq3SiGaREKTJ%2B9VVkxYdcjsBekLbXPbKSvJLBdKIBOPROxZRXTaPuc59tczaLKTGs0VEF2fL4X6Qi6WiV2Bk5GMl9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
804321598a001947-FRA
legl-icon.11118d854b30.css
beswicks.legl.com/static/icons/
62 KB
6 KB
Stylesheet
General
Full URL
https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
e270b3dc-677e-480c-9f9d-9667bc4509f3
last-modified
Fri, 08 Sep 2023 11:41:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa41-f9f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3No%2FCYYtbQVRasM2%2B4Ih4EUXCmbtzX%2FKNZ%2FGkdS8SfS7i98XOQR5i3EC8TIXkwtl8gQwNP7ZERaNbm8hWTSqDCy0At43nNVY%2BEArl3bjTpFcnoluS4mCv5gb99viwA9o1sgVZMfwXbMqo9%2B%2Brwo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
804321598a021947-FRA
lds-icon.23040acb0eb2.css
beswicks.legl.com/static/lds-icons/
4 KB
2 KB
Stylesheet
General
Full URL
https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2dcfe912b1afd867ab818c60627d395717c223331ff8f7494f2ccf80cbb9a5d
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
e5803e09-da5e-49f1-b595-dc9ef6d0b395
last-modified
Fri, 08 Sep 2023 11:41:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa41-fa7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ndV%2B6M%2BFjdmnr4%2FSSRD4LaRByo1NDXVJnObKBl6Ni3u%2Fft%2BBZLItZ8CSpqw2ldMkSvFYk6t%2Faou9DvVeramZFDCF5nriFNy1BP7SupZLjHNTcP2zvmFWpeI%2Btu3YVyb8s56QSknb7g8OdrhdVJG"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
804321598a031947-FRA
pay-b7bb41dce08dc4a1dc06.bundle.bd23c0bf7cb1.css
beswicks.legl.com/static/webpack_bundles/
19 KB
5 KB
Stylesheet
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.bd23c0bf7cb1.css
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
287fccaa-794c-4788-8d9e-a289a74318a0
last-modified
Fri, 08 Sep 2023 11:41:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa41-4a4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffDD1K7v%2BL9isHapuxlzHL1q6nw%2F6d2ywQD2T3tRHY0K2d6gU9ZMXQQIzngSDk%2BOvVMbfHA%2FMzfJJPCoO0FMNz5MTnQWcQWtDml0ZaZHNATlOCTwwGWOYj02nmRHZj1U4oQM15DkCjdBQbuLxlsD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
804321598a041947-FRA
beswicks_logo.svg
crowdjustice.imgix.net/company_logos/
4 KB
2 KB
Image
General
Full URL
https://crowdjustice.imgix.net/company_logos/beswicks_logo.svg?ixlib=python-1.2.0
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1067035
x-cache
HIT, HIT
x-imgix-id
08b4952f60615c069e7e61841fb04def48a7acae
cross-origin-resource-policy
cross-origin
content-length
1547
x-served-by
cache-sjc10029-SJC, cache-fra-etou8220088-FRA
x-imgix-render-farm
01.140328
last-modified
Thu, 16 Mar 2023 14:03:56 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
verified-by-visa.9476aad90c7a.svg
beswicks.legl.com/static/payments/img/color/
5 KB
2 KB
Image
General
Full URL
https://beswicks.legl.com/static/payments/img/color/verified-by-visa.9476aad90c7a.svg
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
1ef23ec4-81e3-4a30-a47b-fdde563ce409
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa40-144e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW4te1Ze8GDitISKYrc3m%2FoTD1B7b7OF3ZADNnr12SdakXCQHUnL0Cc1qziyDS8hL0ddyiKqQov9V0o8ppxt57sTj6NwAff0mWtJpm0l5LCc1ALC7A7CGiiZZwoKIkPl6q3laMVYRmr5Wl3r7GDE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a7a1947-FRA
mastercard-securecard.783601069452.svg
beswicks.legl.com/static/payments/img/color/
13 KB
5 KB
Image
General
Full URL
https://beswicks.legl.com/static/payments/img/color/mastercard-securecard.783601069452.svg
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
0c9a9985-ace9-424a-babc-9c59ec38a3a2
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa40-3223"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Of0tyJAWlmlzsfrb%2BYr%2BUAefZX7hQS11BYqWKEGKhys9jh1nuJYzR2HZMrVhtjFkenLw0foIAIsii7dO3IO1K4E%2FTawxLMM1BgZhg418Ds3Z93ijzAI6Iq8nufgb0WekC0YnG0lAAAsvIjY2FktA"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a7b1947-FRA
secured-by-legl.58640b8dd409.svg
beswicks.legl.com/static/payments/img/color/
12 KB
5 KB
Image
General
