urlscan.io logo urlscan.io
SecurityTrails logo

lewissilkin.legl.com Open in urlscan Pro
172.67.71.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lewissilkin.legl.com/
Effective URL: https://lewissilkin.legl.com/pay/checkout/
Submission: On October 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 118 HTTP transactions. The main IP is 172.67.71.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is lewissilkin.legl.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2021. Valid for: a year.
This is the only time lewissilkin.legl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 172.67.71.217 13335 (CLOUDFLAR...)
1 69.16.175.42 33438 (HIGHWINDS2)
23 151.101.128.176 54113 (FASTLY)
1 151.101.66.217 54113 (FASTLY)
1 151.101.114.208 54113 (FASTLY)
5 142.250.186.174 15169 (GOOGLE)
3 216.58.212.170 15169 (GOOGLE)
1 34.120.195.249 15169 (GOOGLE)
2 142.250.186.35 15169 (GOOGLE)
3 46.137.15.86 16509 (AMAZON-02)
1 66.102.1.155 15169 (GOOGLE)
2 52.222.236.21 16509 (AMAZON-02)
28 54.187.119.242 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
1 1 13.32.99.25 16509 (AMAZON-02)
3 13.35.253.111 16509 (AMAZON-02)
1 54.149.140.205 16509 (AMAZON-02)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 75.2.88.188 16509 (AMAZON-02)
4 64.233.166.92 15169 (GOOGLE)
5 142.250.186.67 15169 (GOOGLE)
13 142.250.186.142 15169 (GOOGLE)
118 21
20    172.67.71.217 (United States)

ASN13335 (CLOUDFLARENET, US)
lewissilkin.legl.com
1    69.16.175.42 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net
code.jquery.com
23    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    151.101.114.208 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
crowdjustice.imgix.net
5    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
3    216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net
fonts.googleapis.com
1    34.120.195.249 (United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o32237.ingest.sentry.io
2    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
3    46.137.15.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-15-86.eu-west-1.compute.amazonaws.com
legl-posthog.herokuapp.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
stats.g.doubleclick.net
2    52.222.236.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-21.fra56.r.cloudfront.net
m.stripe.network
28    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
r.stripe.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    13.32.99.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-25.fra60.r.cloudfront.net
widget.intercom.io
3    13.35.253.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-111.fra6.r.cloudfront.net
js.intercomcdn.com
1    54.149.140.205 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-140-205.us-west-2.compute.amazonaws.com
m.stripe.com
1    162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
4    64.233.166.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f92.1e100.net
pay.google.com
5    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
13    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
play.google.com
Domain Requested by
25 q.stripe.com lewissilkin.legl.com
23 js.stripe.com lewissilkin.legl.com
js.stripe.com
20 lewissilkin.legl.com 2 redirects lewissilkin.legl.com
13 play.google.com www.gstatic.com
5 www.gstatic.com pay.google.com
www.gstatic.com
5 www.google-analytics.com lewissilkin.legl.com
www.google-analytics.com
browser.sentry-cdn.com
www.gstatic.com
4 pay.google.com js.stripe.com
pay.google.com
lewissilkin.legl.com
www.gstatic.com
3 r.stripe.com js.stripe.com
3 js.intercomcdn.com widget.intercom.io
3 legl-posthog.herokuapp.com lewissilkin.legl.com
browser.sentry-cdn.com
3 fonts.googleapis.com lewissilkin.legl.com
browser.sentry-cdn.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com fonts.googleapis.com
1 api-iam.intercom.io js.intercomcdn.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 m.stripe.com m.stripe.network
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com lewissilkin.legl.com
1 stats.g.doubleclick.net browser.sentry-cdn.com
1 o32237.ingest.sentry.io browser.sentry-cdn.com
1 crowdjustice.imgix.net lewissilkin.legl.com
1 browser.sentry-cdn.com lewissilkin.legl.com
1 code.jquery.com lewissilkin.legl.com
118 23

This site contains links to these domains. Also see Links.

Domain
www.lewissilkin.com
legl.com
Subject Issuer Validity Valid
legl.com
Cloudflare Inc ECC CA-3		 2021-05-30 -
2022-05-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-09 -
2021-11-03		 4 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-10 -
2022-06-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.ingest.sentry.io
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.herokuapp.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2021-11-03		 4 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.intercom.com
Amazon		 2021-04-15 -
2022-05-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 10 frames:

Primary Page: https://lewissilkin.legl.com/pay/checkout/
Frame ID: D6AFCB27D92D7BDC2E7CE2829D12E6DF
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-303f500c0ffddb43526548bb387fe25d.html
Frame ID: 39B9FA3389B43F2466AA7D37BEFE01B5
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: ACCAA23CED5E7D18BC31DF6D1F944693
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
Frame ID: 545D1BEFC78F6A89078AEDA598AD3915
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Frame ID: 350C665F43ACAE0C77A2E867C73067F2
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
Frame ID: E2A43DB26FA54C9B4FEA818E02A86020
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
Frame ID: BC397D5B6E79C223BF2582C01AD7DFF7
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.54c869a5.js
Frame ID: 3F071C7822199098F2C991B27F4697FF
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 7968ABAA71D7AEFAE74586145F6F7DDD
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Frame ID: 034E2CCE948D32D3A666215D80CFD11F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Checkout - Payments

Page URL History Show full URLs

  1. https://lewissilkin.legl.com/ HTTP 302
    https://lewissilkin.legl.com/pay/ HTTP 302
    https://lewissilkin.legl.com/pay/checkout/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

21
IPs

3
Countries

1588 kB
Transfer

5311 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lewissilkin.legl.com/ HTTP 302
    https://lewissilkin.legl.com/pay/ HTTP 302
    https://lewissilkin.legl.com/pay/checkout/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://widget.intercom.io/widget/smi9tjbm HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lewissilkin.legl.com/pay/checkout/
Redirect Chain
  • https://lewissilkin.legl.com/
  • https://lewissilkin.legl.com/pay/
  • https://lewissilkin.legl.com/pay/checkout/
33 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e0ba7009d9170413a0c67f90d02753fafcc749da600667b6ba03971e582952
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
lewissilkin.legl.com
:scheme
https
:path
/pay/checkout/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie, Accept-Encoding
content-language
us
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; expires=Tue, 18 Oct 2022 18:04:32 GMT; Max-Age=31449600; Path=/; SameSite=None; Secure sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI; expires=Tue, 02 Nov 2021 18:04:32 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=None; Secure
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXLFhn6hZ7TAbj5BjYFmOgKhf%2BEaOnGs4VSxTj4JTdmMkMCPi8W0voMcK4oMb6qdQwlqBEkDSLXfr6XJNuMduGJeU0Fi7jWngZ7qmfj1D61rf1Z35z9F3G7GN56wRkA6GaCToLP5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a0bedee8b094137-PRG
content-encoding
br

