www.legacycelebrantservice.com Open in urlscan Pro
198.49.23.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.legacycelebrantservice.com/
Submission: On January 20 via automatic, source certstream-suspicious (January 20th 2024, 11:34:32 pm UTC) — Scanned from DE

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 15 domains to perform 76 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.legacycelebrantservice.com.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.

This is the only time www.legacycelebrantservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	151.101.192.237 151.101.192.237	54113 (FASTLY) (FASTLY)
15	151.101.192.238 151.101.192.238	54113 (FASTLY) (FASTLY)
14	3.208.143.73 3.208.143.73	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	108.138.36.98 108.138.36.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:6400:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	45.55.99.106 45.55.99.106	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:218... 2600:9000:218f:4400:15:9da4:e200:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	44.237.70.166 44.237.70.166	16509 (AMAZON-02) (AMAZON-02)
4	138.197.60.79 138.197.60.79	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
76	21

4 198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)

www.legacycelebrantservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.192.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.192.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.208.143.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-143-73.compute-1.amazonaws.com

678772.17hats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-98.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:6400:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.99.106 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

i.kissmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218f:4400:15:9da4:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.kissmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.60.79 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

trk.kissmetrics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 6411 static1.squarespace.com — Cisco Umbrella Rank: 6216	972 KB
14	17hats.com 678772.17hats.com	870 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	561 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	167 KB
7	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 5181	2 MB
6	kissmetrics.io i.kissmetrics.io — Cisco Umbrella Rank: 91098 scripts.kissmetrics.io — Cisco Umbrella Rank: 69989 trk.kissmetrics.io — Cisco Umbrella Rank: 56324	28 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	36 KB
4	legacycelebrantservice.com www.legacycelebrantservice.com	32 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 3015 t.paypal.com — Cisco Umbrella Rank: 3523	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 28408	100 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14348	43 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	230 KB
76	15

	Domain	Requested by
14	678772.17hats.com	www.legacycelebrantservice.com 678772.17hats.com
8	static1.squarespace.com	www.legacycelebrantservice.com static1.squarespace.com
8	assets.squarespace.com	www.legacycelebrantservice.com
7	images.squarespace-cdn.com	www.legacycelebrantservice.com
4	trk.kissmetrics.io	scripts.kissmetrics.io
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	678772.17hats.com www.gstatic.com www.google.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.legacycelebrantservice.com	assets.squarespace.com
3	q.stripe.com	www.legacycelebrantservice.com
3	js.stripe.com	678772.17hats.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	fonts.googleapis.com	www.legacycelebrantservice.com 678772.17hats.com
1	m.stripe.com	m.stripe.network
1	scripts.kissmetrics.io	678772.17hats.com
1	i.kissmetrics.io	678772.17hats.com
1	www.google-analytics.com	678772.17hats.com
1	t.paypal.com	678772.17hats.com
1	www.paypal.com	www.paypalobjects.com
1	web.squarecdn.com	678772.17hats.com
1	cdn.plaid.com	678772.17hats.com
1	www.paypalobjects.com	678772.17hats.com
76	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.legacycelebrantservice.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.squarespace-cdn.com R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
17hats.com Amazon RSA 2048 M01	`2023-03-23` - `2024-04-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
web.squarecdn.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.kissmetrics.io Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2024-11-09`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.legacycelebrantservice.com/
Frame ID: E57CF81A35BF3A4523E762602498C5F9
Requests: 31 HTTP requests in this frame

Frame: https://678772.17hats.com/p
Frame ID: FA1F4C1BA171285F63A4BD89F0B003C1
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 4729C1B163D178057E9B394741D15182
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6168BBC9EE54D92626EC6B8C21415263
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly82Nzg3NzIuMTdoYXRzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=wxalbncbk6og
Frame ID: 5657DCB169011EC442056734F17C4FBB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Funeral Celebrant - Funeral Officiant - Chicago Metro Area

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

100 %
HTTPS

35 %
IPv6

15
Domains

22
Subdomains

21
IPs

2
Countries

5186 kB
Transfer

15638 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/profile.php?id=100087790462364

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/78233607/admin/feed/posts/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.legacycelebrantservice.com/ 357 KB
32 KB 159ms
20ms Document
text/html 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

807e1b16db6f58e221191d425283f3ad5d8d1a71276eed2343f4a688852893bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 902
content-encoding: gzip
content-length: 32222
content-type: text/html;charset=utf-8
date: Sat, 20 Jan 2024 23:09:43 GMT
etag: W/"e66e239af223f42572c029385d3ade91"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: qzzgI7Ra/TQnMee7R
x-frame-options: SAMEORIGIN SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
954 B 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,500;0,700;1,500;1,700

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a77a5f52c9937baa443985769cf3d5fd6d6093149656e2a17fb854608b031f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 23:34:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 23:34:26 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 45ms
6ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 78971, 90108
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5725012
x-cache: HIT, HIT
content-length: 42447
x-served-by: cache-iad-kcgs7200042-IAD, cache-fra-etou8220067-FRA
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
server: UploadServer
x-timer: S1705793667.566515,VS0,VE0
etag: "fe0d53a94823df972dbf107bf190771a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 15:49:35 GMT

GET
H2 200 extract-css-runtime-c3d4344c7950704dd601-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
16 KB 6ms
6ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-c3d4344c7950704dd601-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 361709366dddc3e19ff9f3c6144b7a182a6b2adb0a8dc7c1c8c2b05f6087b982

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 10, 2774
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 90673
x-cache: HIT, HIT
content-length: 15869
x-served-by: cache-iad-kcgs7200125-IAD, cache-fra-etou8220067-FRA
last-modified: Fri, 19 Jan 2024 22:16:50 GMT
server: UploadServer
x-timer: S1705793667.627724,VS0,VE0
etag: "76d4ad530e7568c8d87dccdaa384a063"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 22:23:13 GMT

