urlscan.io logo urlscan.io
SecurityTrails logo

payments.freedompay.com Open in urlscan Pro
64.74.156.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fplynx.com/79d03940-ee5f-460e-bc1a-0555295df748
Effective URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Submission: On September 26 via manual from IL — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 54 HTTP transactions. The main IP is 64.74.156.49, located in United States and belongs to FREEDOM-PHL-AS, US. The main domain is payments.freedompay.com. The Cisco Umbrella rank of the primary domain is 614705.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 4th 2023. Valid for: a year.
This is the only time payments.freedompay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.74.156.36 35872 (FREEDOM-P...)
13 64.74.156.49 35872 (FREEDOM-P...)
13 64.74.156.34 35872 (FREEDOM-P...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::c6... 13335 (CLOUDFLAR...)
54 7
1    64.74.156.36 (United States)

ASN35872 (FREEDOM-PHL-AS, US)
fplynx.com
13    64.74.156.49 (United States)

ASN35872 (FREEDOM-PHL-AS, US)
payments.freedompay.com
13    64.74.156.34 (United States)

ASN35872 (FREEDOM-PHL-AS, US)
hpc.freedompay.com
4    2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
14    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
4    2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)
songbird.cardinalcommerce.com
centinelapi.cardinalcommerce.com
Apex Domain
Subdomains		 Transfer
26 freedompay.com
payments.freedompay.com — Cisco Umbrella Rank: 614705
hpc.freedompay.com — Cisco Umbrella Rank: 121016
1 MB
18 google.com
pay.google.com — Cisco Umbrella Rank: 3915
play.google.com — Cisco Umbrella Rank: 85
415 KB
5 gstatic.com
www.gstatic.com
101 KB
4 cardinalcommerce.com
songbird.cardinalcommerce.com — Cisco Umbrella Rank: 31775
centinelapi.cardinalcommerce.com
122 KB
1 fplynx.com
fplynx.com
155 B
54 5
Domain Requested by
14 play.google.com www.gstatic.com
13 hpc.freedompay.com payments.freedompay.com
hpc.freedompay.com
13 payments.freedompay.com payments.freedompay.com
5 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com hpc.freedompay.com
pay.google.com
payments.freedompay.com
www.gstatic.com
3 songbird.cardinalcommerce.com hpc.freedompay.com
songbird.cardinalcommerce.com
1 centinelapi.cardinalcommerce.com songbird.cardinalcommerce.com
1 fplynx.com 1 redirects
54 8

This site contains no links.

Subject Issuer Validity Valid
*.freedompay.com
Go Daddy Secure Certificate Authority - G2		 2023-05-04 -
2024-05-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.cardinalcommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-02-23 -
2024-03-25		 a year crt.sh

This page contains 4 frames:

Primary Page: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Frame ID: 37B74A5908D3750655D77456C1209FEF
Requests: 19 HTTP requests in this frame

Frame: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
Frame ID: FFD766A2F77586DDF475D4DAF42D8C4F
Requests: 6 HTTP requests in this frame

Frame: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
Frame ID: F05CBD12E961B9B53084378AA55365D1
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=
Frame ID: F56139C4468711B72162E51AB71FF9F7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LONPR - St.Pancras E-Comm Payment Page

Page URL History Show full URLs

  1. https://fplynx.com/79d03940-ee5f-460e-bc1a-0555295df748 HTTP 302
    https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

54
Requests

98 %
HTTPS

57 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

2048 kB
Transfer

3457 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fplynx.com/79d03940-ee5f-460e-bc1a-0555295df748 HTTP 302
    https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Payment
payments.freedompay.com/Checkout/
Redirect Chain
  • https://fplynx.com/79d03940-ee5f-460e-bc1a-0555295df748
  • https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
104 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4b80695f264de6f3cece794880d78a7366d04ef7833d63dd9d58f133f533a9af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private
Content-Length
106556
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Sep 2023 10:27:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

date
Tue, 26 Sep 2023 10:27:49 GMT
location
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
Simple
payments.freedompay.com/Checkout/Styles/ 		63 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/Styles/Simple?v=kcKMGfLQ9zSOIM9BVmeHSMxltEIzaKBDCmSIX8W3M3Y1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c86b40c9fff32ca70d70aad2b327c281c7661edd6aa7eda2de75501c3c188447

