payment.lhi.ag Open in urlscan Pro
80.74.159.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payment.lhi-ag.ch/
Effective URL:
https://payment.lhi.ag/
Submission: On July 05 via automatic, source certstream-suspicious (July 5th 2024, 3:31:09 pm UTC) — Scanned from CH

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 80.74.159.100, located in Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is payment.lhi.ag.
TLS certificate: Issued by R10 on July 5th 2024. Valid for: 3 months.

This is the only time payment.lhi.ag was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	80.74.159.100 80.74.159.100	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	18.173.205.46 18.173.205.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
6	18.173.205.49 18.173.205.49	16509 (AMAZON-02) (AMAZON-02)
18	5

9 80.74.159.100 (Switzerland) 1 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: zelda.hostorama.ch

payment.lhi-ag.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
payment.lhi.ag	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.205.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-46.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.173.205.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-49.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lhi.ag payment.lhi.ag	12 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1638	152 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	783 B
1	gstatic.com fonts.gstatic.com	24 KB
1	lhi-ag.ch 1 redirects payment.lhi-ag.ch	78 B
18	5

	Domain	Requested by
8	payment.lhi.ag	payment.lhi.ag
7	js.stripe.com	payment.lhi.ag js.stripe.com
2	fonts.googleapis.com	payment.lhi.ag js.stripe.com
1	fonts.gstatic.com	fonts.googleapis.com
1	payment.lhi-ag.ch	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
www.lhi-ag.ch

Subject Issuer	Validity	Valid
payment.lhi.ag R10	`2024-07-05` - `2024-10-03`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-06-21` - `2024-09-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://payment.lhi.ag/
Frame ID: DC9067740D144C9E462D7A0CE84C7260
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html
Frame ID: 2E4AA77C5D250CECE9DACCEBEE508748
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
Frame ID: B2071E7281F3B3377208C42204C0A8FB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
Frame ID: 8290D341410A3B64C9A91AC60A2DEA05
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
Frame ID: 9ABA0D2BE9844A819720B102C8CCDAED
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BD347B824F2F233CABFC5FC28685507B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-46c572a37c47cd1f634b3bc368074439.html
Frame ID: B1667018AD874CB0C5204E8FD8BCDE67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LHI AG – Payment

Page URL History Show full URLs

https://payment.lhi-ag.ch/ HTTP 301
https://payment.lhi.ag/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

188 kB
Transfer

780 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lhi-ag.ch/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payment.lhi-ag.ch/ HTTP 301
https://payment.lhi.ag/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
payment.lhi.ag/
Redirect Chain

https://payment.lhi-ag.ch/
https://payment.lhi.ag/

3 KB
864 B

92ms
19ms

Document
text/html

80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: 677297520b5b1e6203fdcc3605330d7c9b79b98e98e1109f36f57e6e625f1654

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Jul 2024 15:31:04 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 05 Jul 2024 15:31:04 GMT
location: https://payment.lhi.ag/
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 722 B
783 B 96ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400i,800i

Requested by

Host: payment.lhi.ag
URL: https://payment.lhi.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39db4ba5952e751c693c6ca37707b369b14e88ed415aada0e7978a974d89df1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 15:31:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jul 2024 15:31:04 GMT

GET
H2 200 styles.css
payment.lhi.ag/css/ 4 KB
1 KB 19ms
18ms Stylesheet
text/css 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/css/styles.css
Requested by: Host: payment.lhi.ag
URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: f5e86aa1fd7271559162ff7928f9ef024b3be8ce71c58fcb8554e69448b52119

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
etag: W/"e1e-5bdb9844d9953"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 loading-btn.css
payment.lhi.ag/css/ 2 KB
600 B 21ms
20ms Stylesheet
text/css 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/css/loading-btn.css
Requested by: Host: payment.lhi.ag
URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: 554491a85157cc5d92de96f9c032871c5cdb6fe46ec615684803984f2d0efd74