Redirect headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-type
text/html; charset=utf-8
location
/pay/checkout/
vary
Accept-Language, Cookie
content-language
us
strict-transport-security
max-age=3600
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
sessionid=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/; SameSite=None; Secure
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAn7I9CJ3TDGhUVRrFlQQWnTABb3qqBGKSDfFCynxjcYHSWDYJvuBzLOTapoFhc8grkr5g0TxaX6bOIGcOtOIBXbmerQKneGLYZ5aheUmE3mN79PiczSYj2QEc0h1LGRkZOhy7Ur"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a0beded88e54137-PRG
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1634666672.dop201.fr8.t,1634666672.cds231.fr8.hn,1634666672.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
autotrack.f6c563da9969.js
lewissilkin.legl.com/static/vendor/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/vendor/autotrack.f6c563da9969.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f2f9492aadffe1fd2edfedcc91a77068a5445350190636c1e2ecab234c4df5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/vendor/autotrack.f6c563da9969.js
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-2ac2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK7FJ%2FAmdMgxptHPb22s3FaVwQ%2BGau5kHKUA64Rxr35eu6Lq2sNYql8reDHg8iEpkgpfv0kWXu10qyyIqQha5pDpqappeQn2qmnSizGrMc1DyvoIpLls%2FqkRukNCklQPPWEFB%2BMu"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedefde284137-PRG
/
js.stripe.com/v3/ 		263 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
993947f91e72f24e32410942d3cda4566c6f0af399f7322b99b21a1bf9b3c982
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-encoding
br
vary
Accept-Encoding
age
64
via
1.1 varnish
x-cache
HIT
content-length
64425
x-amz-id-2
doi8iQRfAg7VKOj0TD20BaU+8wd5v7sNSrOTguGFxW5IpXWRkNCroWQt+GBW78X9X/5x0Waatao=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:30:11 GMT
server
AmazonS3
etag
"a484eea561abf3a22188c5b9c48132a5"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
RBXG8HN2V6DV7SNS
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
39
fonts.e3d21e313d5a.css
lewissilkin.legl.com/static/css/ 		2 KB
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/css/fonts.e3d21e313d5a.css
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/css/fonts.e3d21e313d5a.css
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:23 GMT
server
cloudflare
etag
W/"616e8d23-973"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtWIGH7Njmvb10WGhR4ifFokbfUYJ%2B0JL%2Ft4yphqH9tOfS6%2FSCfAXYcKqaNafNNsw4nV4CG9JXaIr1T7emJEb0U%2Fj7idvpTUAv1QTcwfy3glqs8Qvq6fgE%2FE6dUUZE6pabNzF9S4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedefee294137-PRG
legl-icon.91be6d8c44d4.css
lewissilkin.legl.com/static/icons/ 		62 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/icons/legl-icon.91be6d8c44d4.css
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5a95bf35f6704592280e9fef0bb354d0d1532cac0c8fc48452b74488637bc5
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/icons/legl-icon.91be6d8c44d4.css
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:23 GMT
server
cloudflare
etag
W/"616e8d23-f9f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYal7blPyx3uUKVJFMCN%2FCzl6QGRdt0smWaeygSS2xCKBFJsuEGD1HWr06e0k3DVgkXiq2C5oNmuQUX1ajJZQeGVCYScC62s3dPZp5TRhk%2FAj9okyT%2BDJb67vXbrYKU%2F3NAYty9B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedefee2b4137-PRG
payments-main.ea4356373f2384697415.js
lewissilkin.legl.com/static/payments/dist/ 		219 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/payments/dist/payments-main.ea4356373f2384697415.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b969db1855407fc722fdf4acf4b83cf0b14c9b8a6a0d0be693c75b69101c553
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/dist/payments-main.ea4356373f2384697415.js
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:20 GMT
server
cloudflare
etag
W/"616e8d20-36bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4W5JFwy9XK9I6Xkem%2Fy7ZE5ueK7xgV%2Fwr6p%2BaCwXPNJD6y6veSwZwpn3iS6Zxl6WX6s092%2FkQOqhHlepWdDWlvPKDAzRT7ydHoC3Z0g9c9WLZlqBxL0ykIjdfytN%2F2sK39pa8H0a"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6a0bedf169654137-PRG
payments-main.00cc2012eaa9182cbbce.css
lewissilkin.legl.com/static/payments/dist/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/payments/dist/payments-main.00cc2012eaa9182cbbce.css
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93068435f23effa4d8e17d2e7cef7532ed89e2a41f49569429d1ebf5fa7b21da
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/dist/payments-main.00cc2012eaa9182cbbce.css
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:20 GMT
server
cloudflare
etag
W/"616e8d20-3d22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozt1soTh2QzaLTUJx6n3zz798PghnNZ0NQecFNHS3FAfTUq4j3LMxz%2BotcGeT3VJ%2F7U%2FRTLN14d4UA%2FT9FQ%2BDRg5pWsz05GaV0v7NR4oHIh1idesNK7OCPvT660qnyyykLFcRcwf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
6a0bedefee2e4137-PRG
bundle.tracing.min.js
browser.sentry-cdn.com/6.2.3/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://lewissilkin.legl.com/
Origin
https://lewissilkin.legl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 18:16:34 GMT
server
Fastly
age
2881522
etag
"44bea9771dbc4ce7cb75efc4b8a39dd1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
27994
expires
Fri, 16 Sep 2022 09:39:11 GMT
lewis_silkin_logo.png
crowdjustice.imgix.net/company_logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crowdjustice.imgix.net/company_logos/lewis_silkin_logo.png?ixlib=python-1.2.0
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.208 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4730d4f12893c4056783ab179479ba5c267742b43b3d4e39c134a28b15539b66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 03 Feb 2020 21:29:53 GMT
server
imgix
age
166432
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
x-imgix-id
884cd71c2e18140ffed4c19b5e0b1f2cd981820a
accept-ranges
bytes
content-length
5346
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10066-SJC, cache-hhn4029-HHN
mastercard-securecard.a7142ebf82d1.svg
lewissilkin.legl.com/static/payments/img/color/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/color/mastercard-securecard.a7142ebf82d1.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4309ae102baccffd72b79b00e1a64f2fc4af7863d71120ddc7220dcba2276285
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/color/mastercard-securecard.a7142ebf82d1.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:21 GMT
server
cloudflare
etag
W/"616e8d21-324b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RykWk%2ByQ510%2BBglZs2xFcdCOWcmtLWqQqTDEn8sbPZMEuxtf%2Bf4ahjR66RLAVS0AaIoe8WBHxHH2MrntrWaZaIj%2BFcjpzhS2AtRcjizn7lntqE3%2F3j1s9DZBjTM3%2BGOHYYBUQIIL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9e14137-PRG
verified-by-visa.396f0395e924.svg
lewissilkin.legl.com/static/payments/img/color/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/color/verified-by-visa.396f0395e924.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8114406209f7da5972abc1aa63b28f25856672cf18d125a16672e6fe2ea5f8bb
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/color/verified-by-visa.396f0395e924.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:21 GMT
server
cloudflare
etag
W/"616e8d21-1440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y07KzMQik2qRSEWL7BWz4rPveFaAC%2FOq0Ae7UCAamyHOcNOPfXD0smy%2BsEy2V9R6M5kvn84IneLXKvGTYyhsT9FM73roORznHqvhdwhIPAQ6FaPRWqzYBRQp%2FJM%2FrwyEgeBr8hop"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9e34137-PRG
secured-by-legl.153ba1a8f5b3.svg
lewissilkin.legl.com/static/payments/img/color/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/color/secured-by-legl.153ba1a8f5b3.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1141b1e5cab66fa87efaaa5c19bc0aca95efc9ff3c4c74f9f4d481f6694fa0a
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/color/secured-by-legl.153ba1a8f5b3.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:21 GMT
server
cloudflare
etag
W/"616e8d21-2edb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRVZLE4nkNgFuHwm1V0%2BeKuuO2ZeLGXW6Q034CiVbC0H3MnGr%2FF0ODtwp%2FL1xEkxZXvRFJIJ7FkNm2QSjTHXywRpIhvReKpWiPlhDqEP8eVaRljsd%2F9X45EoL%2FWxJruzaRfGbRpm"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9e44137-PRG
warning-triangle.e5d88151e287.svg
lewissilkin.legl.com/static/payments/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/warning-triangle.e5d88151e287.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/warning-triangle.e5d88151e287.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTTe6ayKAHTSeY%2BROMFi9PQ%2FJJ9RiDwJsA6LSgXrUhbbuUGqyb8lBYzgPWXu45q%2F%2B4gbDkYp8fUDLb%2FjpfuRd4gTjbUTdRhlgFCiC9NHo5cdTpZnKWZ4xzaEkuLEf%2FO6qOjnVblq"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9e64137-PRG
secured-online-payment.3d1a4939d65c.svg
lewissilkin.legl.com/static/payments/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/secured-online-payment.3d1a4939d65c.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/secured-online-payment.3d1a4939d65c.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-fe6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJgSWvVzrAMt%2BfSbKQq8Jf4Vz8AETJDDOeVkXxGQJ4jpmS%2BSLW2h6Jbu4sNcw7OR7orBQIDZ%2FbfbHQ6MoxHg4losRSYvEl%2BSAijnxIympMo6nxVekU9y1cKUYbKeJ2yyDIRcKTXL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9e84137-PRG
google-pay.04e9401dc3f6.svg
lewissilkin.legl.com/static/payments/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/google-pay.04e9401dc3f6.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29a04a122d5e19d905ff8a14da121b44245fabe7570f302f4c74f7e138a8f99b
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/google-pay.04e9401dc3f6.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-8eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQZrzQzQAB76lkJy%2F%2BkidIoBX7sdAzkRWrr3NA2ea%2FOlOHj8mryYYCgwoOPG6bWiDO5h0NfQn7fYWcD4dgJEKeyBcCXac36XZy7ElWiq5Syn842y0QE8MUSzhmL3LOgab6U7KvrI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9ea4137-PRG
apple-pay.6ca6dc076aae.svg
lewissilkin.legl.com/static/payments/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/apple-pay.6ca6dc076aae.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f305726566ab8bbcd37ac6f8a76e4cf141e2936e1c557c7921f7e1e245d812
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/apple-pay.6ca6dc076aae.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-8eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9gKFB6Zc10eu2EXUPsIQvD2yYkx5ml6gE5%2FbjK5F%2BGWm7O1h%2BTNh%2BcLPWNfOeBm8rWqtps0KeGuHhNDsjd2uVNidX%2F0%2F2sp6F5LYBKshuvwSe%2B6BNgtUc2lCvJgtfyJzsoK8wD2"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9eb4137-PRG
visa.99377fbe2c0f.svg
lewissilkin.legl.com/static/payments/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/visa.99377fbe2c0f.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aae68aac419be6aa8b867e96386f402a4048c2e6df4359f95969c0c52bda945
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/visa.99377fbe2c0f.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-65a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozy89fIFIa9EiHqfzzIt2JAFHH2Wz5HS0z0FuYHPAGqsnNso5vUdFK5DrtCaGVs0MO3Myk8b3%2FvYooi4odlWWaOxAcn4F%2BuRiJYqcnVFg20nGHd6dahJ%2FWpMMcFQmU7pQQcN1K59"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1a9ef4137-PRG
mastercard.aee11b183c3b.svg
lewissilkin.legl.com/static/payments/img/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/mastercard.aee11b183c3b.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86427f019af88928a978e5d8370218f796b83e4489c6184edbf27ed5afe7b14