GET
H2 200 extract-css-moment-js-vendor-f36b6dc9867ad0b8d0a8-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 1 MB
99 KB 10ms
9ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-f36b6dc9867ad0b8d0a8-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b4e93b19ee60eb0d8a9a07d7db8145d83b67457ca006f5efe6eadf4896b4de7c

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 19164, 20477
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1523457
x-cache: HIT, HIT
content-length: 100763
x-served-by: cache-iad-kjyo7100171-IAD, cache-fra-etou8220067-FRA
last-modified: Fri, 15 Dec 2023 01:43:46 GMT
server: UploadServer
x-timer: S1705793667.640646,VS0,VE0
etag: "0affd0eabc04a5b321ff905923a4e71b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 02:12:29 GMT

GET
H2 200 cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 122 KB
18 KB 10ms
9ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-a682f7ad337741eb05d6-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 15, 72307
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 3141973
x-cache: HIT, HIT
content-length: 18600
x-served-by: cache-iad-kiad7000036-IAD, cache-fra-etou8220067-FRA
last-modified: Fri, 15 Dec 2023 01:42:16 GMT
server: UploadServer
x-timer: S1705793667.640643,VS0,VE0
etag: "85d34da418b256b6d06ca363284368a5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 02:12:29 GMT

GET
H2 200 common-vendors-stable-f9df4447a2af25df5875-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
80 KB 9ms
8ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-f9df4447a2af25df5875-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 72876
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1014766
x-cache: HIT
fastly-restarts: 1
content-length: 81919
x-served-by: cache-fra-etou8220067-FRA
last-modified: Fri, 15 Dec 2023 01:39:46 GMT
server: UploadServer
x-timer: S1705793667.640596,VS0,VE0
etag: "56ee1cd95f0ed758feed83782291ef62"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jan 2025 17:07:56 GMT

GET
H2 200 common-vendors-3d0896f3bf52a6ab42d9-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 634 KB
153 KB 9ms
8ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d0896f3bf52a6ab42d9-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c2ebd1cb364be94bc25e3854b16b7efcd079c93b54645d6212603eac2ccec5d0

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 8, 113
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 394416
x-cache: HIT, HIT
content-length: 156558
x-served-by: cache-iad-kcgs7200152-IAD, cache-fra-etou8220067-FRA
last-modified: Mon, 15 Jan 2024 13:14:36 GMT
server: UploadServer
x-timer: S1705793667.640643,VS0,VE0
etag: "092126a98fd4465bd770e6051e5a2354"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 10:00:50 GMT

GET
H2 200 common-98836eb7030a3b55bba1-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
370 KB 10ms
10ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-98836eb7030a3b55bba1-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b307725b4ff01d26026bb43a2225ff7f939ef96d58dba25d6d4e176bc95de0ce

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 43, 4
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 93968
x-cache: HIT, HIT
content-length: 378631
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-etou8220067-FRA
last-modified: Fri, 19 Jan 2024 18:30:54 GMT
server: UploadServer
x-timer: S1705793667.641104,VS0,VE0
etag: "c5edfb41e5596226bd29552ece76a202"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 21:28:18 GMT

GET
H2 200 performance-5c471d9ec4c3660675d5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 35 KB
11 KB 10ms
10ms Script
text/javascript 151.101.192.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-5c471d9ec4c3660675d5-min.en-US.js
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ede08b118d1defe4c802081b329dbb496fabbf52583d9b2e96c4f35bc28317c

Request headers

Referer: https://www.legacycelebrantservice.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 6, 12445
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 394420
x-cache: HIT, HIT
content-length: 10741
x-served-by: cache-iad-kcgs7200101-IAD, cache-fra-etou8220067-FRA
last-modified: Mon, 15 Jan 2024 13:10:35 GMT
server: UploadServer
x-timer: S1705793667.641079,VS0,VE0
etag: "eefd460680b759a880c6d1011c96fe88"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 10:00:47 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/6557a92f29db4a65ae4705f3/19/5c5a519771c10ba3470d8101/6557a92f29db4a65ae4705fb/1480/ 1 MB
108 KB 66ms
17ms Stylesheet
text/css 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/6557a92f29db4a65ae4705f3/19/5c5a519771c10ba3470d8101/6557a92f29db4a65ae4705fb/1480/site.css

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

a8fc45a3f918c2ed3252009cd0e851a32a948548a1195f604e3c62d883335ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 12, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 191052
x-cache: HIT, HIT
x-contextid: 7APJsKZL/Tm2rxedk
content-length: 110535
x-served-by: cache-dfw-kdfw8210170-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.605456,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1705599815226-5PWUZHFA2TX8RK4OVV4D/ 70 KB
5 KB 65ms
16ms Stylesheet
text/css 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1705599815226-5PWUZHFA2TX8RK4OVV4D/static.css

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

7f8867e5e5c76e8605058fb4e878ded19f40d551c44c6e2d3c6bb310c6976a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 39, 5346
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 193850
x-cache: HIT, HIT
x-contextid: UClMhKla/NuWMs3Bv
content-length: 4390
x-served-by: cache-dfw-kdfw8210081-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.605440,VS0,VE0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 Transparent+Logo.png
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/55767a00-9407-4ce7-bef5-2dddeb81ee5b/ 218 KB
218 KB 50ms
8ms Image
image/png 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/55767a00-9407-4ce7-bef5-2dddeb81ee5b/Transparent+Logo.png?format=1500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: acf7c336ea8eb6526df115137f99232924a4277a3305de5fc5d202ad9c26431a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 7, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9061
x-cache: HIT, HIT
content-length: 222901
x-served-by: cache-iad-kjyo7100090-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.588392,VS0,VE2
etag: CKSomZzI7IIDEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 AdobeStock_644665667.jpeg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/495af8fe-da6c-4699-8371-97e3cd928ab9/ 316 KB
317 KB 68ms
27ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/495af8fe-da6c-4699-8371-97e3cd928ab9/AdobeStock_644665667.jpeg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39f038f1559d85e0ca9dad5e2954a5b94aace4ee9899155e00ce500303fde114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 9, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 323823
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.588427,VS0,VE18
etag: CK7r2b2I44MDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 iframeSizer.min.js Show response
678772.17hats.com/vendor/ 7 KB
4 KB 294ms
93ms Script
application/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/vendor/iframeSizer.min.js