Full URL
https://beswicks.legl.com/static/payments/img/color/secured-by-legl.58640b8dd409.svg
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
2a621628-539a-4fd6-829a-7ed53ffcfde3
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa40-2ea1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOe7wHKq2BzgS%2F6eBV8B%2Fzgp1RTofge%2Fh7VpRS17giPTO2x2%2FA2KM7M2jfmhSO4wKWWTZ65GIg1plsSht6GJ4lb1eeSpkE2ICVilifT3rdzVdvwOJbq6uf76NZtI7uCOmn2uuHrkERGOmDlLV2yk"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a7c1947-FRA
warning-triangle.e5d88151e287.svg
beswicks.legl.com/static/payments/img/
2 KB
1 KB
Image
General
Full URL
https://beswicks.legl.com/static/payments/img/warning-triangle.e5d88151e287.svg
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
301cface-351a-4d23-ac11-4dac39bcb218
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa40-62c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LpdCMaEP25hcLIm8iUE6oeurVu7YdBvXdiy5YoQ%2B%2Fos%2FZN7fzNPICuZwZZYLU2yzA59ua18DjYuzXx2S3Dc%2FKQcEvVZ9Xfl3SR8rCEW73tzMAa4NvI7R57goxrDry4PXcZ%2FaW7ZLBihcuBivDZz"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a7d1947-FRA
secured-online-payment.3d1a4939d65c.svg
beswicks.legl.com/static/payments/img/
4 KB
2 KB
Image
General
Full URL
https://beswicks.legl.com/static/payments/img/secured-online-payment.3d1a4939d65c.svg
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
6b09297c-25a9-48b7-b469-becf2af88215
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa40-fe6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eKoNw8%2BatPd4OTcysgWq4IMuYU9ftaSfh%2FBQ0oIaJwEB9F7suBFhOanzZggbL7LMC2VYjaHKlmubjdduWWtnFr%2B8g%2BTxRuVdxvLwHFQXxJzd%2BcTfgSgXKu%2BBzx1bZv0JWARpE7iRwjgz8ys0x6u"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a7e1947-FRA
email-decode.min.js
beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://beswicks.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 14:34:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64f73c7d-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsNMlYQ5LPsbLtAgZcGAEe6ZM736ilT3sly79LvGDho08sRiSz49yIBetyCes4fahu3j8onPhhH5%2BXQQwt2w6BDlUdmsrRHWxnsDccfGge9wU2kyvaL1m8kmPH4jhgmUSMwc4ortd74Wf1gW1Wwl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8043215a1a781947-FRA
expires
Mon, 11 Sep 2023 23:14:55 GMT
bundle.tracing.min.js
browser.sentry-cdn.com/6.2.3/
89 KB
28 KB
Script
General
Full URL
https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://beswicks.legl.com/
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 19 Mar 2021 18:16:34 GMT
server
Fastly
age
3344722
etag
"44bea9771dbc4ce7cb75efc4b8a39dd1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27994
expires
Thu, 01 Aug 2024 06:09:33 GMT
pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
beswicks.legl.com/static/webpack_bundles/
292 KB
71 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca597a768a48d981e6ba6a33e08fff727fdb3cc870406853fd5e1853bcadb971
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
6b7b7779-7f50-4461-861a-6d2577289462
last-modified
Fri, 08 Sep 2023 11:41:05 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa41-48f85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPOhAtCSJbRHtWkPCMusnxmp4zuMvi2CsXtACDBg30p6v8ej3jb6oUEzZUvyvlUCIV%2FWCoKlv0U3%2FaLMM96MvIcJ4ZrF1Rfu%2FwEgCPNa09d5%2Bd80%2BdG0B2%2BbGFDupfV2OVip33yD9Nsaf8mrQidH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
8043215a1a791947-FRA
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://beswicks.legl.com/
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8043215a3eff9a3f-FRA
css
fonts.googleapis.com/
6 KB
745 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ec43a16303bbd86b6195bc96d7422e7fd483bc21842db1f303485bf2ac7b6ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 23:14:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 23:14:55 GMT
css
fonts.googleapis.com/
2 KB