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
64652
Expires
Wed, 25 Sep 2024 10:27:51 GMT
jquery
payments.freedompay.com/Checkout/bundles/ 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
84814
Expires
Wed, 25 Sep 2024 10:27:51 GMT
jqueryui
payments.freedompay.com/Checkout/bundles/ 		234 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryui?v=nmuMA-O4C0zphhL2ApoyudBi4v4VCXr0cCFlFmBK2eU1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
239752
Expires
Wed, 25 Sep 2024 10:27:51 GMT
jqueryval
payments.freedompay.com/Checkout/bundles/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryval?v=l6TDTuZE9RVgXTlVOAc4C2uaFEcshao9OcBFLOqMGeo1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
44682
Expires
Wed, 25 Sep 2024 10:27:51 GMT
jqueryajax
payments.freedompay.com/Checkout/bundles/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryajax?v=OogFi3g5HLuGIHAgSqPk_6zluJg3HjxNAuUL0uNC8a81
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
3077
Expires
Wed, 25 Sep 2024 10:27:51 GMT
v-mask
payments.freedompay.com/Checkout/bundles/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/v-mask?v=UJ5DseB4YY3hNO1XBnbpfPQrIjJQEQm85uEsmtwuhHQ1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
6548
Expires
Wed, 25 Sep 2024 10:27:51 GMT
system
payments.freedompay.com/Checkout/bundles/ 		101 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/system?v=XTmgg879XhD7OU3I4uciY-sSJpkvWD9onk7_gvO1ueQ1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
045214d24104b53f4684a1a02fd7d4078252c50c46245db619f5b7f56a69ddeb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
103275
Expires
Wed, 25 Sep 2024 10:27:51 GMT
hpp
payments.freedompay.com/Checkout/bundles/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/hpp?v=MDstgGpdaB6WbAgl8iprEag4y1hwgA8TWupsxBpWdsA1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2f8a946feb8aa0ffe27b576b4c08203abecd7925796d07f4906981e9db7dc209

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
26634
Expires
Wed, 25 Sep 2024 10:27:51 GMT
pay
payments.freedompay.com/Checkout/bundles/hpp/ 		105 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/hpp/pay?v=Uf5jOXQDdRDcYsrahzIAp3jvMyjxGqFJE-I_X6RsFjc1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
30ff84b31d0f0d3f3104bc1b9891fcdb0ad64199490105b71f60d97367f3c339

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Last-Modified
Tue, 26 Sep 2023 10:27:51 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
107637
Expires
Wed, 25 Sep 2024 10:27:51 GMT
hpc_min.js
hpc.freedompay.com/api/v1.5//cdn/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.40595
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0d6721fe928cdc12ab308b78197c5366b15c6a91e8d2e6dd0d0940a1753f8d3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:50 GMT
Cache-Control
public, max-age=172800
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
79110
Content-Type
text/javascript; charset=utf-8
Model
payments.freedompay.com/Checkout/System/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/System/Model?cultureCode=en-US
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5e87a28f75cf302030b87be592636c7ff9e5b0de73105221ba2e7efe133ec02f

Request headers

Accept
*/*
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Tue, 26 Sep 2023 10:27:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
private
Content-Length
3075
HostedPaymentControls
payments.freedompay.com/Checkout/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/HostedPaymentControls
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2f9b6da957df776b06fa2ce51d8eb9e465f2c164b5445acf83f545c1cba860b

Request headers

Accept
*/*
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 26 Sep 2023 10:27:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Session-Key
eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
1051
HostedPaymentControls
payments.freedompay.com/Checkout/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/HostedPaymentControls
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
aaa1b461f5fdf5c2b1bfe1fed1be02b309d955452b10809fa8abe97c817751dd