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a3f9170cdf8de37c23388bf266bde0cadf2fec7c80c843b2bd4f68518cc8627c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-bdc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 3036
expires: Mon, 19 Feb 2024 23:34:26 GMT

GET
H2 200 site-bundle.461357a181df7ddcd970264c877fd49f.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 175 KB
43 KB 7ms
7ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

156cd41c8ccac71f022a825053fcadd852157095d7e4a82a11f8d7090de4f6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 28, 4102
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 101968
x-cache: HIT, HIT
x-contextid: qAAiHuHc/ApNbuQLk
content-length: 43561
x-served-by: cache-dfw-kdal2120025-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.640817,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 p Show response
678772.17hats.com/ Frame FA1F 6 KB
3 KB 203ms
97ms Document
text/html 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/p

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

85bce90d714ad8c22108e0ec9710122435dfe78354ba3bedbbf224687ca0772a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.legacycelebrantservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 2402
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-type: text/html
date: Sat, 20 Jan 2024 23:34:26 GMT
etag: "65aa9465-962"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Fri, 19 Jan 2024 15:25:25 GMT
permissions-policy: fullscreen=(self)
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 47ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,500;0,700;1,500;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:29:50 GMT
x-content-type-options: nosniff
age: 335076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:29:50 GMT

GET
H2 200 QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2
fonts.gstatic.com/s/worksans/v19/ 47 KB
47 KB 58ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYqz_wNahGAdqQ43Rh_eZDrv_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,500;0,700;1,500;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0422742e6c82cf3b25d46c77cb8fb17af8080cd8b155f848cc66226c64976978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.legacycelebrantservice.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:27:00 GMT
x-content-type-options: nosniff
age: 335246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48356
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:38:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:27:00 GMT

GET
H2 200 AdobeStock_594720912.jpeg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/2f780ea3-127c-4217-b95b-7933794bf8c2/ 318 KB
319 KB 21ms
19ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/2f780ea3-127c-4217-b95b-7933794bf8c2/AdobeStock_594720912.jpeg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 28d518a8cfb869f319fca393c2727401448565e2ff9beb1d8ff6d6b6ee06dd7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 5, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 325912
x-served-by: cache-iad-kiad7000055-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.659877,VS0,VE2
etag: CMbz67CQ44MDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 klamm_nancy006.jpg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/d678c644-498b-4e8b-8c45-22cabf621645/ 406 KB
407 KB 21ms
19ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/d678c644-498b-4e8b-8c45-22cabf621645/klamm_nancy006.jpg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 238ceb7589f972e1849ab2939a297f6c6b17811b6ab7dc563f17b46934d2ab20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 4, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 415957
x-served-by: cache-iad-kiad7000078-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.659863,VS0,VE2
etag: CPGF1tf87IIDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 AdobeStock_363903638.jpeg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/d9d58dbc-bd79-4b4e-9ad8-e50a6eaa0e89/ 451 KB
452 KB 15ms
13ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/d9d58dbc-bd79-4b4e-9ad8-e50a6eaa0e89/AdobeStock_363903638.jpeg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 38710712bec79fff9a7cca2cb590f3323d51a12eee05d857882a54daefc4894c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 7, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 462075
x-served-by: cache-iad-kiad7000057-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.659863,VS0,VE2
etag: CLDq3JWP44MDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 AdobeStock_363903638+resized.jpeg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/385549f4-54ed-436b-947a-768de97effde/ 351 KB
351 KB 11ms
10ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/385549f4-54ed-436b-947a-768de97effde/AdobeStock_363903638+resized.jpeg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e664467e3c025e10016297282b8f4f022fbd34c1ce86993e1c3d7c497452146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 4, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 359015
x-served-by: cache-iad-kiad7000158-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.660053,VS0,VE1
etag: CNuDsaDA5YMDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 funeral_celebrant_nancy_kalmm.jpg
images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/1b8936a8-a32f-46c6-ad47-ec922cb890b4/ 37 KB
38 KB 10ms
8ms Image
image/jpeg 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/6557a92f29db4a65ae4705f3/1b8936a8-a32f-46c6-ad47-ec922cb890b4/funeral_celebrant_nancy_kalmm.jpg?format=2500w
Requested by: Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b29d2fb2fbae77c5d404fa949330c477f2988b8b734b993b129e579d6746365a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 4, 1
date: Sat, 20 Jan 2024 23:34:26 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 9002
x-cache: HIT, HIT
content-length: 38373
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220076-FRA
x-sqsp-accepted-scopes: EDITOR
x-timer: S1705793667.660073,VS0,VE1
etag: CP33pe6N44MDEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800,s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
x-sqsp-is-public: false
tracepoint: Fastly