850 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/css/fonts.256cad8881d0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Sep 2023 23:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 23:14:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Sep 2023 23:14:55 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:23:50 GMT
x-content-type-options
nosniff
age
6665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 21:23:50 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:200,300,400,500,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:18:33 GMT
x-content-type-options
nosniff
age
6982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 21:18:33 GMT
legl-icon.d254260158ba.woff2
beswicks.legl.com/static/icons/
22 KB
22 KB
Font
General
Full URL
https://beswicks.legl.com/static/icons/legl-icon.d254260158ba.woff2?e5283ed51cd54ef164f11b492e4f92c1
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Referer
https://beswicks.legl.com/static/icons/legl-icon.11118d854b30.css
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:55 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
22124
x-request-id
1eb19f1b-56ad-4917-8882-5f0f99faedf7
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"64fafa40-566c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GojTer8lSgs1obumEnDtORV11MnjPsoAjqD32jAOVhkwzKoQgZmQS5YBakFSeuaTplfWP0X0T%2F0BoEOElCTNa9lImLWpNuNFUcF%2F7%2Bs3jooB9GkZMEKohdDWVywnRVYqxlZVkDpqBfmaXj4s7qh0"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8043215abaf81947-FRA
array.js
legl-posthog.herokuapp.com/static/
118 KB
36 KB
Script
General
Full URL
https://legl-posthog.herokuapp.com/static/array.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Sat, 09 Sep 2023 23:14:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Wed, 31 May 2023 18:15:11 GMT
Server
gunicorn
Via
1.1 vegur
Etag
"64778eaf-1d8af"
Vary
Accept-Encoding, Cookie
X-Frame-Options
DENY
Content-Type
text/javascript; charset="utf-8"
Access-Control-Allow-Origin
*
Cache-Control
max-age=60, public
Connection
keep-alive
Content-Length
36084
/
o557392.ingest.sentry.io/api/6734447/envelope/
41 B
373 B
Fetch
General
Full URL
https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7
Requested by
Host: js.banked.com
URL: https://js.banked.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d5bfe550c3b7f10c2d5a309d6e2e493c3b22ed5963c2b201b7c3280f7560b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
9075-b7bb41dce08dc4a1dc06.bundle.js
beswicks.legl.com/static/webpack_bundles/
23 KB
9 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/9075-b7bb41dce08dc4a1dc06.bundle.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ba0f9d94a5882c91926915f3898b8415bfaf877037dc43226bb192b7eb6b5e
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
811b2c25-24a7-4933-84d9-e06fe00aab90
last-modified
Fri, 08 Sep 2023 11:41:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa3f-5bfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXeryK1Gg1dsWQj0WJ1b5uUlh5eAh%2FMJBr%2Fayzw0N7s6IWUt8psSC9ziWQSRjzszS1h62Pel72KKIcgIVbQ4JxtD2cP4u8vKQde12FPZGgTFlPibvMtytVuHEIAmOyKUlaGdzqlc4ukSLPJlOuZh"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8043215c5cb11947-FRA
8907-b7bb41dce08dc4a1dc06.bundle.js
beswicks.legl.com/static/webpack_bundles/
37 KB
10 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/8907-b7bb41dce08dc4a1dc06.bundle.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
513a02962c128526f4eebbc2c3bd8772412ec5c49d9b86dd4f4bc1f923d218d9
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
5bf1dcdc-fb8e-482a-b4ab-c0b1348182bd
last-modified
Fri, 08 Sep 2023 11:41:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa3f-94a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqHRnqIRWlBbxUgRjpnqsHXWQC4LxmOJMK%2FjL5B1FtEwG8e4ZLlkTLumaV2j%2Bus2PczThiF4jiwrH7iU8oQd1nbNCYw9AqoL5Z11fj5QLf%2F0k8%2Beq0wGH12DByTbZhpsu2l%2BjtNMbzSNwNGlihCz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8043215c5cb31947-FRA
7244-b7bb41dce08dc4a1dc06.bundle.js
beswicks.legl.com/static/webpack_bundles/
32 KB
7 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/7244-b7bb41dce08dc4a1dc06.bundle.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5982ce3431a6274bb952723926296191c6baed6faf9042328604ef21d23966e7