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/mastercard.aee11b183c3b.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-175d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atLObWEux4rKQyseuN1iWAPrqcA03b8GXfiuLBZdsWkQoa5KZWCWxWxl5onM%2FUak7L9JZM0aauWtgi0NVUfvaQR8U2d6ZK%2BR9QjYBhEhmKvp3pjCiBJu4w7wSfcjVqu%2BYx8OAdYV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1b9f14137-PRG
amex.3b7579b282a8.svg
lewissilkin.legl.com/static/payments/img/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lewissilkin.legl.com/static/payments/img/amex.3b7579b282a8.svg
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5984a9065e2bd6faaae0cd1fc8c965f01d7a7014338e419fa25fc63b3fbfec09
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/payments/img/amex.3b7579b282a8.svg
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-encoding
br
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
W/"616e8d22-1691"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKqpFFfGhhNC7faDmnThH6%2FJs8v7WonRu1oPINGlK7OR5Jqp220fw1xmxIR9Y9qavgDUzpto%2FWSbefHEgznhKISa454SrzTlSXOGmzgkwbRfAzWJmSpYgRN81qvolfAumCqxeD6X"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
cf-ray
6a0bedf1b9f54137-PRG
email-decode.min.js
lewissilkin.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/pay/checkout/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/pay/checkout/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 10:17:24 GMT
server
cloudflare
etag
W/"6166b234-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsmDgo0Q%2BCQp61CYjEM7CO2cZ32HNmhWVDz6D%2B4iKieie4m8Zu19L5HPr%2B9ZdqqRS6Hb4zMjRrVfC9kITmAizlSeME64kExe5%2FGuO2WXQkZir1BVlkYUPXtB9JqV0hpxAwcy212q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a0bedf149304137-PRG
vary
Accept-Encoding
expires
Thu, 21 Oct 2021 18:04:32 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
206
date
Tue, 19 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 19 Oct 2021 20:01:06 GMT
css
fonts.googleapis.com/ 		6 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=DM+Serif+Display|Montserrat:300,500,800&display=swap&subset=latin-ext
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/static/css/fonts.e3d21e313d5a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
8fa0f71ac3e212f1b1ee2621e254b27464a4289099b2d5eea299eb07e6e55357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 18:04:32 GMT
server
ESF
date
Tue, 19 Oct 2021 18:04:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 19 Oct 2021 18:04:32 GMT
css
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/static/css/fonts.e3d21e313d5a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
0f39c66b05c3a32733c8c23d109711cc16da069ca4de88f081890d0431b4b200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 18:04:32 GMT
server
ESF
date
Tue, 19 Oct 2021 18:04:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 19 Oct 2021 18:04:32 GMT
/
o32237.ingest.sentry.io/api/5427794/envelope/ 		2 B
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o32237.ingest.sentry.io/api/5427794/envelope/?sentry_key=0c6888fe21894a6b9ab8ff1c3c01c8cc&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://lewissilkin.legl.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
legl-icon.f0591f5dfc35.woff2
lewissilkin.legl.com/static/icons/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lewissilkin.legl.com/static/icons/legl-icon.f0591f5dfc35.woff2?9d80a65664ef0e99d3f088a60e500bf1
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/static/icons/legl-icon.91be6d8c44d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abab042464f7aed5d864c091a5daa92f1d2c68c67f2492076a19c74e0f0ef0b0
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://lewissilkin.legl.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
csrftoken=kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM; sessionid=.eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
:path
/static/icons/legl-icon.f0591f5dfc35.woff2?9d80a65664ef0e99d3f088a60e500bf1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lewissilkin.legl.com
referer
https://lewissilkin.legl.com/static/icons/legl-icon.91be6d8c44d4.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://lewissilkin.legl.com/static/icons/legl-icon.91be6d8c44d4.css
Origin
https://lewissilkin.legl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=3600
content-length
21968
x-xss-protection
1; mode=block
last-modified
Tue, 19 Oct 2021 10:17:22 GMT
server
cloudflare
etag
"616e8d22-55d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IUicABX4uWV1gaSTeBA52fTnjczJw6zD%2BU95zMKrAgHP6naWTEygvD8J0BaU3teC9PqceQftz6HPTHsK56KQEXyqluuRxnlOrdoMUOe4Rg8%2BNCHa2zN%2FvaPEf37z8IFNxnFdWvk"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
6a0bedf1ca274137-PRG
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200,300,400,500,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lewissilkin.legl.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 17:03:52 GMT
x-content-type-options
nosniff
age
435640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 17:03:52 GMT
array.js
legl-posthog.herokuapp.com/static/ 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://legl-posthog.herokuapp.com/static/array.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-15-86.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 18:04:33 GMT
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Mon, 28 Jun 2021 13:10:15 GMT
Server
gunicorn
Via
1.1 vegur
Etag
"60d9ca37-1c5a7"
X-Frame-Options
DENY
Content-Type
text/javascript; charset="utf-8"
Access-Control-Allow-Origin
*
Cache-Control
max-age=60, public
Connection
keep-alive
Vary
Accept-Encoding, Cookie
Content-Length
34742
X-Content-Type-Options
nosniff
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 19 Oct 2021 19:01:20 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PNTFWMJ&cid=1159633180.1634666673
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
2468f7e934c2d1015a31b1f511108d7ffda890dd01b09e3bafa5d3770d66aa90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35740
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:32 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1996922321&t=pageview&_s=1&dl=https%3A%2F%2Flewissilkin.legl.com%2Fpay%2Fcheckout%2F&ul=en-us&de=UTF-8&dt=Checkout%20-%20Payments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEATQAAAAC~&jid=1721069648&gjid=234798777&cid=1159633180.1634666673&tid=UA-62848220-2&_gid=1523985335.1634666673&_r=1&_slc=1&did=i5iSjo&z=1545503197
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lewissilkin.legl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-62848220-2&cid=1159633180.1634666673&jid=1721069648&gjid=234798777&_gid=1523985335.1634666673&_u=KGBAAEASQAAAAC~&z=1788986627
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 19 Oct 2021 18:04:33 GMT
content-type
text/plain
access-control-allow-origin
https://lewissilkin.legl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
legl-posthog.herokuapp.com/decide/ 		193 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://legl-posthog.herokuapp.com/decide/?ip=1&_=1634666673112
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-15-86.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 19 Oct 2021 18:04:33 GMT
Via
1.1 vegur
Referrer-Policy
same-origin
Server
gunicorn
X-Frame-Options
DENY
Vary
Cookie
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://lewissilkin.legl.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
193
X-Content-Type-Options
nosniff
m-outer-303f500c0ffddb43526548bb387fe25d.html
js.stripe.com/v3/ Frame 39B9 		240 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-303f500c0ffddb43526548bb387fe25d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3621c19e13c78aa0142e7a688c95baea0bd8c243e1891dd694234245da18b6a5
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-303f500c0ffddb43526548bb387fe25d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
PYH83tSF9WIzG+YjnvFd2Jv9qXnhedMlQT5nN9tkMc30Ur1xsiaa6ds1BACZM8rpPU2ARW4zb0k=
x-amz-request-id
JFM82VTFV20601PW
last-modified
Fri, 15 Oct 2021 17:23:39 GMT
etag
"303f500c0ffddb43526548bb387fe25d"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:33 GMT
via
1.1 varnish
age
82
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
216
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
140
m-outer-2a901eab240385b99d6fb131192ad45a.js
js.stripe.com/v3/fingerprinted/js/ Frame 39B9 		1 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-2a901eab240385b99d6fb131192ad45a.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-303f500c0ffddb43526548bb387fe25d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19c750693349fe823ddd7d2cc877755d9002dd4099728c275544f6138e498d78
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-303f500c0ffddb43526548bb387fe25d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:33 GMT
content-encoding
br
vary
Accept-Encoding
age
45
via
1.1 varnish
x-cache
HIT
content-length
645
x-amz-id-2
lUgVXZFfI/a/MKaa7oTsta6R7kuay5pkSf5uDDIZ1K26LXD2SS9mHDvePUaZjFLsJH1YOljWDkY=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:21 GMT
server
AmazonS3
etag
"ae4f28134a8f5d16f235bf8e9083c561"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
FP2J79QR6MB6SKY9
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
107
inner.html
m.stripe.network/ Frame ACCA 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2a901eab240385b99d6fb131192ad45a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-21.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
date
Tue, 19 Oct 2021 18:01:21 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
cache-control
max-age=300, public
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
-kjkpy3UOIutBa1ClaYCJ_SGNl_zM7kraQCe6BMqFNpPV9z-t4mTMg==
age
194
csp-report
q.stripe.com/ Frame ACCA 		0
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.40.js
m.stripe.network/ Frame ACCA 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.40.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-21.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 17:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
Cloudfront
age
293
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89e34e3fd814f1393ef77867b93dd12f.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
timing-allow-origin
*
vary
Accept-Encoding,Accept-Encoding
x-amz-cf-id
wrFIo300ggiTZZ7U27x-31q8cpKvBW-YHUEpFcCygi1SzT9vPcPXow==
nr-1211.min.js
js-agent.newrelic.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1211.min.js
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding
gzip
etag
"3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id
AVTH4FS16E8233K7
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12477
x-amz-id-2
2tuSKKHgv0Gnez3uDvObk6hLwQ8iuD9gc7ol0THBhcBhUhhziKcdH9SFph396VEKpqK2bwfbwRs=
x-served-by
cache-hhn4049-HHN
last-modified
Mon, 27 Sep 2021 20:46:50 GMT
server
AmazonS3
x-timer
S1634666674.361824,VS0,VE0
date
Tue, 19 Oct 2021 18:04:34 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
36587
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/smi9tjbm
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d908bedd3efba20f39f73c008930fd29794c5fed682cc31b707575ac4db8a81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 19 Oct 2021 18:01:24 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 14:40:39 GMT
server
AmazonS3
age
191
etag
"80069a7fc90182fa40a3e8dd5515a319"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6048
x-amz-cf-id
B4cPlFfIjeQSHWYpqcBFBzraOPPVqfJQpzouRC1e2L7RlfRA3WLP6Q==