GET
H2 200 241.b38453ae9aa40e67c15b.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 8 KB
3 KB 29ms
28ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 4574, 3114
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 787165
x-cache: HIT, HIT
x-contextid: Jv0nS9gA/Zf77sNdD
content-length: 2763
x-served-by: cache-dfw-kdfw8210105-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.978911,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 9641.bc5e3bf6d808f7fa4664.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 13 KB
4 KB 28ms
28ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/9641.bc5e3bf6d808f7fa4664.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

c20cd76740588b059be25d766026f64e40fe17496e533f2c149027cc98aaa7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 609, 2533
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 384841
x-cache: HIT, HIT
x-contextid: XZMxZdrH/wgJwnbPi
content-length: 4424
x-served-by: cache-dfw-kdal2120100-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.978904,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 7475.4b1f04363450265a3055.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 49 KB
15 KB 28ms
28ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/7475.4b1f04363450265a3055.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

e6b15d01ca742da271e4e6e8dfb4599bcbd1c59855c977cff0e2a9d09b14b87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 50, 2602
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 349997
x-cache: HIT, HIT
x-contextid: PCaFqmDf/gj73tRRd
content-length: 15298
x-served-by: cache-dfw-kdal2120097-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.978893,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 section-divider.f34d8d0bdbff654f94a2.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 14 KB
4 KB 29ms
28ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/section-divider.f34d8d0bdbff654f94a2.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

8a655b13c2cb20a587e850920239b84edef19952dbf98f2dd21695819ec4fbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 10, 1578
date: Sat, 20 Jan 2024 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 276932
x-cache: HIT, HIT
x-contextid: Bx1KvxYG/bkjcqlAc
content-length: 4257
x-served-by: cache-dfw-kdfw8210054-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.978873,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 RecordHit Show response
www.legacycelebrantservice.com/api/census/ 17 B
111 B 102ms
102ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.legacycelebrantservice.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d0896f3bf52a6ab42d9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legacycelebrantservice.com/
X-CSRF-Token: BRg698lZDG1sOTMyZGMyNWM2ZjEwYWMwODIyODEzYzRmNjIwYWU0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: oryvOlb7/ZNVGS6IM
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
www.legacycelebrantservice.com/api/census/ 17 B
60 B 282ms
282ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.legacycelebrantservice.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d0896f3bf52a6ab42d9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legacycelebrantservice.com/
X-CSRF-Token: BRg698lZDG1sOTMyZGMyNWM2ZjEwYWMwODIyODEzYzRmNjIwYWU0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: oryvOlb7/wKVUJDO6
accept-ranges: bytes
content-length: 17

POST
H2 200 button-render Show response
www.legacycelebrantservice.com/api/census/ 17 B
61 B 183ms
183ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.legacycelebrantservice.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-3d0896f3bf52a6ab42d9-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legacycelebrantservice.com/
X-CSRF-Token: BRg698lZDG1sOTMyZGMyNWM2ZjEwYWMwODIyODEzYzRmNjIwYWU0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: Squarespace
age: 0
content-type: application/json;charset=utf-8
x-contextid: oryvOlb7/WKPkRJQf
accept-ranges: bytes
content-length: 17

GET
H2 200 css
fonts.googleapis.com/ Frame FA1F 22 KB
2 KB 20ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 23:11:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jan 2024 23:34:27 GMT

GET
H2 200 client_pages.91982a6125653763de13.css
678772.17hats.com/ Frame FA1F 542 KB
160 KB 94ms
93ms Stylesheet
text/css 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/client_pages.91982a6125653763de13.css

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e509bfa47ca3db10d488f5f8e4dfbf819e02aba71f7ed9db1bfa1ec7f8ff2813

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-27d4c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 163148
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 config Show response
678772.17hats.com/perl/reseller/0/ Frame FA1F 740 B
2 KB 276ms
275ms Script
text/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/perl/reseller/0/config

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0da2246c8bcad82a37dc87c509a17521768a2622a6513fa1cde89e22274d2697

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
x-17hats-updated: 2021-04-16 13:00:00
vary: Origin
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: https://www.17hats.com
access-control-allow-credentials: true
permissions-policy: fullscreen=(self)
x-17hats-update-threshold: 1
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
x-backend-server: sh21appserver10

GET
H2 200 / Show response
js.stripe.com/v3/ Frame FA1F 585 KB
163 KB 55ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2d4f84e13463f65d90d30b0b7abf4b20fd77001b570fe6a99d9f9a2fea7a1992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 23:34:27 GMT
via: 1.1 varnish
age: 7
x-cache: HIT
content-length: 166221
x-request-id: a2ade629-b808-4bd0-b7bb-f0911a9704fb
x-served-by: cache-fra-etou8220082-FRA
last-modified: Fri, 19 Jan 2024 22:03:01 GMT
server: Fastly
etag: "a71defeb8ff6ad19527e805e0b0ed777"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame FA1F 1 MB
230 KB 33ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D06) /

Resource Hash

3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e908ca6ac98e5
dc: ccg11-origin-www-1.paypal.com
content-length: 235351
last-modified: Wed, 24 May 2023 16:43:28 GMT
server: ECAcc (frc/4D06)
traceparent: 00-0000000000000000000e908ca6ac98e5-afb7380ea1cd3d43-01
etag: "646e3eb0-16d204+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Sun, 21 Jan 2024 23:34:27 GMT

GET
H2 200 logo-17hats-white.png
678772.17hats.com/images/ Frame FA1F 3 KB
4 KB 275ms
274ms Image
image/png 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://678772.17hats.com/images/logo-17hats-white.png

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

88db6b078b30ba64ec4ac4fda7821cade6ba1062a438883b0a2a3fba86ac2d2e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Jan 2024 15:25:23 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
etag: "65aa9463-d8e"
content-type: image/png
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
accept-ranges: bytes
content-length: 3470
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 client_pages_vendor.a16b2495e8faeec38205.js Show response
678772.17hats.com/ Frame FA1F 2 MB
289 KB 274ms
274ms Script
application/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/client_pages_vendor.a16b2495e8faeec38205.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0d4cdb4dd79c95e673ae57e549bc49e0205c25490733ed960ff04c4a9f30cb04