Request headers

Accept
*/*
Referer
https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 26 Sep 2023 10:27:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Session-Key
eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
1025
controls
hpc.freedompay.com/api/v1.5/ Frame FFD7 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
236e26e5431e716d3b466f505d2214fb7dcad21cef959bbea134fd1443b239ba
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com https://play.google.com; default-src 'none'; font-src https: 'self'; frame-src https://pay.google.com 'self' https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'

Request headers

Referer
https://payments.freedompay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
3247
Content-Security-Policy
connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com https://play.google.com; default-src 'none'; font-src https: 'self'; frame-src https://pay.google.com 'self' https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Sep 2023 10:27:52 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
default_min.css
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame FFD7 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2684dae68f01286b9381fe54dcfeb052aa2d67757a3d1d649e7e0f7ea604469

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Content-Length
8356
Expires
-1
default_min.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame FFD7 		222 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ae10ff7fbdbaeaccf5dfd84883c20df0d96dcc5a477039fc245d57212f8a3e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Content-Length
226903
Expires
-1
messages_en-US.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame FFD7 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/messages_en-US.js?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiJrRnl1clRMaXlic2NVQXhKIiwidGFnIjoiLTkyMlZ5VG9pYXp5YVpUZWNCaG5CUSIsInppcCI6IkRFRiJ9.WlEXmdVrhzucgUvqBx4gz4IxaUv2I_RXOwjqvsM-m5MpbNlywr-O_MvN0zrDif1CupKc63q3O2WyXp-ol1dDoA.uSyCE23UeUF6bK2zGCA_0g.Y-qL3rGEdcKASO_oVQ5uRKD9q8qdMtiXppFGRhW5IHIe9ALGEmlXJQbXHCRaPkJ0oD6dbAJXLJ-ZgEWeQDDjXOPmTavQRd0i1_YTBLdtGJcesBo0E8yUL5ePDt_Fhr4JTg5euYsTYu6c010WLbSx-KfoEhMUwNtH8zMxlXv5IqzxWkq1dL0AwKSDPByK1jVO9I9DsTJd3CPnYj7oDBvp_MA7UrgMX1GzST_ZQUb9L07PNL9jo5hp350_NkVAo9cVD2vofwJ4LA38QfpgY8w3wu7b3Ly4LKc702bdFHHIjaSFaRs4U46TRBNc2BrB9kM6QblA-k28WX3R83CFYPDJ_RqdqjQ7JzgOHMtEI9bV7CMNelnT_drFUqFWjf2HVcZiagtglQs_qF2nGX03_mbeYliM4H2V-9VHFbD2mI5qVy7CKYwXIAQg6MhHqLpTyXKY5YTK4pWUvfS7f468EX9naa-wbBJCdka2nuO07bBHLJDC2BdfyN2ASXtARIGaUqyz.jNy7FnTjCAhpIE9Tdean75n1Dm74MtJDHQ9BBe4gXxQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Last-Modified
Mon, 28 Aug 2023 23:28:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Content-Length
3594
Expires
-1
controls
hpc.freedompay.com/api/v1.5/ Frame F05C 		47 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e06b86264f2fcbefdf6ed8ea2ed62e69e950faf28e491cdc8401bd1190fbf8e1
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'

Request headers

Referer
https://payments.freedompay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
47803
Content-Security-Policy
connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Sep 2023 10:27:52 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
pay.js
pay.google.com/gp/p/js/ Frame FFD7 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=23.12.1-release0001.46517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T2Al03pTAuRf95UmPFZFXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:27:52 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-T2Al03pTAuRf95UmPFZFXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 26 Sep 2023 10:27:52 GMT
default_min.css
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame F05C 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2684dae68f01286b9381fe54dcfeb052aa2d67757a3d1d649e7e0f7ea604469