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
7a274a47-e8d5-4e58-b607-be03bf7b2f7f
last-modified
Fri, 08 Sep 2023 11:41:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa3e-81f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK1CyfW8a9LIE%2BWHTkyvXiOXCI04oepO7b57GPIjyQi4138um%2Bo07Y4M0uekAxkETswHAoNx6CL25SJ6rvh1h%2Bwi8IsEuIt6H0OQ%2BWpgmC3%2Ffbo915DRWUnsLMhj7qkELEq%2BgsfvwK%2F7wzNs9yhE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8043215c5cb61947-FRA
/
o557392.ingest.sentry.io/api/6734447/envelope/
41 B
105 B
Fetch
General
Full URL
https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7
Requested by
Host: js.banked.com
URL: https://js.banked.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4cc62f396e93803fdf56b61d7db0869fa231b3f94c547957e43a1cad218d1f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
/
o557392.ingest.sentry.io/api/6734447/envelope/
41 B
105 B
Fetch
General
Full URL
https://o557392.ingest.sentry.io/api/6734447/envelope/?sentry_key=aee9acb3250644aab59fb0c3e184974f&sentry_version=7
Requested by
Host: js.banked.com
URL: https://js.banked.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5009e393927e7746c234e6226224d24eeb8d29523cf364548a3d9a7c4693b678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
lds-icon.73c0668fb496.woff2
beswicks.legl.com/static/lds-icons/
9 KB
9 KB
Font
General
Full URL
https://beswicks.legl.com/static/lds-icons/lds-icon.73c0668fb496.woff2?62a260f99cb6c6a87358ff78577365c7
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beca612852cf66d873c8339f81347c5940052ce6061488190a4a0e2fe252c6bd
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

Referer
https://beswicks.legl.com/static/lds-icons/lds-icon.23040acb0eb2.css
Origin
https://beswicks.legl.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
alt-svc
h3=":443"; ma=86400
content-length
8936
x-request-id
1cd433bb-a64b-4ba2-85e1-6182f38b5544
last-modified
Fri, 08 Sep 2023 11:41:04 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"64fafa40-22e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNeX2pT3ORa5Is1EZczFIO1BBMjmXtz7ybi2dx5jhyYG5G7r0BsSDoYqbIr6RYmHZVqiLp29h%2Bt48Ez%2FRp%2Fs23nuiM9flBwbl%2FhZ3YVDIcJXsJJliwGOHUbaCLDEV9hltrY%2Fu5AMfe3JFgEQGdM5"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8043215c7ce41947-FRA
/
legl-posthog.herokuapp.com/decide/
193 B
654 B
XHR
General
Full URL
https://legl-posthog.herokuapp.com/decide/?v=2&ip=1&_=1694301296110
Requested by
Host: js.banked.com
URL: https://js.banked.com/v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.192.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-192-176.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sat, 09 Sep 2023 23:14:56 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Server
gunicorn
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://beswicks.legl.com
Vary
Cookie
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
193
/
o32237.ingest.sentry.io/api/5427794/envelope/
2 B
68 B
Fetch
General
Full URL
https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame F981
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beswicks.legl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3052
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 22:24:09 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id
2JRwcXE63nNBSQk9u7451ltxMuuZ7VfumoW_67gC4bqgi704XyXdqA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame F981
631 B
996 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 09 Sep 2023 22:24:06 GMT
x-content-type-options
nosniff
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
age
3051
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2IjCscxZwh58cZbgU2vC6a4fBIf8lei7Za2snTx36Ub6DHyWwR6_IQ==
csp-report
q.stripe.com/ Frame F981
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694301296596548
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1694301296596199