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-48019"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 294937
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 client_pages_vendor2.ed124c03137cd270c8f1.js Show response
678772.17hats.com/ Frame FA1F 909 KB
257 KB 93ms
92ms Script
application/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/client_pages_vendor2.ed124c03137cd270c8f1.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4e0394f287d244b0d24dee576288ba6041c91ef8cb398a6fd729ebbb611f268a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-4016a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 262506
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 client_pages_views.66a8147ba8fd2889d55f.js Show response
678772.17hats.com/ Frame FA1F 175 KB
26 KB 146ms
145ms Script
application/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/client_pages_views.66a8147ba8fd2889d55f.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

039b390881f4b17805d6ec04a1b95479243fa840cbe4267c9bcd9a37ded85cb4

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-64b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 25785
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 client_pages.5aba8e8b3cae890baad7.js Show response
678772.17hats.com/ Frame FA1F 368 KB
97 KB 144ms
144ms Script
application/javascript 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/client_pages.5aba8e8b3cae890baad7.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6150db675834ee15a44f217e6f1c0db6d22095da704a7a04b80d5f567b1a0333

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Fri, 19 Jan 2024 15:25:24 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
referrer-policy: strict-origin-when-cross-origin
etag: "65aa9464-17f3a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
content-length: 98106
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame FA1F 143 KB
43 KB 66ms
37ms Script
application/javascript 108.138.36.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: 678772.17hats.com
URL: https://678772.17hats.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-98.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20db930b3e86729903db6097a337f379b0cfb4d1ad50f114484c8fab7c2e298c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: uwl3jFEFBnwwJl.cmegsLFsHjyCZ7RRS
content-encoding: gzip
via: 1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 17:51:08 GMT
x-amz-request-id: 1Q1WV2NW3CPDCTB2
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 20607
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 6Lhf5DyG9NuQwZ62ghAW0OMFDIr2nlAkpEMR36jNmh3dkqd0bnph0XvEwJuMAtbB2monbdG5KQQ=
last-modified: Fri, 19 Jan 2024 17:25:36 GMT
server: AmazonS3
etag: W/"55cf5b3041ea2abe9efd6a4978adcb2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: eG7x7VkRa-iG0qkSk3fb3vI6f5jSJiib_PrERzRcsg4qbMjsAqGVXg==

GET
H2 200 floating-cart.4814fbbf54a92e38c18f.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 451 B
460 B 7ms
7ms Script
application/javascript 151.101.192.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.461357a181df7ddcd970264c877fd49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.legacycelebrantservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 15, 8371
date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 281826
x-cache: HIT, HIT
x-contextid: FvYxDXz1/bYgC55Ti
content-length: 302
x-served-by: cache-dfw-kdfw8210096-DFW, cache-fra-etou8220024-FRA
pragma: cache
server: Squarespace
x-timer: S1705793667.025075,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ Frame FA1F 354 KB
100 KB 58ms
9ms Script
application/javascript 2600:9000:223d:6400:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: 678772.17hats.com
URL: https://678772.17hats.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:6400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b29a59ad892d07215e2bbeb0e1f1f1bd961391406bbd0b69bbf2767e8319d72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: ZnRLdDfwWH5WiJ.UMDJ29jSDVK4uH9Ja
content-encoding: gzip
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 17:53:17 GMT
x-amz-cf-pop: FRA56-P3
age: 20750
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.54.5
last-modified: Thu, 18 Jan 2024 17:47:47 GMT
server: AmazonS3
etag: W/"aeef2535ea6e31da9abddf60cbc50704"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-md5checksum: ru8lNepuMdqavd9gy8UHBA==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: jrXE0xRhAxmhfWOn6CjFU26pK_4H-fHW4HV21rNchGsBNb89xfqvvQ==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame FA1F 12 KB
6 KB 40ms
17ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=678772.17hats.com&source=checkoutjs&t=xo&v=4.0.338

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K0CmJ/Lgnc8mU2kvcqD/q9MNO4gm0te28zKKUtgDl8gHSZRc' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-K0CmJ/Lgnc8mU2kvcqD/q9MNO4gm0te28zKKUtgDl8gHSZRc' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 23:34:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22
x-cache: HIT, MISS
paypal-debug-id: f131133a1b500
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4333
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220101-FRA, cache-fra-etou8220101-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f131133a1b500-85180be4298be079-01
x-timer: S1705793667.425017,VS0,VE10
etag: W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 ts
t.paypal.com/ Frame FA1F 42 B
810 B 194ms
168ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=17hats&dh=1200&dw=1600&bh=600&bw=1047&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1705793667442&g=-60&completeurl=https%3A%2F%2F678772.17hats.com%2Fp%23%2Fembed%2Fksrnpkbzhvbbhtswhfkwdsprtpkrnxvt&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 20 Jan 2024 23:34:27 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: c5e6422921f69
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220024-FRA
pragma: no-cache
correlation-id: c5e6422921f69
traceparent: 00-0000000000000000000c5e6422921f69-0b02c3bc946d8621-01
x-timer: S1705793667.469979,VS0,VE162
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 23:34:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame FA1F 1 KB
1 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/client_pages.5aba8e8b3cae890baad7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dba1f69be146eb1b58aa853a0d5857e49eaf9512954fafd48a5938a748d074e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 20 Jan 2024 23:34:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FA1F 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 20 Jan 2024 23:48:09 GMT

GET
DATA 200
OK truncated
/ Frame FA1F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 4729 200 B
817 B 22ms
22ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://678772.17hats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3950553
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 23:34:27 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 72641
x-content-type-options: nosniff
x-request-id: c85bf1e4-ab0d-4b00-ac88-b7e3553bd3c7
x-served-by: cache-fra-etou8220082-FRA