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Content-Length
8356
Expires
-1
default_min.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame F05C 		222 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ae10ff7fbdbaeaccf5dfd84883c20df0d96dcc5a477039fc245d57212f8a3e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Content-Length
226903
Expires
-1
messages_en-US.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame F05C 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/messages_en-US.js?v=23.12.1-release0001.46517
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:52 GMT
Last-Modified
Mon, 28 Aug 2023 23:28:58 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Content-Length
3594
Expires
-1
payframe
pay.google.com/gp/p/ui/ Frame F561 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c27153b9b605d391669c70ab2bd322a4fddd3592e59be12899b03dc6060014e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zOiF1QpJarXi8_G-7nAdDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hpc.freedompay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zOiF1QpJarXi8_G-7nAdDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 26 Sep 2023 10:27:53 GMT
expires
Tue, 26 Sep 2023 10:27:53 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ Frame FFD7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 13:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
248388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
871
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 22 Sep 2024 13:28:05 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame F561 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba38e5288745ca705fbd6bf917ace5bb548963558473119c35183fc115e81b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 16:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56245
x-xss-protection
0
last-modified
Sat, 23 Sep 2023 03:25:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:27:41 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F561 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=b62bc496-38bc-461d-adc7-3a07c3c5e30e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG... Frame F561 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriZuhAQoCvTu7cGta4L2NDoZUyMxQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702531bd0427a60dea0450ed8f742543c3057ea8b297f47cf626deceb7a0a712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 16:27:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26924
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:27:42 GMT
pay
pay.google.com/gp/p/ui/ Frame F561 		1 MB
368 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57a555edcce2e895ba98989d2c9ffb1338f65c965b411e30d3c41f9cbc3b017a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-t9xr07VPhNwNbNJ_RXkoyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-t9xr07VPhNwNbNJ_RXkoyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 26 Sep 2023 10:27:53 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG... Frame F561 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriZuhAQoCvTu7cGta4L2NDoZUyMxQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5e7b8cf22cb5013749e5ba035da361aa5e770761a636fb07d79bfaabfce36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 16:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3923
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:27:43 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG... Frame F561 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TWG4OhFXjrM.L.B1.O/am=AMAY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriZuhAQoCvTu7cGta4L2NDoZUyMxQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed2a51e8c15d9f136bf7b19e12f3ec996d1e4a098f270c7602aeec60492210e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 16:27:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13844
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:27:43 GMT
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 26 Sep 2023 10:27:53 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F561 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.E0kzIQ_JJDA.es5.O/am=AMAY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhvtLI7_Q74QNENnaF2iKRQGqc4NA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 26 Sep 2023 10:27:53 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
security_code.svg
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame F05C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/security_code.svg
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:54 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Length
27537
Expires
-1
padlock.svg
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame F05C 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/padlock.svg
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9325ce7092be3c81e8b5ccf49db9bd84061c73133bda6972fa6288c2e35cafc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=23.12.1-release0001.46517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:54 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Content-Length
