urlscan.io logo urlscan.io
SecurityTrails logo

www.payments.henfree.ie Open in urlscan Pro
185.224.198.152  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.payments.henfree.ie/
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 185.224.198.152, located in Dublin, Ireland and belongs to IOMART-IE, GB. The main domain is www.payments.henfree.ie.
TLS certificate: Issued by R11 on July 9th 2024. Valid for: 3 months.
This is the only time www.payments.henfree.ie was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 185.224.198.152 21130 (IOMART-IE)
2 18.245.31.104 16509 (AMAZON-02)
7 18.245.31.85 16509 (AMAZON-02)
17 4
Apex Domain
Subdomains		 Transfer
9 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2755
208 KB
8 henfree.ie
www.payments.henfree.ie
101 KB
17 2
Domain Requested by
9 js.stripe.com www.payments.henfree.ie
js.stripe.com
8 www.payments.henfree.ie www.payments.henfree.ie
17 2

This site contains links to these domains. Also see Links.

Domain
www.henfree.ie
Subject Issuer Validity Valid
www.payments.henfree.ie
R11		 2024-07-09 -
2024-10-07		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.payments.henfree.ie/
Frame ID: 7901B10D3F507BC013C2A63D4AB99B66
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-d4e2bdd6d43b021b40260cac398c8936.html
Frame ID: 276FD3B7AA80322417C17ADAF3C9FBF1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-eb0a683f04ebbfffb95453ee8957f1f3.html
Frame ID: D161B26731918C9589F949C6AE93A145
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-d3db0c2028fbf50a36ca1411437e47c8.html
Frame ID: 3F7D92A2D078E131815280635564A2E1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-a26080320787a41c4ad7ea8283ddb619.html
Frame ID: 8273ACB7EDD69B0FE87A3F6C07E13E99
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 89C1856173C5E862C9702D750975253F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-bd7a37f84dcb1d87bbec010d1fb64d05.html
Frame ID: B2698438B224E55110152401DC712854
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-faa17cc7e10746906ce69d0bd6787e8b.html
Frame ID: 3D09D204E369A2CBF17664B6F3745466
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hen Free Payment

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

382 kB
Transfer

1050 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.payments.henfree.ie/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
3013aada8835775332c0e5c88b97733cdaf146207122d7909dbb3b6839e25116

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1713
content-type
text/html
date
Tue, 09 Jul 2024 11:28:59 GMT
last-modified
Thu, 10 May 2018 12:25:08 GMT
server
Apache
vary
Accept-Encoding,User-Agent
style.css
www.payments.henfree.ie/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/css/style.css
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
c1a8989034cfd122f0fc0284442f3409afe7722c67ed9dab1ca022888afee540

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:28:59 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 12:34:44 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
2781
style.css
www.payments.henfree.ie/vendor/orlandotm/payment-webfont/ 		162 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/vendor/orlandotm/payment-webfont/style.css
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
691cb56fbff5bc7e29d5d77de5c6441af76228321f4f57a390796d03e0c3c6fd

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:28:59 GMT
content-encoding
gzip
last-modified
Sun, 22 Apr 2018 20:58:04 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
text/css
/
js.stripe.com/v3/ 		619 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-104.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2e7253a0c44c9fca9ee83bc6734c3fe0c7f62390de3e2943f3d01e12e6d51bae
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:28:28 GMT
content-encoding
gzip
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
41
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
last-modified
Mon, 08 Jul 2024 22:03:52 GMT
server
Cloudfront
etag
W/"a520e9bf5a82b3a2c3168f2de82f66ba"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
SkJTd1Eu6wxQZ-ASJKs65hvgNx0oBtUry9klGJKvV6QN1zDpCMIiVw==
payment.js
www.payments.henfree.ie/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/js/payment.js
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
8282d5e7dcc9b67ee8ff583911a5faaafc96edf64549077451be8c37c10f8fea

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:28:59 GMT
content-encoding
gzip
last-modified
Tue, 29 May 2018 11:51:21 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1706
index.js
www.payments.henfree.ie/js/ 		1 KB
501 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/js/index.js
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
395b2a2a60b085124e9f71bb1a3c603cfae6358791522bb69b507fba123fea6b

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:28:59 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 12:32:50 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
446
logo.png
www.payments.henfree.ie/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payments.henfree.ie/images/logo.png
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
79a71b1daa3a72bd98439e595726897f9aa205959e67f8fd6b741a9daa810f70

Request headers

Referer
https://www.payments.henfree.ie/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:29:00 GMT
last-modified
Fri, 10 Nov 2017 16:18:08 GMT
server
Apache
accept-ranges
bytes
content-length
19586
content-type
image/png
help.svg
www.payments.henfree.ie/images/ 		991 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payments.henfree.ie/images/help.svg
Requested by
Host: www.payments.henfree.ie
URL: https://www.payments.henfree.ie/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
443cdc16d9fe2425244150245dbf3155e6045950f65d68b39e8877c85562ec92

Request headers

Referer
https://www.payments.henfree.ie/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:29:00 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 12:35:38 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
accept-ranges
bytes
content-length
581
truncated
/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
555b702cc9d8ed2a064f442bd433a090636e9089194a70f0eb872caa6ccb28e5