GET
H/1.1 200
OK i.js Show response
i.kissmetrics.io/ Frame FA1F 39 B
320 B 341ms
87ms Script
application/x-javascript 45.55.99.106
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://i.kissmetrics.io/i.js
Requested by: Host: 678772.17hats.com
URL: https://678772.17hats.com/p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.55.99.106 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
date: Sat, 20 Jan 2024 23:34:27 GMT
cache-control: max-age=2592000
content-type: application/javascript,application/x-javascript
server: nginx
content-length: 39
expires: Mon, 19 Feb 2024 23:34:27 GMT

GET
H2 200 9a5ef53f1759d5142653d35c105e37287d602dd4.2.js Show response
scripts.kissmetrics.io/ Frame FA1F 26 KB
26 KB 119ms
31ms Script
application/x-javascript 2600:9000:218f:4400:15:9da4:e200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Requested by: Host: 678772.17hats.com
URL: https://678772.17hats.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:4400:15:9da4:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: e42ec5a81e142cd5422fb5b15b64d0345b814fac7fafd08cb04d6dbc61714029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://678772.17hats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:05 GMT
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
last-modified: Fri, 20 Oct 2023 00:52:42 GMT
server: nginx/1.22.0 (Ubuntu)
x-amz-cf-pop: CDG52-P2
age: 22
x-amz-server-side-encryption: AES256
etag: "c82eb9e55ac3f4c6201b05084b134f79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR IND UNI NAV INT"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=60
x-amz-cf-id: DopVlL8Hgby1p2VPGW1RxS-rvTt0xy7GTRx0atGFyvjTwj5tQsrUrQ==

GET
H2 200 0 Show response
678772.17hats.com/perl/client_account/ Frame FA1F 2 KB
2 KB 121ms
121ms XHR
application/json 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/perl/client_account/0?format=json&_=1705793667618

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bc703949ad36a082fad553bf5f99a7a7c25c299a39a4ab424159b0279034cfcf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://678772.17hats.com/p
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-encoding: gzip
x-17hats-update-threshold: 1
x-backend-server: sh21appserver8
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-17hats-updated: 2021-04-16 13:00:00
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.17hats.com
cache-control: no-cache
access-control-allow-credentials: true
permissions-policy: fullscreen=(self)
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4729 526 B
450 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 23:34:27 GMT
via: 1.1 varnish
age: 3871573
x-cache: HIT
content-length: 315
x-request-id: abc89142-7b57-4062-99a0-bd705c20ef22
x-served-by: cache-fra-etou8220082-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 69465

POST
H2 200 csp-report
q.stripe.com/ Frame 4729 0
717 B 575ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705793668208620
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705793668208135
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4729 0
716 B 575ms
185ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705793668208678
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705793668208122
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame FA1F 506 KB
204 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://678772.17hats.com/
Origin: https://678772.17hats.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:10:09 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6168 930 B
1 KB 24ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 239
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 23:34:27 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 75
x-content-type-options: nosniff
x-request-id: a1cca921-319b-4e80-a444-d74b6aeaaf0c
x-served-by: cache-fra-etou8220082-FRA
x-timer: S1705793668.747888,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 6168 0
490 B 539ms
188ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705793668209001
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1705793668208213
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 6168 87 KB
15 KB 7ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 20 Jan 2024 23:34:27 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 110
x-cache: HIT
content-length: 15509
x-request-id: 0c040fa6-b778-45ed-8eef-bf8f1b7e0d83
x-served-by: cache-fra-etou8220082-FRA
server: Fastly
x-timer: S1705793668.757613,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 33

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5657 44 KB
28 KB 33ms
33ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly82Nzg3NzIuMTdoYXRzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=wxalbncbk6og

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e40277861e1eb3076581b07a379909f689328a5b17f4ffef8f21ef70d2e8d0c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QjrhDdDx8octAgn5yPv58A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://678772.17hats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QjrhDdDx8octAgn5yPv58A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 20 Jan 2024 23:34:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 OpenSans-Regular-webfont.woff
678772.17hats.com/fonts/opensans/ Frame FA1F 22 KB
23 KB 94ms
94ms Font
application/font-woff 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/fonts/opensans/OpenSans-Regular-webfont.woff

Requested by

Host: 678772.17hats.com
URL: https://678772.17hats.com/client_pages.91982a6125653763de13.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://678772.17hats.com/client_pages.91982a6125653763de13.css
Origin: https://678772.17hats.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 19 Jan 2024 15:25:23 GMT
server: nginx
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
etag: "65aa9463-5884"
content-type: application/font-woff
cache-control: max-age=2592000
permissions-policy: fullscreen=(self)
accept-ranges: bytes
content-length: 22660
expires: Mon, 19 Feb 2024 23:34:27 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 6168 156 B
669 B 577ms
187ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

60694c8183ab9a81451da5bd8677378c50be5c19f2ac2f16e3463212c6e3a140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 20 Jan 2024 23:34:28 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705793668336132
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705793668335517
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 brand_customization Show response
678772.17hats.com/perl/client/account/0/ Frame FA1F 25 B
1 KB 123ms
123ms XHR
application/json 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/perl/client/account/0/brand_customization?format=json&_=1705793667619

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b018eba7e6d8c761b19d16ca80cc16f6908ef2ace6ce7f0fdbc0f5ce3f11ca0d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://678772.17hats.com/p
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-encoding: gzip
x-17hats-update-threshold: 1
x-backend-server: sh21appserver6
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-17hats-updated: 2021-04-16 13:00:00
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.17hats.com
cache-control: no-cache
access-control-allow-credentials: true
permissions-policy: fullscreen=(self)
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ksrnpkbzhvbbhtswhfkwdsprtpkrnxvt Show response
678772.17hats.com/perl/client/lead-capture-form/ Frame FA1F 2 KB
2 KB 129ms
125ms XHR
application/json 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/perl/client/lead-capture-form/ksrnpkbzhvbbhtswhfkwdsprtpkrnxvt?format=json&_=1705793667620