Redirect headers

date
Mon, 11 Oct 2021 13:16:19 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
server
AmazonS3
age
708496
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
L1WcM0xVZHtMUpJG859U3nolxsQdUzKj_iybdlsYApGtMEK8lt8iOQ==
controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
js.stripe.com/v3/ Frame 545D 		349 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b72c6221263b13fea9baadb2a43ea72837dfa210d6c225f3fce360969aa2493
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
bGcCU2PzWAayp2cm1ZZymVBl3p27zsPYpfUNQZnFjcl66ndGwjS/4Zt4E5lmDIj8QjTxqgbZLso=
x-amz-request-id
1FJ6N9XMHE7QGAWY
last-modified
Mon, 18 Oct 2021 22:11:14 GMT
etag
"d9bcc0046a0d27d4b91b76f8d9e59207"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:34 GMT
via
1.1 varnish
age
91
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
37
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
166
css
fonts.googleapis.com/ 		2 KB
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 16:08:46 GMT
server
ESF
date
Tue, 19 Oct 2021 18:04:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 19 Oct 2021 18:04:34 GMT
elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
js.stripe.com/v3/ Frame 350C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fe5fc543b700134b8a0fd8fd03ae07777211530e7f1cb3486d3fdd26dee25a3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
211pQyCK5hIM2Wp63MF4Npdjzq5LOUpLwVyV/4f8tlOBY5kIlFeGSj3AVK2r2KBQ3p2dCwxT/h4=
x-amz-request-id
562KHXPQNFJQ2W1R
last-modified
Mon, 18 Oct 2021 22:10:55 GMT
etag
"7c3c3d5978c63f1807ff7d81ec887051"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:34 GMT
via
1.1 varnish
age
196
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
38
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
1146
payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
js.stripe.com/v3/ Frame E2A4 		434 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b7c7dba8d946efb3c6b7f21bb0d7b48091dc08665ad6983fd6bff51f702ca2
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
7CApsQZXzyjlLnTNu3jkAVLJOAY5gZ1O1/7fboIHND+NK8tftKqBMhuDZuWa3sv+QGRj2PFGFHU=
x-amz-request-id
1FJDX7J2G4MVZG7P
last-modified
Mon, 18 Oct 2021 22:10:55 GMT
etag
"3b4c76ba1e87865d0bc24d1e7948bea3"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:34 GMT
via
1.1 varnish
age
190
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
6
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
198
payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
js.stripe.com/v3/ Frame BC39 		370 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8da88b26a0eceafb397459cc0da381e87cc27f4eb962d087b9dcc9b1715447be
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
xagaiFLoBvWsGslWO1nQ2CdjOUXWvxG3OUD7IRsEmvmIehj9fgZbVfKWk5nqno9oeObGOfRgseY=
x-amz-request-id
2P459V461W5GA6FD
last-modified
Mon, 18 Oct 2021 22:10:55 GMT
etag
"b2377b7a9ee7818e19d984da0eac7653"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:34 GMT
via
1.1 varnish
age
298
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
36
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
177
6
m.stripe.com/ Frame ACCA 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.140.205 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-140-205.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
adca72b1087c0f422adcd01c942f27f46b7273b6c8ec7b50653047bde7065f92
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
6735f40c76
bam-cell.nr-data.net/1/ 		49 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/6735f40c76?a=15255801&v=1211.ba193a8&to=ZFZbbRNTXBUHARIPWV0cf0wPUUYPCQxJFkRcWVxaFUEcFgcbSBZXSl5cVxVBHBAPBxEVGFBfUFwPRgglDgcFDVlGR29QBEUcAQMW&rst=2389&ck=1&ref=https://lewissilkin.legl.com/pay/checkout/&qt=2&ap=28&be=612&fe=2343&dc=1556&perf=%7B%22timing%22:%7B%22of%22:1634666671966,%22n%22:0,%22r%22:0,%22re%22:388,%22f%22:388,%22dn%22:388,%22dne%22:388,%22c%22:388,%22ce%22:388,%22rq%22:390,%22rp%22:581,%22rpe%22:582,%22dl%22:584,%22di%22:947,%22ds%22:1556,%22de%22:1558,%22dc%22:2343,%22l%22:2343,%22le%22:2368%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=956&fcp=1020&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 18:04:34 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6a0bedfb3e882780-PRG
frame-modern.54c869a5.js
js.intercomcdn.com/ Frame 3F07 		271 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.54c869a5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e02221e82cfe4409597887cde8eee0e821a7cdd5a20925187bb731786cafcf2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 19 Oct 2021 16:41:03 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 14:33:50 GMT
server
AmazonS3
age
5012
etag
"704e4a09c933bb89f8b04fea01174a70"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
74285
x-amz-cf-id
SkCsI6J0T20Z1nwe_iXSolakEjCGxOb_4ZzbLZgV0eWTznrudxlnvA==
vendor-modern.50181e45.js
js.intercomcdn.com/ Frame 3F07 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.50181e45.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/smi9tjbm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-111.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eba82b23581442b54882fbe12cc0217d7576dead63519b8068a73e6add944a37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 19 Oct 2021 16:41:04 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 12:31:23 GMT
server
AmazonS3
age
5011
etag
"0bdeb284c23cf87d9546e78b8421ebc0"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
38683
x-amz-cf-id
eWvvZOODGZ8jwZF81vjKUINXKf563fWZV3HUEGFEohAU4gNV3hYiaQ==
ping
api-iam.intercom.io/messenger/web/ Frame 3F07 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.54c869a5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
10a7066759d4cbdcf873278e75007fee32d0d616c97d313dd0c3def87df8d59b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 18:04:36 GMT
content-encoding
gzip
x-ami-version
ami-02a728b9cf0d241c5
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
00046j8ntf2cehbs1m50
x-runtime
1.785637
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"10a7066759d4cbdcf873278e75007fee"
x-ratelimit-remaining
13332
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lewissilkin.legl.com
x-intercom-version
02e952ebf4147099a508ba98cebfe3784c3b3ed4
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1634666680
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
shared-8c2865e16ad181f71f20ef40ca47ceb7.js
js.stripe.com/v3/fingerprinted/js/ Frame BC39 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
104
via
1.1 varnish
x-cache
HIT
content-length
47668
x-amz-id-2
puZUQru2FwT9X3h3FQTgVlr4P1dHYA/PdchYAJj2KQnyWXS4JwhvrDilgiY5Qjqm1B6WoqGucc0=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:11:01 GMT
server
AmazonS3
etag
"e1f25db365728b54eebc5c00edfa2c4b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N953F64Q9Q0XRJ2D
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
52
payment-request-inner-browser-cd197aad4b8a501467bd4e780c9b752f.js
js.stripe.com/v3/fingerprinted/js/ Frame BC39 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cd197aad4b8a501467bd4e780c9b752f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f87989f13a16c74866e3e5c5f099f623a45161cf5c64555be14df0889d30a9da
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-b2377b7a9ee7818e19d984da0eac7653.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
151
via
1.1 varnish
x-cache
HIT
content-length
4063
x-amz-id-2
hnCV0SX5PHuuzJji9FmUlveb2LZmJ5uqpddjfA4QTx6jVNlMVwKu/xhYxTk7QTVjkWQxOR1FoCc=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:19 GMT
server
AmazonS3
etag
"c0c89037dad7b47440df9aac605b245d"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
NWZNSWZF8SDZ9FZT
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
14
pay.js
pay.google.com/gp/p/js/ Frame E2A4 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
f31c0bfc01df8662eccc5031bc752871902dd60710eecc01cc7474ee0ccddd47
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/clUfu8bYy1Gt1X7j2zYNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/clUfu8bYy1Gt1X7j2zYNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-/clUfu8bYy1Gt1X7j2zYNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-/clUfu8bYy1Gt1X7j2zYNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:34 GMT
shared-8c2865e16ad181f71f20ef40ca47ceb7.js
js.stripe.com/v3/fingerprinted/js/ Frame E2A4 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
104
via
1.1 varnish
x-cache
HIT
content-length
47668
x-amz-id-2
puZUQru2FwT9X3h3FQTgVlr4P1dHYA/PdchYAJj2KQnyWXS4JwhvrDilgiY5Qjqm1B6WoqGucc0=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:11:01 GMT