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F981
0
716 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694301296596706
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1694301296596278
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 5DC7
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
151
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 23:12:26 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-id
-npsfIItjyFmjUeePtD8i7_Am-Q7wZJxyA7NpM6Vz9iuP-dFFj8Blg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 5DC7
0
491 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694301296596777
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1694301296596214
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 5DC7
87 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 23:14:36 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
20
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
p1OnO9d194U7P0I0yQAeJSJzUjn_eaTzZ2k7UnqCBGQQYx0exXB7cQ==
7799-b7bb41dce08dc4a1dc06.bundle.js
beswicks.legl.com/static/webpack_bundles/
51 KB
9 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/7799-b7bb41dce08dc4a1dc06.bundle.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac067cce8423552db61bda4a6fda32e9135e256eac7de9440a263e74d4e5b60
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
e43136c2-3e0a-4b79-ae50-a41f7921c03e
last-modified
Fri, 08 Sep 2023 11:41:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa3e-cc1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJgumIrA%2BYM8pwSFGF5PaXIvQ9ujFdv6ZqKccLmt8j5L%2BRRPl1mg%2BOSC6rbXFBkmVyU%2Bz39LbuqjKGG%2FhQO0Wswfl8atF63ufDEfmyDoLKom6Tx6N0FemIDBnq1l4LY%2BImZpClGXoj8%2FiAzq%2BQlr"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8043215dada51947-FRA
6
m.stripe.com/ Frame 5DC7
156 B
668 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.147.194 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-147-194.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
10c3a646dbc77aa3f6cd63d94dbd66cc460e9fa9224c403d35e746cab5a818ac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694301296679448
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1694301296679257
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
8491-b7bb41dce08dc4a1dc06.bundle.js
beswicks.legl.com/static/webpack_bundles/
3 KB
2 KB
Script
General
Full URL
https://beswicks.legl.com/static/webpack_bundles/8491-b7bb41dce08dc4a1dc06.bundle.js
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/static/webpack_bundles/pay-b7bb41dce08dc4a1dc06.bundle.ebe804780776.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176dd86c4a3689442d3077d25d53e261d32bd092d96d9c66dea1cf048376cd36
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=3600
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 vegur
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
f1bc01c1-fcbd-48ef-8c72-e0df02efc05c
last-modified
Fri, 08 Sep 2023 11:41:02 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"64fafa3e-a60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPCLoJTCWxQ9x32za%2FI2PzX74%2F70qV4OJhgO8DQo5Xun4U7pQtVC7Now29K0FGxLDEN4n4aweBD940x69M4fz5TKKe6k5HtSnH0TZOxnbCKXx2MQXz2jBGnl%2BK4Xzxt5v6CwhZDp7OvMoJEF%2FwR6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8043215eee581947-FRA
smi9tjbm
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/smi9tjbm
Requested by
Host: beswicks.legl.com
URL: https://beswicks.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://beswicks.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
vK0uYYDgB4F.DO_vvx419j.KuAeTQ5sM
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 22:56:59 GMT
x-amz-cf-pop
FRA2-C1
age
1108
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2706
last-modified
Fri, 08 Sep 2023 13:49:34 GMT
server
AmazonS3
etag
"4dea6beecd24ba580408d9c9b70e8595"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
njWerrP--1bPlFgN7AdZCO0R4Z0un0q4N4qtVcPkvpASA53GVhHVPw==
rum
beswicks.legl.com/cdn-cgi/
0
142 B
XHR
General
Full URL
https://beswicks.legl.com/cdn-cgi/rum?