Request headers

Referer
Origin
https://www.payments.henfree.ie
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
controller-with-preconnect-d4e2bdd6d43b021b40260cac398c8936.html
js.stripe.com/v3/ Frame 276F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-d4e2bdd6d43b021b40260cac398c8936.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
41
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:28:19 GMT
etag
"d4e2bdd6d43b021b40260cac398c8936"
last-modified
Mon, 08 Jul 2024 17:05:15 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
ouliL1oZySRFUYVRctnECRfmwwRw0D828-p8_iiS1iy9TzQJh59pYQ==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-eb0a683f04ebbfffb95453ee8957f1f3.html
js.stripe.com/v3/ Frame D161 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-eb0a683f04ebbfffb95453ee8957f1f3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
424
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:22:14 GMT
etag
"eb0a683f04ebbfffb95453ee8957f1f3"
last-modified
Mon, 08 Jul 2024 17:05:29 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
vHlmt7LMc0tP6HtMmhk_RqmsEh9421o0dKOPJN3MiA3BtWEoB9Vs9g==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-d3db0c2028fbf50a36ca1411437e47c8.html
js.stripe.com/v3/ Frame 3F7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-d3db0c2028fbf50a36ca1411437e47c8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
52
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:28:10 GMT
etag
"d3db0c2028fbf50a36ca1411437e47c8"
last-modified
Mon, 08 Jul 2024 17:05:29 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
zy7qjxXNeh2Ek7xRE9aXU82JeeruqcheqmzcTgxz73l8DM6th2c3Hw==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-a26080320787a41c4ad7ea8283ddb619.html
js.stripe.com/v3/ Frame 8273 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-a26080320787a41c4ad7ea8283ddb619.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1154
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:09:48 GMT
etag
W/"a26080320787a41c4ad7ea8283ddb619"
last-modified
Mon, 08 Jul 2024 17:05:15 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
LfOJR9r3zRs0u4eQkvFtLYIj4y-L8DksHozXdGArb_sPm2Irl4hxfg==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 89C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
831
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:15:11 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 05 Jul 2024 17:12:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
8_1CdD-EhoHGO8z8_yofuNrem3bWyXlkJ8l75qENtGPoHiRIsvHqrw==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ 		148 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-104.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:49:23 GMT
content-encoding
gzip
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2399
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
last-modified
Fri, 05 Jul 2024 17:12:01 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
51kjqJ_JYuxBg6HlXrSfY7RHJTKoI4xnDt8OVkO2IJSnZCc34V-STw==
hcaptcha-invisible-bd7a37f84dcb1d87bbec010d1fb64d05.html
js.stripe.com/v3/ Frame B269 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-bd7a37f84dcb1d87bbec010d1fb64d05.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-j+Xp+16p082j+RH/OnDEHWhrVZ77AuCG3VuRTFuwXbQ='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1162
cache-control
max-age=31536000
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-j+Xp+16p082j+RH/OnDEHWhrVZ77AuCG3VuRTFuwXbQ='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:09:39 GMT
etag
W/"3ff3a912f6021b96fb2d69a0e7f0f918"
last-modified
Mon, 08 Jul 2024 17:05:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
Iq0XGgAStvEAMiZ96uATWO2qd_9-jR3DWsWhcq75JwPmwTB0CQ37ww==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-payment-request-faa17cc7e10746906ce69d0bd6787e8b.html
js.stripe.com/v3/ Frame 3D09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-faa17cc7e10746906ce69d0bd6787e8b.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.henfree.ie/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1160
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 11:10:01 GMT
etag
W/"faa17cc7e10746906ce69d0bd6787e8b"
last-modified
Mon, 08 Jul 2024 17:05:15 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
6J3hU6pBmLd8Kw5Jn4gapnEjTUs6dRvFrnySiFqhl9OU9aecPr-OUw==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.png
www.payments.henfree.ie/images/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.payments.henfree.ie/images/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.224.198.152 Dublin, Ireland, ASN21130 (IOMART-IE, GB),
Reverse DNS
enterprise52.fastsecurehost.com
Software
Apache /
Resource Hash
bf49684adfbfc7b0104496ab609dbcbe8976a4425d118a4605fdfa253ddaff86

Request headers

Referer
https://www.payments.henfree.ie/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 11:29:01 GMT
last-modified
Thu, 27 Jul 2017 13:16:14 GMT
server
Apache
accept-ranges
bytes
content-length
2694
content-type
image/png

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| webpackChunkStripeJSouter function| noop function| Stripe object| stripe object| elements string| description object| card object| paymentRequest object| prButton object| payButton function| stripeTokenHandler function| streipSourceHandler function| amountChange function| eventChange function| calculateFullAmount object| amountInput object| eventInput

4 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: b1889cc8-fe72-462f-98c8-3e0501c4acabeaf1fb
.www.payments.henfree.ie/ Name: __stripe_mid
Value: effeb9cb-6b08-4f4f-88f0-0cbcabec07466da916
.www.payments.henfree.ie/ Name: __stripe_sid
Value: 609f80b4-920f-445f-ba05-dc90537e3cd854c298
api.hcaptcha.com/ Name: hmt_id
Value: b941bfda-2dea-432b-b712-5d95c454f15a

4 Console Messages

Source Level URL
Text
other warning URL: https://www.payments.henfree.ie/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.payments.henfree.ie/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://www.payments.henfree.ie/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://www.payments.henfree.ie/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".