server
AmazonS3
etag
"e1f25db365728b54eebc5c00edfa2c4b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N953F64Q9Q0XRJ2D
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
53
payment-request-inner-google-pay-a3f749842c9b014be716b13e9f203d69.js
js.stripe.com/v3/fingerprinted/js/ Frame E2A4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-a3f749842c9b014be716b13e9f203d69.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07e452d70cb34e9a6e5e6ce6efa4cc861032a150ca42635bae47f2e9b7dc8f7d
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-3b4c76ba1e87865d0bc24d1e7948bea3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
81
via
1.1 varnish
x-cache
HIT
content-length
4354
x-amz-id-2
2wB0uM3GQQeIZjS7p5ABk9NMcfrzsZ3MdoktzpuTecq6Fj1KnaFZzAK6PldT840gb1zHngBQRgY=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:23 GMT
server
AmazonS3
etag
"24427e5e9e7b0224a67a3de798498038"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
X8Q6QEBJQX5VA9YV
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
4
ui-shared-676849d0f21b84cc86097088abcf196c.css
js.stripe.com/v3/fingerprinted/css/ Frame 350C 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-676849d0f21b84cc86097088abcf196c.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b7d81425616bff23ebd2cf9641d48aff723153d5b490db2fbd2809b437eac8e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
190
via
1.1 varnish
x-cache
HIT
content-length
3325
x-amz-id-2
OmUPddkxlodIY3QNYneQIya5E1Ftejl5wofdk/3J8eCUQdl3qgg4Mn7KymtL9xIS20hj79Dg06g=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Tue, 12 Oct 2021 19:42:15 GMT
server
AmazonS3
etag
"f165e1894fc4915ebf718fa7c620696a"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
SJZ2EJEY5R0V07KV
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
text/css
x-cache-hits
39
shared-8c2865e16ad181f71f20ef40ca47ceb7.js
js.stripe.com/v3/fingerprinted/js/ Frame 350C 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
104
via
1.1 varnish
x-cache
HIT
content-length
47668
x-amz-id-2
puZUQru2FwT9X3h3FQTgVlr4P1dHYA/PdchYAJj2KQnyWXS4JwhvrDilgiY5Qjqm1B6WoqGucc0=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:11:01 GMT
server
AmazonS3
etag
"e1f25db365728b54eebc5c00edfa2c4b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N953F64Q9Q0XRJ2D
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
54
ui-shared-b02c2d0dfdde814654ba657949a36313.js
js.stripe.com/v3/fingerprinted/js/ Frame 350C 		224 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-b02c2d0dfdde814654ba657949a36313.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5cedea494f5cfc25caf8836f71ce45fa10c5579d2398f949f08b8c7b6b9ab05
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
231
via
1.1 varnish
x-cache
HIT
content-length
66127
x-amz-id-2
kS8jxF0xB/FVL8Wvc13lCny9uiZUKBLtJOCuStF3XsefSPc0Fma2BzbSD2rBrk7aQg5BrUzLXiY=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:17 GMT
server
AmazonS3
etag
"9c49a76c2eb69a187c3b5a579783253f"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
BZ2QQ8TV36CP2PYK
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
44
elements-inner-card-3d2ccdae04e6f1ec27aee8c53f49ad0f.js
js.stripe.com/v3/fingerprinted/js/ Frame 350C 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-3d2ccdae04e6f1ec27aee8c53f49ad0f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0c4620ce8318742733f6d4b9ff6881018b9b2c51b2ae13f16dfc284461faa73
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
142
via
1.1 varnish
x-cache
HIT
content-length
11590
x-amz-id-2
aUJMEF35LZgXa+0ZjFcA5DknFHrWsYFHl+03qjPgyMctVbgg6lOO+S6krcgmZIHdCRwtXEm7kWA=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:16 GMT
server
AmazonS3
etag
"64ac4bf7f6b6d9ed8cee940c632f347f"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
3Y9PG635C2H3XHY2
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
19
shared-8c2865e16ad181f71f20ef40ca47ceb7.js
js.stripe.com/v3/fingerprinted/js/ Frame 545D 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
104
via
1.1 varnish
x-cache
HIT
content-length
47668
x-amz-id-2
puZUQru2FwT9X3h3FQTgVlr4P1dHYA/PdchYAJj2KQnyWXS4JwhvrDilgiY5Qjqm1B6WoqGucc0=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:11:01 GMT
server
AmazonS3
etag
"e1f25db365728b54eebc5c00edfa2c4b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N953F64Q9Q0XRJ2D
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
55
controller-9ff986331aeb4d8285f03aee4e552da1.js
js.stripe.com/v3/fingerprinted/js/ Frame 545D 		287 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-9ff986331aeb4d8285f03aee4e552da1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa964cfb8911fabb4da2a90d01a074af38260738ca2fb0c690c2b8294c55efb8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-d9bcc0046a0d27d4b91b76f8d9e59207.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
92
via
1.1 varnish
x-cache
HIT
content-length
75943
x-amz-id-2
Ni5Gp7C8T4sraE37+5FA0UznO2+61w52yh1ECYlnEb+sgQdZL096KuUvHnLH9oFYDY7/nPdlvC8=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:10:57 GMT
server
AmazonS3
etag
"3727c9c3581120d64a51595eadcbc677"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N95DCRERZ01P4P6K
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
36
0
r.stripe.com/ Frame 545D 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/octet-stream;charset=utf-8
access-control-allow-origin
https://js.stripe.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
0
countryRanges-ed6f8980af15d82ca172d25916879a5c.json
js.stripe.com/v3/fingerprinted/data/ Frame 350C 		143 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/countryRanges-ed6f8980af15d82ca172d25916879a5c.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5785c083b1cf0a752958975ebf6365d60896c3e809e7fd9bd94dc6e11bc75004
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-7c3c3d5978c63f1807ff7d81ec887051.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
content-encoding
br
vary
Accept-Encoding
age
82
via
1.1 varnish
x-cache
HIT
content-length
36350
x-amz-id-2
HdTu2ZFtR+Q2Lfj75lrg/bM6qkwHDh2ah8VBjPv3/zEmI1QQzV7br7bLRVj0ckBddEsNl/ScD6s=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Tue, 12 Oct 2021 19:42:46 GMT
server
AmazonS3
etag
"ed6f8980af15d82ca172d25916879a5c"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
A3M4G8W16CYNGAQA
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/json
x-cache-hits
1
/
q.stripe.com/ Frame 545D 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.cross_frame_access&event_count=2&timestamp=1634666674857&event_id=24104b09-0f49-411b-88b6-b488f29d9332&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&available=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=3&timestamp=1634666674859&event_id=c9b3b8d0-fb97-4725-983b-b38c7debdb3d&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.elements&event_count=4&timestamp=1634666674860&event_id=b847d68b-9fa9-4d29-a43d-9a0d03ddfc63&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&options-fonts=%5Bobject+Object%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=5&timestamp=1634666674861&event_id=1fdbfac1-a556-4cfb-9fb8-b5096604f5a7&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.options&event_count=6&timestamp=1634666674861&event_id=afa68f69-142d-4bda-a18b-58320e5af76f&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&options-country=GB&options-currency=gbp&options-requestPayerEmail=false&options-requestPayerName=false&usesButtonElement=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.query_strategy&event_count=7&timestamp=1634666674862&event_id=b87ecde4-3985-4149-91e9-380c9508a8d3&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=8&timestamp=1634666674863&event_id=942ab1c3-e97a-496b-8248-999009bc762a&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=9&timestamp=1634666674863&event_id=229a0032-5ed9-42ab-9744-8e7d51361a20&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=10&timestamp=1634666674864&event_id=acfb8434-da81-4802-bd8f-8fb086652218&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&usesButtonElement=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.font.loaded&event_count=11&timestamp=1634666674864&event_id=9d7e3edd-a825-44bf-b13c-8bb6f30cf5d5&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&load_time=37&font_count=7&css_src=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DRoboto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.update_css_fonts&event_count=12&timestamp=1634666674865&event_id=ae530077-9982-4f34-bdbf-21a00c6670a9&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=13&timestamp=1634666674866&event_id=5842c550-966b-4cef-a21f-656d9b5bf8ae&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=196&dom_interactive=559&dom_complete=1955&since_fetch=396&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=complete&first_mount_readyState=complete&until_first_create=1565&until_first_mount=1572&until_first_load=2087&resource_timings-stripe.js-transfer_size=64725&resource_timings-stripe.js-duration=57&resource_timings-m-outer.html-transfer_size=440&resource_timings-m-outer.html-duration=87&resource_timings-controller.html-transfer_size=466&resource_timings-controller.html-duration=329&resource_timings-elements-inner-card.html-transfer_size=1446&resource_timings-elements-inner-card.html-duration=323&resource_timings-payment-request-inner-google-pay.html-transfer_size=498&resource_timings-payment-request-inner-google-pay.html-duration=320&resource_timings-payment-request-inner-browser.html-transfer_size=477&resource_timings-payment-request-inner-browser.html-duration=318