6651
Expires
-1
songbird.js
songbird.cardinalcommerce.com/edge/v1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.40595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:27:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1615
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2NvBXBGTVzV63DF18dlvEptynoli13nCB1MJGOYdK4vQrzeGgDwEhfPAohQl9rCv4M6wpW3sgeX0sWtgEuZZaodYhcHflqJ0wfT6LoZCFoDd9KLpxFb3N9DrQ%2FB4wbvIi5xTjRWrk06aFRClpykLNfE3CnCnxMLMgUi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
80cad1292924405e-LHR
expires
Tue, 26 Sep 2023 14:27:54 GMT
1.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		388 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:27:54 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3649803
cf-polished
origSize=397453
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SugvYgXWSpVTLymWwGW5gi%2BETJ45pho%2BfcydE%2BVvRH%2F3Mq6%2Bc642b3gVB%2FgJp45BeeeAgnF%2FQk%2FCoXPvC%2B%2Bxl%2F4Jnq4WiSma9lh5OzmlIYNdzswWIuIIzucl7AYEDbSUdQdtdUsohBKW4YaYBpFxpIBUNeWgV3gHLP7Q"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
80cad12a8f2a419a-LHR
expires
Sun, 24 Mar 2024 10:27:54 GMT
update
hpc.freedompay.com/api/v1.5/consumer/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/consumer/auth/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://payments.freedompay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type
Access-Control-Allow-Origin
https://payments.freedompay.com
Cache-Control
no-cache
Content-Length
0
Date
Tue, 26 Sep 2023 10:27:54 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
update
hpc.freedompay.com/api/v1.5/consumer/auth/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/consumer/auth/update
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.40595
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://payments.freedompay.com/
accept-language
en-GB,en;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiaXYiOiIzaWQyLWxSQTJnV3l2SmFPIiwidGFnIjoiSzdEY2dmSEVTU2dpT1BEdXUtMEVwdyIsInppcCI6IkRFRiJ9.U9FM1iM6epKT1E6NSD_HzZiUtmce93mUAos3LydKWi_WZJHbDfcHKgtPI2K71YdyOZMkCkrx8jLhSteOGyqUfA.t3f6QZkULKUhhzjAk6M_IA.AFm7X1rJ5sY6BGmHFXqU-4vUFkXfZHWFhEGlLazT5JATLm0y_XuPWI8NhIcwriafgaxrPSKfx4n21c2KplCBIQJvLmx4gubLUTMjQlWOm_lGYiAqQ8XOw1q1EKk4Er4g-TbccYB8gwLlNNjiIvXrEj8nrl8yCIUHgd_m0NFVT4Z_7mz6Jd_ZiR4GfzgxaT6lQAHBnhss5TUrL4cCbhdc7oud_mVzheUAwXdjr7LjZNyWLw_G2enfdhmhHNxDVN-Svp9g-FfUsfP-b1aTHBj6MqmsG5NjTYvRNxov4-nZ1L9BWfPkD2sWTEHSrktw2qe9vXJHOXsGMxSmDA193n4EwcVCD2ejmXNkGWIoIplFMTlCbihfSl9bykAkFUqGW_FsdSJXCL0FOe6vp5bf6_0u9JWcMCVtZ4mal80MiQH9GDd3PVwl3pblb9RdUUlnSU-Ws7CTBxVCOH8MEjP8A5VaUTLTpwAztUd5rUgXAqHo4UhvG3UbDMCU1AcNzWfazOSd.qv7NT7lSShh4Bo0D7RliRj95hC4q1mpsrLpBpgJZJEs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 26 Sep 2023 10:27:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
https://payments.freedompay.com
Cache-Control
no-cache
Content-Length
0
Expires
-1
12.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/12.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4162dc2055e7aaa1ffbb17aaf27c80b18deeabb669d4e6850541213632b1cb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 10:27:55 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5425035
cf-polished
origSize=23843
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZUmUt%2BRqWql57rChoRKAYUUzuzlLqGB3IqqW%2BcsIhfFHl69umfmN6UMxJMYcsqsVnjaEV0SHWAPwwe70Z%2FUYy%2FAOpw7c0gdxp4FdOgqcGLbSVRJM%2BcUy5jEP8qgf%2BZZr%2FJ7N9XsFE1bT8AOCSD50IMv2jRnH3uJT8ny"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
80cad1308b06419a-LHR
expires
Sun, 24 Mar 2024 10:27:55 GMT
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cardinal-tid
Access-Control-Request-Method
POST
Origin
https://payments.freedompay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-cardinal-tid
access-control-allow-methods
GET,POST,HEAD,OPTIONS
access-control-allow-origin
https://payments.freedompay.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
cf-ray
80cad130fbdd419a-LHR
content-length
0
date
Tue, 26 Sep 2023 10:27:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i6Q5vQLAHx40mMwdnoVyo9e4NxUb9eJ5tfykBMoO81BvrAj57iflSeZUWl1t6ORuOqw9K9kOMlcUq17doHJWqxY2%2BKFzHn53viOQXY%2BWp%2BsyDwO1N7LdHUP3ykD1%2BeC1z5ZfGrEufqKaiae9Cdwiojkqa8Nlbu3quHcHY3%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
centinelapi.cardinalcommerce.com
URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| isUndefinedOrEmpty function| isUndefined function| logToConsole function| isInternetExplorer function| luhnChk object| ea object| VueMask object| FreedomPay function| Vue object| utilities string| securityClassesEnabled string| securityClassesDisabled function| HandleResponse function| HandleErrorMessage function| pageInit function| songbirdLoader object| Cardinal function| setImmediate function| clearImmediate