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

60727929922331b8de01df8031cc856edfc1a8716f107bbf9e2be61fe7e6f588

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://678772.17hats.com/p
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-encoding: gzip
x-17hats-update-threshold: 1
x-backend-server: sh21appserver5
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-17hats-updated: 2021-04-16 13:00:00
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.17hats.com
cache-control: no-cache
access-control-allow-credentials: true
permissions-policy: fullscreen=(self)
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 styles Show response
678772.17hats.com/perl/client/account/0/ Frame FA1F 25 B
1 KB 132ms
129ms XHR
application/json 3.208.143.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://678772.17hats.com/perl/client/account/0/styles?format=json&_=1705793667621

Requested by

Host: www.legacycelebrantservice.com
URL: https://www.legacycelebrantservice.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.208.143.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-143-73.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b018eba7e6d8c761b19d16ca80cc16f6908ef2ace6ce7f0fdbc0f5ce3f11ca0d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://678772.17hats.com/p
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
content-encoding: gzip
x-17hats-update-threshold: 1
x-backend-server: sh21appserver5
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-17hats-updated: 2021-04-16 13:00:00
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.17hats.com
cache-control: no-cache
access-control-allow-credentials: true
permissions-policy: fullscreen=(self)
access-control-allow-headers: Cookie, Origin, X-Requested-With, Content-Type, Accept
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK s
trk.kissmetrics.io/ Frame FA1F 43 B
352 B 321ms
86ms Ping
image/gif 138.197.60.79
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/s
Requested by: Host: scripts.kissmetrics.io
URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.60.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://678772.17hats.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Sat, 20 Jan 2024 23:34:27 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.io/ Frame FA1F 43 B
352 B 322ms
87ms Ping
image/gif 138.197.60.79
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/e
Requested by: Host: scripts.kissmetrics.io
URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.60.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://678772.17hats.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Sat, 20 Jan 2024 23:34:27 GMT

POST
H/1.1 200
OK e
trk.kissmetrics.io/ Frame FA1F 43 B
352 B 323ms
86ms Ping
image/gif 138.197.60.79
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/e
Requested by: Host: scripts.kissmetrics.io
URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.60.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://678772.17hats.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Sat, 20 Jan 2024 23:34:27 GMT

POST
H/1.1 200
OK s
trk.kissmetrics.io/ Frame FA1F 43 B
352 B 322ms
87ms Ping
image/gif 138.197.60.79
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.kissmetrics.io/s
Requested by: Host: scripts.kissmetrics.io
URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.60.79 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://678772.17hats.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 20 Jan 2024 23:34:28 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
expires: Sat, 20 Jan 2024 23:34:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 5657 55 KB
24 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly82Nzg3NzIuMTdoYXRzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=wxalbncbk6og

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 10:15:45 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 5657 506 KB
203 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 16:10:09 GMT

GET
H3 200 Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js Show response
www.google.com/js/bg/ Frame 5657 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly82Nzg3NzIuMTdoYXRzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=wxalbncbk6og
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 23:24:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6871
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 23:24:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5657 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 445053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5657 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 496957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5657 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 397513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5657 102 B
135 B 16ms
16ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff6_wUAAAAAGTrQMf5kCRAK9spEggJvShAUYh7&co=aHR0cHM6Ly82Nzg3NzIuMTdoYXRzLmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=wxalbncbk6og
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 23:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 20 Jan 2024 23:34:27 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.legacycelebrantservice.com/	1969-12-31 23:59:59	Name: crumb Value: BRg698lZDG1sOTMyZGMyNWM2ZjEwYWMwODIyODEzYzRmNjIwYWU0
www.legacycelebrantservice.com/	1970-01-21 03:25:53	Name: ss_cvr Value: 19800a93-9c6d-4f29-9732-d835b294013f\|1705793666982\|1705793666982\|1705793666982\|1
www.legacycelebrantservice.com/	1970-01-20 17:49:55	Name: ss_cvt Value: 1705793666982
.paypal.com/	1970-01-21 03:25:53	Name: ts Value: vreXpYrS%3D1800401667%26vteXpYrS%3D1705795467%26vr%3D2939c1e418d0a46160b19442f74782cf%26vt%3D2939c1e418d0a46160b19442f74782ce
.paypal.com/	1970-01-21 03:25:53	Name: ts_c Value: vr%3D2939c1e418d0a46160b19442f74782cf%26vt%3D2939c1e418d0a46160b19442f74782ce
678772.17hats.com/	1970-01-20 17:59:58	Name: AWSALBCORS Value: +ViCWNqfNfUp8hmHHp1QRpnTQKkMaF+rihS07o1XbWFjvhg8AT8exv+mEOol+zp7PhplmRyX1eAWEnjdafMc0k17D7K2pv5mITf8GuHFD4KmUAJJlb77aLK2ZVFQ
m.stripe.com/	1970-01-21 03:25:53	Name: m Value: 1716a5bf-0de9-4c6c-a7ff-ff3e58ca9cdc6e61c7

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://www.paypalobjects.com/api/checkout.js(Line 16216) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://scripts.kissmetrics.io/9a5ef53f1759d5142653d35c105e37287d602dd4.2.js(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.kissmetrics.io') does not match the recipient window's origin ('https://www.legacycelebrantservice.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