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=14&timestamp=1634666674868&event_id=f3c4d2fa-bba4-4558-a556-9148f64278ca&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=381&dom_interactive=469&dom_complete=469&since_sjs_load=2039&since_stripe_create=474&since_create=474&mount_duration=468&since_fetch=467&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=47968&resource_timings-shared.js-duration=31&resource_timings-controller.js-transfer_size=76243&resource_timings-controller.js-duration=32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.create&event_count=15&timestamp=1634666674878&event_id=e6d0c69a-c74f-4019-ae69-2dd3dd372284&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D+%5Bobject+Object%5D&options-style-invalid-type=blocks&options-style-invalid-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=card&options-wait=true&options-rtl=false&element=card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
0
r.stripe.com/ Frame 545D 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 18:04:34 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/octet-stream;charset=utf-8
access-control-allow-origin
https://js.stripe.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
content-length
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=17&timestamp=1634666674893&event_id=048d41a8-bfe5-46fa-b9ff-147bd66d38aa&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=372&dom_interactive=509&dom_complete=528&since_sjs_load=2062&since_stripe_create=489&since_group_create=490&since_create=489&mount_duration=485&since_fetch=484&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3625&resource_timings-ui-shared.css-duration=21&resource_timings-shared.js-transfer_size=47968&resource_timings-shared.js-duration=28&resource_timings-ui-shared.js-transfer_size=66427&resource_timings-ui-shared.js-duration=30&resource_timings-elements-inner-card.js-transfer_size=11890&resource_timings-elements-inner-card.js-duration=30&element=card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
payframe
pay.google.com/gp/p/ui/ Frame 7968 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
8faa3dd8ac914bcad2e72967d05db2831e60e6fd5be6fcff145a4420db79df7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Qy4TpyM0exgBg0KnsBeBww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Qy4TpyM0exgBg0KnsBeBww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=KOHpDojb5LemyNkbzPJjT3-UqRVLfL79-koUaPY0jpUTmHh7877sszN3AhscQy8AmuJHDu0fgtPU_KAvQuJhEY0O6M64n5D2UzLAcfrqF7OlsevqaxYMv18WAAu7G9dD3qIMgnzvyE5faJL3SIAi3ySAfLW48RWIUfwg9jeeZXk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Tue, 19 Oct 2021 18:04:35 GMT
date
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Qy4TpyM0exgBg0KnsBeBww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-Qy4TpyM0exgBg0KnsBeBww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy
same-origin
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.event.ready&event_count=18&timestamp=1634666674908&event_id=09cc1d11-7709-44a7-be83-2eb77fdf6204&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&element=card
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7968 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: lewissilkin.legl.com
URL: https://lewissilkin.legl.com/pay/checkout/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame 7968 		147 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438304
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52562
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 03:22:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Fri, 14 Oct 2022 16:19:31 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 7968 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13472
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 21:24:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Fri, 14 Oct 2022 16:35:47 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 7968 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26715
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 21:24:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Fri, 14 Oct 2022 16:35:47 GMT
analytics.js
www.google-analytics.com/ Frame 7968 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
209
date
Tue, 19 Oct 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 19 Oct 2021 20:01:06 GMT
pay
pay.google.com/gp/p/ui/ Frame 7968 		1 MB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f92.1e100.net
Software
ESF /
Resource Hash
77b7f44c2d2f90d591470f116d7b8b4a6c6214c1f30a82f9dd0db2d6c7133c1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-40cgADdNksjIVGkXvrDy2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-40cgADdNksjIVGkXvrDy2Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Tue, 19 Oct 2021 18:04:35 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
script-src 'report-sample' 'nonce-40cgADdNksjIVGkXvrDy2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-40cgADdNksjIVGkXvrDy2Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 7968 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7269
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 21:24:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Mon, 17 Oct 2022 10:52:18 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW... Frame 7968 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.baW_JdHtHX4.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjb6ypSC8CFYFEBCLRjq67xTU95Hg/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 16:35:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 21:24:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires
Fri, 14 Oct 2022 16:35:49 GMT
log
play.google.com/ Frame 7968 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Tue, 19 Oct 2021 18:04:35 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 18:04:35 GMT
cache-control
private
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=19&timestamp=1634666675176&event_id=cfa91f86-0125-4b9c-8b55-e881c62dbc51&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=20&timestamp=1634666675177&event_id=d6d0480e-09d7-4f27-a4ab-3135199b4edd&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&available=false&backingLibrary=GOOGLE_PAY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=21&timestamp=1634666675180&event_id=f22020e9-c739-4be5-b236-273982b7b2a2&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-cd197aad4b8a501467bd4e780c9b752f.js%3A1%3A10038%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A76964%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A76941)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A55235)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A83833%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A79318%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.a._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A79290)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-8c2865e16ad181f71f20ef40ca47ceb7.js%3A1%3A83757)&backingLibrary=BROWSER
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=22&timestamp=1634666675180&event_id=7e205e4e-3d30-4866-bee4-60de866e9670&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
js.stripe.com/v3/ Frame 034E 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5266380135aa813873676c1c2788181eb42b188be7d494f8d3252ba4f52dbc4a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lewissilkin.legl.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lewissilkin.legl.com/