Requested by
Host: js.banked.com
URL: https://js.banked.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://beswicks.legl.com/pay/checkout/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type
application/json

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://beswicks.legl.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8043215f8ed31947-FRA
/
o32237.ingest.sentry.io/api/5427794/envelope/
41 B
105 B
Fetch
General
Full URL
https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d13531886b752319c88f68901032fedba2eb19b69800c28cb7061c7e09512586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://beswicks.legl.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 23:14:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
frame-modern.0088f593.js
js.intercomcdn.com/ Frame 01DA
506 KB
140 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.0088f593.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
iq1uecPdLrfZiZyRurZDKr2QCvxS916F
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 21:49:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
5121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
143127
last-modified
Fri, 08 Sep 2023 13:48:34 GMT
server
AmazonS3
etag
"800e98ccbe28f7fbe7b4a11ad33d2751"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
jXBhs9XbL8QhGy5tl0OAAM-pGAHi4hGvjqnvyna4z1izRbuCRoZIHg==
vendor-modern.1f7f821f.js
js.intercomcdn.com/ Frame 01DA
409 KB
126 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.1f7f821f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
e6b0of2zh6VmxPzKKTHVSimea6gIp5kh
content-encoding
gzip
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
date
Sat, 09 Sep 2023 22:46:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1731
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
128314
last-modified
Wed, 06 Sep 2023 14:44:14 GMT
server
AmazonS3
etag
"ab3e894af9301f1134cecc568095b249"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
TwXv24yVApgze-Hdqf_mgiXmMRw-2H6pk2ghJk1PwTsFjJHxrRSUIA==
ping
api-iam.intercom.io/messenger/web/ Frame 01DA
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.0088f593.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.239.100.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-100-113.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1157ae8043aa03284fef51dd97ea63049c994621e9d9efee5e906a2cdbb4cfcf
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 09 Sep 2023 23:14:58 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0dc23bde2e40c2d7e
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00318j673phonn563i1g
x-runtime
0.780556
server
nginx
etag
W/"1157ae8043aa03284fef51dd97ea6304"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://beswicks.legl.com
x-intercom-version
d1d319525a1538c675dfbe2eb849cdfcbf352e27
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| $ function| jQuery object| webpackChunkStripeJSouter function| noop function| Stripe object| intercomSettings function| Intercom object| Sentry object| __SENTRY__ object| posthog object| waffle object| Banked object| webpackChunkBanked object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| webpackChunkcrowdjustice object| sentrySettings function| parcelRequire object| __cfBeacon object| __sentry_instrumentation_handlers__ function| __intercomAssignLocation function| __intercomReloadLocation

8 Cookies

Domain/Path Name / Value
beswicks.legl.com/ Name: csrftoken
Value: ayUbcsUQWYP0KYXbvsKwTY3E84S8hfYs
.legl.com/ Name: ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog
Value: %7B%22distinct_id%22%3A%2218a7c3a15ecab2-04b23e64a1872-6332525b-1d4c00-18a7c3a15ed1135%22%2C%22%24device_id%22%3A%2218a7c3a15ecab2-04b23e64a1872-6332525b-1d4c00-18a7c3a15ed1135%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