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
etag: W/"942-5bdb9844e397b"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 loading.css
payment.lhi.ag/css/ 118 KB
5 KB 20ms
19ms Stylesheet
text/css 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/css/loading.css
Requested by: Host: payment.lhi.ag
URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: fa8f21caaf1f896aba8afa07d26aed1f2ddba52169f4101513240ce57067131d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
etag: W/"1d81b-5bdb9844d1483"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 lhi_logo.svg
payment.lhi.ag/img/ 4 KB
2 KB 21ms
20ms Image
image/svg+xml 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.lhi.ag/img/lhi_logo.svg
Requested by: Host: payment.lhi.ag
URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: d4abd96951f4a8371892b2e76eb242b850f712ecb8794b4450fbcfca6670e0ca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
etag: W/"11cb-5bdb9844ed5bb"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 / Show response
js.stripe.com/v3/ 619 KB
152 KB 88ms
28ms Script
text/javascript 18.173.205.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: payment.lhi.ag
URL: https://payment.lhi.ag/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-46.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:00 GMT
content-encoding: br
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 6
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
last-modified: Wed, 03 Jul 2024 20:43:00 GMT
server: Cloudfront
etag: W/"16095b208fce1f9394656811fb5b307e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: F20tHLEDflBYE6B4I1yYWFib-iyeGrCe_G1Vb3_S_eEHCL4YfUkqvQ==

GET
H2 200 payment.js Show response
payment.lhi.ag/js/ 2 KB
794 B 17ms
17ms Script
application/javascript 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/js/payment.js
Requested by: Host: payment.lhi.ag
URL: https://payment.lhi.ag/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: 649be2089de90ffbd1c657ec5da847ea679c74cd40986cee7865e7b245357d96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: br
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
etag: W/"6c6-5bdb9844e77fb"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 120ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400i,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://payment.lhi.ag
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:42:01 GMT
x-content-type-options: nosniff
age: 262144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:42:01 GMT

GET
H2 200 controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html
js.stripe.com/v3/ Frame 2E4A 0
0 71ms
25ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://payment.lhi.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:31:01 GMT
etag: "6a259ce9c1cfd6bc93b8b95f1a5f50b3"
last-modified: Wed, 03 Jul 2024 20:04:08 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: -mmynw5PVt8Z3-sOAtChXY32R9YWi6jEsZ0zPSaE9bT6TpODXyOPNQ==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 css Show response
fonts.googleapis.com/ 722 B
0 0ms
0ms Fetch
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400i,800i

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39db4ba5952e751c693c6ca37707b369b14e88ed415aada0e7978a974d89df1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://payment.lhi.ag/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 15:31:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jul 2024 15:31:04 GMT

GET
H2 200 elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
js.stripe.com/v3/ Frame B207 0
0 66ms
27ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://payment.lhi.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 1383
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:08:05 GMT
etag: W/"9e3eee81c2f9ef77a590521873066c15"
last-modified: Wed, 03 Jul 2024 20:04:09 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: 692vaJwUuvoIaq4uTdE_EUu7-sraU3tsSyCbHp5nMQoYW2nMJmuYZA==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
js.stripe.com/v3/ Frame 8290 0
0 65ms
65ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://payment.lhi.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 1383
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:08:05 GMT
etag: W/"9e3eee81c2f9ef77a590521873066c15"
last-modified: Wed, 03 Jul 2024 20:04:09 GMT
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: 692vaJwUuvoIaq4uTdE_EUu7-sraU3tsSyCbHp5nMQoYW2nMJmuYZA==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html
js.stripe.com/v3/ Frame 9ABA 0
0 67ms
67ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-9e3eee81c2f9ef77a590521873066c15.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://payment.lhi.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 1383
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:08:05 GMT
etag: W/"9e3eee81c2f9ef77a590521873066c15"
last-modified: Wed, 03 Jul 2024 20:04:09 GMT
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: 692vaJwUuvoIaq4uTdE_EUu7-sraU3tsSyCbHp5nMQoYW2nMJmuYZA==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BD34 0
0 61ms
28ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://payment.lhi.ag/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1563
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:05:03 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 14 Jun 2024 20:01:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: UM6-IxK0Trry9fEwB7M4v6SKD-1lmvH8xxuZklBWQu-bsYqIhFffAg==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 favicon.ico
payment.lhi.ag/img/ 1 KB
2 KB 18ms
18ms Other
image/vnd.microsoft.icon 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/img/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: 2c8c9e8af37e5f0a448c9aa2689213d1a5f8affa1ff294313ba351b6d211f1f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:05 GMT
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
accept-ranges: bytes
etag: "57e-5bdb9844ec233"
content-length: 1406
content-type: image/vnd.microsoft.icon