Response headers

x-amz-id-2
peYvh0dMtmVvItqL3leD+xDfcjT6IargbyyVbqw/sr10ZPmB3JOu+bf1t7jcXI/NpuWyM0zK9JI=
x-amz-request-id
WECAXSCCPMGFCZ1V
last-modified
Mon, 18 Oct 2021 22:10:55 GMT
etag
"53c0242ec5663e411cec7615107188b4"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Tue, 19 Oct 2021 18:04:35 GMT
via
1.1 varnish
age
199
x-served-by
cache-hhn4047-HHN
x-cache
HIT
x-cache-hits
6
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
1764
log
play.google.com/ Frame 7968 		131 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.BJq75CS0mjg.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjrLwIlLGEqs56M3fu1qLZ9UlBTxw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 19 Oct 2021 18:04:35 GMT
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=23&timestamp=1634666675193&event_id=7a859446-96c6-4e57-ad81-c122f93c6829&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&response-applePay=false&response-googlePay=false&cached=false&duration=848&activeBackingLibrary=BROWSER&usesButtonElement=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
ui-shared-676849d0f21b84cc86097088abcf196c.css
js.stripe.com/v3/fingerprinted/css/ Frame 034E 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-676849d0f21b84cc86097088abcf196c.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b7d81425616bff23ebd2cf9641d48aff723153d5b490db2fbd2809b437eac8e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
br
vary
Accept-Encoding
age
190
via
1.1 varnish
x-cache
HIT
content-length
3325
x-amz-id-2
OmUPddkxlodIY3QNYneQIya5E1Ftejl5wofdk/3J8eCUQdl3qgg4Mn7KymtL9xIS20hj79Dg06g=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Tue, 12 Oct 2021 19:42:15 GMT
server
AmazonS3
etag
"f165e1894fc4915ebf718fa7c620696a"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
SJZ2EJEY5R0V07KV
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
text/css
x-cache-hits
40
shared-8c2865e16ad181f71f20ef40ca47ceb7.js
js.stripe.com/v3/fingerprinted/js/ Frame 034E 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
br
vary
Accept-Encoding
age
105
via
1.1 varnish
x-cache
HIT
content-length
47668
x-amz-id-2
puZUQru2FwT9X3h3FQTgVlr4P1dHYA/PdchYAJj2KQnyWXS4JwhvrDilgiY5Qjqm1B6WoqGucc0=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Mon, 18 Oct 2021 22:11:01 GMT
server
AmazonS3
etag
"e1f25db365728b54eebc5c00edfa2c4b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
N953F64Q9Q0XRJ2D
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
56
ui-shared-b02c2d0dfdde814654ba657949a36313.js
js.stripe.com/v3/fingerprinted/js/ Frame 034E 		224 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-b02c2d0dfdde814654ba657949a36313.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5cedea494f5cfc25caf8836f71ce45fa10c5579d2398f949f08b8c7b6b9ab05
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
br
vary
Accept-Encoding
age
231
via
1.1 varnish
x-cache
HIT
content-length
66127
x-amz-id-2
kS8jxF0xB/FVL8Wvc13lCny9uiZUKBLtJOCuStF3XsefSPc0Fma2BzbSD2rBrk7aQg5BrUzLXiY=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:17 GMT
server
AmazonS3
etag
"9c49a76c2eb69a187c3b5a579783253f"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
BZ2QQ8TV36CP2PYK
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
45
elements-inner-payment-request-d74cf71c1b1297746588f656f094b74b.js
js.stripe.com/v3/fingerprinted/js/ Frame 034E 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-d74cf71c1b1297746588f656f094b74b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37d16acfbc8f8829632116e8d1196f2fde78ba28109cba6b28076f1645d6b416
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-53c0242ec5663e411cec7615107188b4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
content-encoding
br
vary
Accept-Encoding
age
287
via
1.1 varnish
x-cache
HIT
content-length
13100
x-amz-id-2
0mX39EWBbEclJ6DtjttMfCozTjG5OtZaMeB02B1aWRjr5mo5giBc9DZNGafmGzxMkfxhVd9peL4=
x-served-by
cache-hhn4047-HHN
timing-allow-origin
*
last-modified
Fri, 15 Oct 2021 17:23:17 GMT
server
AmazonS3
etag
"5042fd8f7d4a4e7e81bd29dfedda7b0b"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
MCHMTBJ709RX38Y6
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
9
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.create&event_count=24&timestamp=1634666675265&event_id=67bcf9fc-fbbe-4601-8492-3a1d950d1fa6&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&options-betas=&options-componentName=paymentRequestButton&options-wait=true&options-rtl=false&element=paymentRequestButton
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
0
r.stripe.com/ Frame 545D 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-8c2865e16ad181f71f20ef40ca47ceb7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 19 Oct 2021 18:04:35 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/octet-stream;charset=utf-8
access-control-allow-origin
https://js.stripe.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 034E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Origin
https://js.stripe.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
523974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:41 GMT
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=26&timestamp=1634666675272&event_id=1c3fe171-7369-49fc-b601-0869aa7dbd49&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=13&dom_interactive=54&dom_complete=61&since_sjs_load=2486&since_stripe_create=903&since_group_create=914&since_create=903&mount_duration=53&since_fetch=53&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3625&resource_timings-ui-shared.css-duration=9&resource_timings-shared.js-transfer_size=47968&resource_timings-shared.js-duration=12&resource_timings-ui-shared.js-transfer_size=66427&resource_timings-ui-shared.js-duration=15&resource_timings-elements-inner-payment-request.js-transfer_size=13400&resource_timings-elements-inner-payment-request.js-duration=13&element=paymentRequestButton
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame 545D 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.event.ready&event_count=27&timestamp=1634666675273&event_id=c99b9850-2707-4fb8-b307-73127b25ca13&os=Windows&browserFamily=Chrome&version=8c76cc818&key=pk_live_w4RNT0Auzl1ODHpsZYmnz0zn&referrer=https%3A%2F%2Flewissilkin.legl.com&stripe_js_id=0d84ffdf-c7a8-4541-8e3e-b65ff26a3527&controller_load_time=1634666674788&wrapper=unknown&es_module=false&frame_width=1600&element=paymentRequestButton
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 18:04:35 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
legl-posthog.herokuapp.com/e/ 		13 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://legl-posthog.herokuapp.com/e/?compression=gzip-js&ip=1&_=1634666676528
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.3/bundle.tracing.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.15.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-15-86.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lewissilkin.legl.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Oct 2021 18:04:36 GMT
Via
1.1 vegur
Referrer-Policy
same-origin
Server
gunicorn
X-Frame-Options
DENY
Vary
Cookie
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://lewissilkin.legl.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
13
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer object| gaDevIds function| ga string| GoogleAnalyticsObject object| __webpackStripeJSv3Jsonp function| Stripe object| Sentry object| __SENTRY__ object| sentrySettings object| intercomSettings function| Intercom object| posthog object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| parcelRequire object| webpackChunkpay object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| __intercomAssignLocation