678772.17hats.com
assets.squarespace.com
cdn.plaid.com
fonts.googleapis.com
fonts.gstatic.com
i.kissmetrics.io
images.squarespace-cdn.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
scripts.kissmetrics.io
static1.squarespace.com
t.paypal.com
trk.kissmetrics.io
web.squarecdn.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.legacycelebrantservice.com
www.paypal.com
www.paypalobjects.com
108.138.36.98
138.197.60.79
151.101.129.35
151.101.192.237
151.101.192.238
151.101.193.21
151.101.64.176
192.229.221.25
198.49.23.144
2600:9000:218f:4400:15:9da4:e200:93a1
2600:9000:223d:6400:13:4005:e4c0:93a1
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
3.208.143.73
44.237.70.166
45.55.99.106
54.187.159.182
039b390881f4b17805d6ec04a1b95479243fa840cbe4267c9bcd9a37ded85cb4
0422742e6c82cf3b25d46c77cb8fb17af8080cd8b155f848cc66226c64976978
0d4cdb4dd79c95e673ae57e549bc49e0205c25490733ed960ff04c4a9f30cb04
0da2246c8bcad82a37dc87c509a17521768a2622a6513fa1cde89e22274d2697
156cd41c8ccac71f022a825053fcadd852157095d7e4a82a11f8d7090de4f6c2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20db930b3e86729903db6097a337f379b0cfb4d1ad50f114484c8fab7c2e298c
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
238ceb7589f972e1849ab2939a297f6c6b17811b6ab7dc563f17b46934d2ab20
28d518a8cfb869f319fca393c2727401448565e2ff9beb1d8ff6d6b6ee06dd7a
2b29a59ad892d07215e2bbeb0e1f1f1bd961391406bbd0b69bbf2767e8319d72
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2d4f84e13463f65d90d30b0b7abf4b20fd77001b570fe6a99d9f9a2fea7a1992
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
361709366dddc3e19ff9f3c6144b7a182a6b2adb0a8dc7c1c8c2b05f6087b982
3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd
38710712bec79fff9a7cca2cb590f3323d51a12eee05d857882a54daefc4894c
39f038f1559d85e0ca9dad5e2954a5b94aace4ee9899155e00ce500303fde114
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ede08b118d1defe4c802081b329dbb496fabbf52583d9b2e96c4f35bc28317c
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73
4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6
4e0394f287d244b0d24dee576288ba6041c91ef8cb398a6fd729ebbb611f268a
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dba1f69be146eb1b58aa853a0d5857e49eaf9512954fafd48a5938a748d074e
5e664467e3c025e10016297282b8f4f022fbd34c1ce86993e1c3d7c497452146
60694c8183ab9a81451da5bd8677378c50be5c19f2ac2f16e3463212c6e3a140
60727929922331b8de01df8031cc856edfc1a8716f107bbf9e2be61fe7e6f588
6150db675834ee15a44f217e6f1c0db6d22095da704a7a04b80d5f567b1a0333
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7f8867e5e5c76e8605058fb4e878ded19f40d551c44c6e2d3c6bb310c6976a9a
807e1b16db6f58e221191d425283f3ad5d8d1a71276eed2343f4a688852893bf
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
85bce90d714ad8c22108e0ec9710122435dfe78354ba3bedbbf224687ca0772a
88db6b078b30ba64ec4ac4fda7821cade6ba1062a438883b0a2a3fba86ac2d2e
8a655b13c2cb20a587e850920239b84edef19952dbf98f2dd21695819ec4fbcb
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a35bbf88a5d660ec5bac590a84a8d84fe57026fd1edbeeeb9469a7a42962f2a0
a3f9170cdf8de37c23388bf266bde0cadf2fec7c80c843b2bd4f68518cc8627c
a77a5f52c9937baa443985769cf3d5fd6d6093149656e2a17fb854608b031f77
a8fc45a3f918c2ed3252009cd0e851a32a948548a1195f604e3c62d883335ab4
acf7c336ea8eb6526df115137f99232924a4277a3305de5fc5d202ad9c26431a
b018eba7e6d8c761b19d16ca80cc16f6908ef2ace6ce7f0fdbc0f5ce3f11ca0d
b29d2fb2fbae77c5d404fa949330c477f2988b8b734b993b129e579d6746365a
b2dc64332543a27c53be61d049e7e74d40740b2aa60d4708793944afa54ecc54
b307725b4ff01d26026bb43a2225ff7f939ef96d58dba25d6d4e176bc95de0ce
b4e93b19ee60eb0d8a9a07d7db8145d83b67457ca006f5efe6eadf4896b4de7c
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc703949ad36a082fad553bf5f99a7a7c25c299a39a4ab424159b0279034cfcf
c20cd76740588b059be25d766026f64e40fe17496e533f2c149027cc98aaa7e5
c2ebd1cb364be94bc25e3854b16b7efcd079c93b54645d6212603eac2ccec5d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40277861e1eb3076581b07a379909f689328a5b17f4ffef8f21ef70d2e8d0c0
e42ec5a81e142cd5422fb5b15b64d0345b814fac7fafd08cb04d6dbc61714029
e509bfa47ca3db10d488f5f8e4dfbf819e02aba71f7ed9db1bfa1ec7f8ff2813
e6b15d01ca742da271e4e6e8dfb4599bcbd1c59855c977cff0e2a9d09b14b87f
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

www.legacycelebrantservice.com Open in urlscan Pro 198.49.23.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

35 %IPv6

15 Domains

22 Subdomains

21 IPs

2 Countries

5186 kBTransfer

15638 kBSize

7 Cookies

2 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.legacycelebrantservice.com Open in urlscan Pro
198.49.23.144 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

35 %
IPv6

15
Domains

22
Subdomains

21
IPs

2
Countries

5186 kB
Transfer

15638 kB
Size

7
Cookies

76 HTTP transactions
1 data transactions