GET
H2 200 favicon.ico
payment.lhi.ag/img/ 1 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 80.74.159.100
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.lhi.ag/img/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.74.159.100 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: zelda.hostorama.ch
Software: nginx /
Resource Hash: 2c8c9e8af37e5f0a448c9aa2689213d1a5f8affa1ff294313ba351b6d211f1f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.lhi.ag/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 15:31:05 GMT
last-modified: Wed, 17 Mar 2021 11:09:29 GMT
server: nginx
accept-ranges: bytes
etag: "57e-5bdb9844ec233"
content-length: 1406
content-type: image/vnd.microsoft.icon

GET
H2 200 hcaptcha-invisible-46c572a37c47cd1f634b3bc368074439.html
js.stripe.com/v3/ Frame B166 0
0 26ms
26ms Document
text/html 18.173.205.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-46c572a37c47cd1f634b3bc368074439.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-49.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-tskE9adec/BOPittxxiFwEwBDkr1hWBTuQM8I0dyQ5A='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 1435
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-tskE9adec/BOPittxxiFwEwBDkr1hWBTuQM8I0dyQ5A='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 15:07:53 GMT
etag: W/"76ccb0cc0f3ca8ff30de2c7954895071"
last-modified: Wed, 03 Jul 2024 20:04:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront)
x-amz-cf-id: Q-BrtHwR_Qu5L9r2PO-i_5xuPUFZ6bxZ0V-uVhZKz8KLp2qQgPVI4g==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 07:25:53	Name: m Value: 7d12ae08-c207-4737-a9c3-fd64f6b14aa4a2f239
.payment.lhi.ag/	1970-01-21 06:35:29	Name: __stripe_mid Value: d0769b78-3c2f-45ce-8a3c-e0eab1a6390dfcc114
.payment.lhi.ag/	1970-01-20 21:49:55	Name: __stripe_sid Value: b758b9c3-cc9a-431f-9e0c-0fcda4b16b71d2824b
api2.hcaptcha.com/	1970-01-20 21:49:55	Name: __cflb Value: 04dTobrcPfCH2Cv1uxYioAFTikqddqvarhcHAxGEBF
api.hcaptcha.com/	1970-01-20 22:33:05	Name: hmt_id Value: a7358124-ebf5-4fac-a366-72d5349263d3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
payment.lhi-ag.ch
payment.lhi.ag
18.173.205.46
18.173.205.49
2a00:1450:4001:80f::200a
2a00:1450:4001:829::2003
80.74.159.100
2c8c9e8af37e5f0a448c9aa2689213d1a5f8affa1ff294313ba351b6d211f1f6
39db4ba5952e751c693c6ca37707b369b14e88ed415aada0e7978a974d89df1e
554491a85157cc5d92de96f9c032871c5cdb6fe46ec615684803984f2d0efd74
649be2089de90ffbd1c657ec5da847ea679c74cd40986cee7865e7b245357d96
677297520b5b1e6203fdcc3605330d7c9b79b98e98e1109f36f57e6e625f1654
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
d4abd96951f4a8371892b2e76eb242b850f712ecb8794b4450fbcfca6670e0ca
f5e86aa1fd7271559162ff7928f9ef024b3be8ce71c58fcb8554e69448b52119
fa8f21caaf1f896aba8afa07d26aed1f2ddba52169f4101513240ce57067131d

payment.lhi.ag Open in urlscan Pro 80.74.159.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

188 kBTransfer

780 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

5 Cookies

Indicators

payment.lhi.ag Open in urlscan Pro
80.74.159.100 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

188 kB
Transfer

780 kB
Size

5
Cookies

18 HTTP transactions
0 data transactions