13 Cookies

Domain/Path Name / Value
lewissilkin.legl.com/ Name: csrftoken
Value: kqhl5R7bCcH8uaWBZsMWHPomgr5bQTexy2gOYrugc12DvJwqEdKfQ135qutBNUtM
lewissilkin.legl.com/ Name: sessionid
Value: .eJwti00LgkAUAP_K450SZN1YXUlP0aHA7JLgUbZ62eLqih8Uif-9PXQbZpgFK6O6elY1YYLziD7OU4vJ4piGyuluciG3X22MCiLGYVPq7mHfI1wK2HLGU3BChil8ZOjBvu8NlXTL9BREImZCwiY7FfnZB6MbgiPdG-vB4TXYloKdYJyFURwzKeCqnmrQ_wvX9QflGC6K:1mctTU:vM1N2heV1INk6TYeO-TbqwPBCi6vJMWoxau-9GwgpYI
.legl.com/ Name: _ga
Value: GA1.2.1159633180.1634666673
.legl.com/ Name: _gid
Value: GA1.2.1523985335.1634666673
.legl.com/ Name: _gat
Value: 1
.legl.com/ Name: ph_CspXex6nVK8tf8splVQijnxXZ4rd2tQ2VqP0cPqdGfo_posthog
Value: %7B%22distinct_id%22%3A%2217c99b9f3d5a04-045c0c16c9fe2e-a7d193d-1d4c00-17c99b9f3d6c4e%22%2C%22%24device_id%22%3A%2217c99b9f3d5a04-045c0c16c9fe2e-a7d193d-1d4c00-17c99b9f3d6c4e%22%2C%22application%22%3A%22pay%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%7D
.google.com/ Name: NID
Value: 511=KOHpDojb5LemyNkbzPJjT3-UqRVLfL79-koUaPY0jpUTmHh7877sszN3AhscQy8AmuJHDu0fgtPU_KAvQuJhEY0O6M64n5D2UzLAcfrqF7OlsevqaxYMv18WAAu7G9dD3qIMgnzvyE5faJL3SIAi3ySAfLW48RWIUfwg9jeeZXk
m.stripe.com/ Name: m
Value: 5c601d1c-db23-4b09-ad42-e91d84e3be92003c72
.lewissilkin.legl.com/ Name: __stripe_mid
Value: 750aa8e5-c566-4ce8-b8b5-6b7335775bcdb736c1
.lewissilkin.legl.com/ Name: __stripe_sid
Value: d95b8760-f8a6-487a-9b20-f50a4b16b16b64036d
.nr-data.net/ Name: JSESSIONID
Value: f02e693322a807da
.legl.com/ Name: intercom-id-f4wk485h
Value: 0c042fc2-d489-421f-913f-879356692e4a
.legl.com/ Name: intercom-session-f4wk485h
Value:

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam-cell.nr-data.net
browser.sentry-cdn.com
code.jquery.com
crowdjustice.imgix.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.intercomcdn.com
js.stripe.com
legl-posthog.herokuapp.com
lewissilkin.legl.com
m.stripe.com
m.stripe.network
o32237.ingest.sentry.io
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.gstatic.com
13.32.99.25
13.35.253.111
142.250.186.142
142.250.186.174
142.250.186.35
142.250.186.67
151.101.114.208
151.101.128.176
151.101.66.137
151.101.66.217
162.247.243.147
172.67.71.217
216.58.212.170
34.120.195.249
46.137.15.86
52.222.236.21
54.149.140.205
54.187.119.242
64.233.166.92
66.102.1.155
69.16.175.42
75.2.88.188
07e452d70cb34e9a6e5e6ce6efa4cc861032a150ca42635bae47f2e9b7dc8f7d
0b969db1855407fc722fdf4acf4b83cf0b14c9b8a6a0d0be693c75b69101c553
0f39c66b05c3a32733c8c23d109711cc16da069ca4de88f081890d0431b4b200
10a7066759d4cbdcf873278e75007fee32d0d616c97d313dd0c3def87df8d59b
15f2f9492aadffe1fd2edfedcc91a77068a5445350190636c1e2ecab234c4df5
19c750693349fe823ddd7d2cc877755d9002dd4099728c275544f6138e498d78
1d311a6a40f1f0a90ce07b44e918c252543656969f16dd1dcece79a208242f01
21b7c7dba8d946efb3c6b7f21bb0d7b48091dc08665ad6983fd6bff51f702ca2
2468f7e934c2d1015a31b1f511108d7ffda890dd01b09e3bafa5d3770d66aa90
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29a04a122d5e19d905ff8a14da121b44245fabe7570f302f4c74f7e138a8f99b
29c849a3c90f94815c3a02949f28d0c060ce8c619426001e30d8f5ac0d009d62
3621c19e13c78aa0142e7a688c95baea0bd8c243e1891dd694234245da18b6a5
37d16acfbc8f8829632116e8d1196f2fde78ba28109cba6b28076f1645d6b416
38164cfc3e396741ccac9d8974f654c5cdfa2ec96b1ab225ec9cca18c695698d
3b487fbb021abfdd71c1d35ad4fe3527fcc7980f913c4365007a15c3a2f3a42f
3be81fb36a50bba7a5532512ee0566d5d86d9f83bb541c53d912271f19842981
3fe5fc543b700134b8a0fd8fd03ae07777211530e7f1cb3486d3fdd26dee25a3
4309ae102baccffd72b79b00e1a64f2fc4af7863d71120ddc7220dcba2276285
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4730d4f12893c4056783ab179479ba5c267742b43b3d4e39c134a28b15539b66
4b72c6221263b13fea9baadb2a43ea72837dfa210d6c225f3fce360969aa2493
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5266380135aa813873676c1c2788181eb42b188be7d494f8d3252ba4f52dbc4a
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
5785c083b1cf0a752958975ebf6365d60896c3e809e7fd9bd94dc6e11bc75004
5984a9065e2bd6faaae0cd1fc8c965f01d7a7014338e419fa25fc63b3fbfec09
5b7d81425616bff23ebd2cf9641d48aff723153d5b490db2fbd2809b437eac8e
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77b7f44c2d2f90d591470f116d7b8b4a6c6214c1f30a82f9dd0db2d6c7133c1f
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7d908bedd3efba20f39f73c008930fd29794c5fed682cc31b707575ac4db8a81
8114406209f7da5972abc1aa63b28f25856672cf18d125a16672e6fe2ea5f8bb
868a7099ef9f80703f89b7198d5c0d9b230d6a8a5c4dd0778786ce084d424328
8aae68aac419be6aa8b867e96386f402a4048c2e6df4359f95969c0c52bda945
8da88b26a0eceafb397459cc0da381e87cc27f4eb962d087b9dcc9b1715447be
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fa0f71ac3e212f1b1ee2621e254b27464a4289099b2d5eea299eb07e6e55357
8faa3dd8ac914bcad2e72967d05db2831e60e6fd5be6fcff145a4420db79df7f
93068435f23effa4d8e17d2e7cef7532ed89e2a41f49569429d1ebf5fa7b21da
9451801ef20bde4320e1aba58002349f0fbf2fa7c6d45d761fb8b64146129f80
96e0ba7009d9170413a0c67f90d02753fafcc749da600667b6ba03971e582952
993947f91e72f24e32410942d3cda4566c6f0af399f7322b99b21a1bf9b3c982
9b691ed8715fa409c73e7f49a609a88b923bc4e280462f75fe0a389465ab8671
a5cedea494f5cfc25caf8836f71ce45fa10c5579d2398f949f08b8c7b6b9ab05
a86427f019af88928a978e5d8370218f796b83e4489c6184edbf27ed5afe7b14
aa964cfb8911fabb4da2a90d01a074af38260738ca2fb0c690c2b8294c55efb8
abab042464f7aed5d864c091a5daa92f1d2c68c67f2492076a19c74e0f0ef0b0
adca72b1087c0f422adcd01c942f27f46b7273b6c8ec7b50653047bde7065f92
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
c1141b1e5cab66fa87efaaa5c19bc0aca95efc9ff3c4c74f9f4d481f6694fa0a
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c4620ce8318742733f6d4b9ff6881018b9b2c51b2ae13f16dfc284461faa73
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc5a95bf35f6704592280e9fef0bb354d0d1532cac0c8fc48452b74488637bc5
e02221e82cfe4409597887cde8eee0e821a7cdd5a20925187bb731786cafcf2c
e2bbb704829a0d0c8590df7d4bacbc725ae8e7a09b1fd8b272585dd25032c8fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f305726566ab8bbcd37ac6f8a76e4cf141e2936e1c557c7921f7e1e245d812
eba82b23581442b54882fbe12cc0217d7576dead63519b8068a73e6add944a37
efb38ca1c8c3aed4bc2a1e912804670ef5a00b3ab155821dd78b0cdaf0de112e
f31c0bfc01df8662eccc5031bc752871902dd60710eecc01cc7474ee0ccddd47
f77913119c0f685476cccef435562099303302c2b96c2435b3e230df70498327
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f87989f13a16c74866e3e5c5f099f623a45161cf5c64555be14df0889d30a9da
f9b8ec26fc043fd956a63a4b4a0eca99247a40f607ec10c08707b17920f977e5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62