m.stripe.com/ Name: m
Value: e7444d3e-3c4c-4c2a-a15b-3f0ef62626ecc7bacd
.beswicks.legl.com/ Name: __stripe_mid
Value: c6dcd597-5471-404e-b0e5-85a0041d43a689de1a
.beswicks.legl.com/ Name: __stripe_sid
Value: ac48b005-a63f-46f4-bc3e-e27b5a93b4891f245e
.legl.com/ Name: intercom-id-f4wk485h
Value: 343e2d32-b8cd-4b93-8ff5-e4349c33e5d2
.legl.com/ Name: intercom-session-f4wk485h
Value:
.legl.com/ Name: intercom-device-id-f4wk485h
Value: f5778c69-26d4-4152-8cf9-ee41e7075d36

2 Console Messages

Source Level URL
Text
other error URL: https://beswicks.legl.com/pay/checkout/
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
beswicks.legl.com
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
fonts.googleapis.com
fonts.gstatic.com
js.banked.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
o557392.ingest.sentry.io
q.stripe.com
static.cloudflareinsights.com
widget.intercom.io
13.224.189.18
18.66.147.49
2001:4de0:ac18::1:a:1b
2600:9000:2057:1a00:19:7d10:bd80:93a1
2606:4700:20::ac43:47d9
2606:4700:4400::6812:2ac3
2606:4700::6810:3965
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a04:4e42:400::729
2a04:4e42:8e::720
34.120.195.249
34.239.100.113
44.236.147.194
54.186.23.98
54.220.192.176
99.86.4.122
0ac067cce8423552db61bda4a6fda32e9135e256eac7de9440a263e74d4e5b60
10c3a646dbc77aa3f6cd63d94dbd66cc460e9fa9224c403d35e746cab5a818ac
1157ae8043aa03284fef51dd97ea63049c994621e9d9efee5e906a2cdbb4cfcf
12d5bfe550c3b7f10c2d5a309d6e2e493c3b22ed5963c2b201b7c3280f7560b3
16b6c9ab85aa1818c6d5d75b2e97be01672b3a047ab8d11f17bc85a4a771feab
176dd86c4a3689442d3077d25d53e261d32bd092d96d9c66dea1cf048376cd36
1bce26396e9ee73c57abb7c491a0544aeba6f73e6d045baf42f68802c86df28b
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
1ec43a16303bbd86b6195bc96d7422e7fd483bc21842db1f303485bf2ac7b6ad
23bd3412fe14beb85526c2cfcb076957a73496692b424382b4908b6d4ee991b8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31ba0f9d94a5882c91926915f3898b8415bfaf877037dc43226bb192b7eb6b5e
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
364807df4075ad5a9c73464ad999189da94d92495c7695f3b3c58cc8e6b42d75
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
3eb0f3f8a45d2fced56c6eccf4dceae5ea5bdc6134804777972c0c43cccb93ca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5009e393927e7746c234e6226224d24eeb8d29523cf364548a3d9a7c4693b678
513a02962c128526f4eebbc2c3bd8772412ec5c49d9b86dd4f4bc1f923d218d9
51a8aab72d9a7b9c6dcd455c7c96c3ed24f7f767308209c7a9afa9a6fad346a5
5982ce3431a6274bb952723926296191c6baed6faf9042328604ef21d23966e7
70e35dc70763bfb232437236478c7630b12aadaee6f2bb60c0bb141007e1b7c7
71a2cb9af79e5cc4e341079cb9cef6a5ab97ad612844792e296fcefbc1b09280
7626bcca2926dde098bd3d26ac6beefc16d926fa07e69b22c12f80d0a5153377
8cafa1e7b2db2ad1030259053de96a92a15d528ed59bf0b93b4cc8633bb29fe9
914a96a89f940b71bbe9dbfa405d40c9443962f00b80f125cb02dcd7c88bc5fc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a094393e1fdb613555e86f8ec1af9660b41ff795752226d0bf1deb393dba63c7
ad6349baebe0df59e2c2312800fe4e150d3bd853912e2d1ce609e7e04fcb6442
adfd9be5d7245f707f52fb25c6a9d4255c01cea011ca56c6f23b5e816e0caed9
aeb4773e476638dfc72558c95e4b833c26145e0d2e2c2ed6495c5e88422a8e57
b78f16dd560dbef312888e32ed056e2eac13debe2713ed58c6e1537f39836131
beca612852cf66d873c8339f81347c5940052ce6061488190a4a0e2fe252c6bd
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2dcfe912b1afd867ab818c60627d395717c223331ff8f7494f2ccf80cbb9a5d
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4cc62f396e93803fdf56b61d7db0869fa231b3f94c547957e43a1cad218d1f0
ca597a768a48d981e6ba6a33e08fff727fdb3cc870406853fd5e1853bcadb971
d13531886b752319c88f68901032fedba2eb19b69800c28cb7061c7e09512586
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d