2 Cookies

Domain/Path Name / Value
payments.freedompay.com/ Name: ASP.NET_SessionId
Value: tnklxvh444y0xi5j0mc5r525
.google.com/ Name: NID
Value: 511=dOuKX4kTzFAnC8XNi60G_Eb6IX-jpqi1DZ2h23xSeUksNzcxGZQypFjWzYEfUlrQH-kMlfuHqtKC21KMlfzzBl366-APXchJcLBeMpqqzsi4liR2TeVv_452Hx7SVS3fQpvQHOp51c2eDlpwizaZXmh4M6aW_kRZZOi7zdWePw0

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

centinelapi.cardinalcommerce.com
fplynx.com
hpc.freedompay.com
pay.google.com
payments.freedompay.com
play.google.com
songbird.cardinalcommerce.com
www.gstatic.com
centinelapi.cardinalcommerce.com
2606:4700::c6d9:fbfb
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2003
2a00:1450:400c:c07::5c
64.74.156.34
64.74.156.36
64.74.156.49
045214d24104b53f4684a1a02fd7d4078252c50c46245db619f5b7f56a69ddeb
0d6721fe928cdc12ab308b78197c5366b15c6a91e8d2e6dd0d0940a1753f8d3e
14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb
1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1
1cb146a6294f46b5d58de858134694c25c9bbd944c25ef47c259cddc7f4d60a8
236e26e5431e716d3b466f505d2214fb7dcad21cef959bbea134fd1443b239ba
2ae10ff7fbdbaeaccf5dfd84883c20df0d96dcc5a477039fc245d57212f8a3e3
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a
2f8a946feb8aa0ffe27b576b4c08203abecd7925796d07f4906981e9db7dc209
30ff84b31d0f0d3f3104bc1b9891fcdb0ad64199490105b71f60d97367f3c339
391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf
4b80695f264de6f3cece794880d78a7366d04ef7833d63dd9d58f133f533a9af
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
57a555edcce2e895ba98989d2c9ffb1338f65c965b411e30d3c41f9cbc3b017a
5e87a28f75cf302030b87be592636c7ff9e5b0de73105221ba2e7efe133ec02f
62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7
6b5e7b8cf22cb5013749e5ba035da361aa5e770761a636fb07d79bfaabfce36d
702531bd0427a60dea0450ed8f742543c3057ea8b297f47cf626deceb7a0a712
7c27153b9b605d391669c70ab2bd322a4fddd3592e59be12899b03dc6060014e
a9325ce7092be3c81e8b5ccf49db9bd84061c73133bda6972fa6288c2e35cafc
aaa1b461f5fdf5c2b1bfe1fed1be02b309d955452b10809fa8abe97c817751dd
b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061
ba38e5288745ca705fbd6bf917ace5bb548963558473119c35183fc115e81b98
c2f9b6da957df776b06fa2ce51d8eb9e465f2c164b5445acf83f545c1cba860b
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
c86b40c9fff32ca70d70aad2b327c281c7661edd6aa7eda2de75501c3c188447
d4162dc2055e7aaa1ffbb17aaf27c80b18deeabb669d4e6850541213632b1cb5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e06b86264f2fcbefdf6ed8ea2ed62e69e950faf28e491cdc8401bd1190fbf8e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2a51e8c15d9f136bf7b19e12f3ec996d1e4a098f270c7602aeec60492210e3
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
f2684dae68f01286b9381fe54dcfeb052aa2d67757a3d1d649e7e0f7ea604469
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073