1.customs-epay.com Open in urlscan Pro
217.196.239.230 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
Submission: On August 10 via api (August 10th 2022, 10:00:15 pm UTC) from IE — Scanned from GB

Summary HTTP 80 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 80 HTTP transactions. The main IP is 217.196.239.230, located in Wallington, United Kingdom and belongs to HSO-GROUP, GB. The main domain is 1.customs-epay.com.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on August 27th 2021. Valid for: a year.

This is the only time 1.customs-epay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	217.196.239.230 217.196.239.230	39326 (HSO-GROUP) (HSO-GROUP)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	18.66.192.73 18.66.192.73	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	52.29.159.59 52.29.159.59	16509 (AMAZON-02) (AMAZON-02)
18	52.58.254.76 52.58.254.76	16509 (AMAZON-02) (AMAZON-02)
6	18.66.97.40 18.66.97.40	16509 (AMAZON-02) (AMAZON-02)
3	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
7	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
14	2606:4700::c6... 2606:4700::c6d9:fbfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.214.74 52.222.214.74	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
80	14

20 217.196.239.230 (Wallington, United Kingdom)

ASN39326 (HSO-GROUP, GB)
PTR: radius_2_06.ccllhr.net

1.customs-epay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-73.muc50.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.159.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.58.254.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.97.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-40.fra56.r.cloudfront.net

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
centinelapi.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
writer.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-74.fra56.r.cloudfront.net

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 7834 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 7620 assets.braintreegateway.com — Cisco Umbrella Rank: 17442	319 KB
20	customs-epay.com 1.customs-epay.com	343 KB
14	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 20301 centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 19790 geo.cardinalcommerce.com — Cisco Umbrella Rank: 20206 writer.cardinalcommerce.com — Cisco Umbrella Rank: 19681	222 KB
9	paypal.com www.paypal.com — Cisco Umbrella Rank: 2157 checkout.paypal.com — Cisco Umbrella Rank: 14409 t.paypal.com — Cisco Umbrella Rank: 2941	31 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1942	454 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	32 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9588	2 KB
2	gstatic.com fonts.gstatic.com	62 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
80	9

	Domain	Requested by
20	1.customs-epay.com	1.customs-epay.com
18	client-analytics.braintreegateway.com	js.braintreegateway.com assets.braintreegateway.com
7	www.paypal.com	www.paypalobjects.com
6	assets.braintreegateway.com	js.braintreegateway.com
5	geo.cardinalcommerce.com	songbird.cardinalcommerce.com geo.cardinalcommerce.com cdnjs.cloudflare.com
5	songbird.cardinalcommerce.com	js.braintreegateway.com songbird.cardinalcommerce.com
3	www.paypalobjects.com	js.braintreegateway.com www.paypal.com
3	js.braintreegateway.com	1.customs-epay.com
2	writer.cardinalcommerce.com	songbird.cardinalcommerce.com
2	cdnjs.cloudflare.com	geo.cardinalcommerce.com
2	centinelapi.cardinalcommerce.com	songbird.cardinalcommerce.com
2	payments.braintree-api.com	js.braintreegateway.com
2	fonts.gstatic.com	fonts.googleapis.com
1	t.paypal.com
1	checkout.paypal.com	js.braintreegateway.com
1	fonts.googleapis.com	1.customs-epay.com
80	16

This site contains links to these domains. Also see Links.

Domain
www.gov.uk

Subject Issuer	Validity	Valid
*.customs-epay.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-27` - `2022-08-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-07-28` - `2023-08-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2021-12-08` - `2022-11-12`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2023-04-16`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-04-05` - `2023-04-02`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
Frame ID: 8BE021DB2E31813975396141B20507E6
Requests: 48 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.83.0/html/dispatch-frame.min.html
Frame ID: 88675F1498CFF6A9744E33F836FE0A19
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1
Frame ID: 0356E18E139872D77D1D0F88BD7B4482
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: ED508ABF82535E756F3AF91AB8904E24
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 9D6569FE41FC681382BCA3BAD8BB5F77
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 7D449CD3177D36518CDB970DC8C3EA4A
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: AC5D218153DA4DF6F614325C351E2731
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 3C5DFA967D923F5544C9DA5396BF94AD
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: C9AC16137B8F12F0EE6952723AC42933
Requests: 1 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird
Frame ID: 06CBCDBAAD81ADA5D9D2242D88A099BF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CCL - ePayVisaMasterCardUnion PayAmerican ExpressJCBDiscoverDiners ClubMaestroPayPal LogoPayPal Credit LogoGeneric CardCVV BackCVV FrontCheckXLock LoaderApple Pay LogoGoogle Pay MarkVenmo

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

100 %
HTTPS

31 %
IPv6

9
Domains

16
Subdomains

14
IPs

3
Countries

1465 kB
Transfer

5834 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gov.uk/goods-sent-from-abroad/tax-and-duty
Title: https://www.gov.uk/goods-sent-from-abroad/tax-and-duty

Search URL Search Domain Scan URL

URL: https://www.gov.uk/vat-rates
Title: https://www.gov.uk/vat-rates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request pD Show response
1.customs-epay.com/ 72 KB
11 KB 1485ms
943ms Document
text/html 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

4e83e2da0fe25d39b28118a9fb64e3f512a1846cd0afbf39e3d4bd786c4c10d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 10495
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Aug 2022 22:00:09 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XXS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d412e37ad91838a27d9db29a2c39f6baf75e1ca71f41566d61b114c0aa8b7886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 21:53:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 10 Aug 2022 22:00:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Aug 2022 22:00:10 GMT

GET
H/1.1 200
OK vendors.min.css
1.customs-epay.com/vendors/css/ 50 KB
5 KB 35ms
34ms Stylesheet
text/css 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/css/vendors.min.css

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 4628
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK prism.min.css
1.customs-epay.com/vendors/css/ui/ 7 KB
3 KB 34ms
32ms Stylesheet
text/css 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/css/ui/prism.min.css

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

6504ed11843b0563494c7a7a54fac4306f4975fa569a987afd85791bce33eee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 2150
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK ccl_core.css
1.customs-epay.com/css/ 575 KB
80 KB 82ms
46ms Stylesheet
text/css 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/css/ccl_core.css

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

0717a5d563f878d443a0d49661ab10f9dff5d67490bf2e5821d679981e75ee77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK vertical-menu.css
1.customs-epay.com/css/base/core/menu/menu-types/ 11 KB
2 KB 67ms
32ms Stylesheet
text/css 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/css/base/core/menu/menu-types/vertical-menu.css

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

5d72fa5225a251313d359b5e195b0c788bd26b0cd0749886dee420ac46ba86f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 1828
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK overrides.css
1.customs-epay.com/css/ 2 KB
962 B 100ms
32ms Stylesheet
text/css 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/css/overrides.css

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

e68bf9d64b83df35e027df5521b6a9ffb3ad9f46d03fa80b3ad74373d0048829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 548
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK ccl_white.svg
1.customs-epay.com/images/logo/ 3 KB
3 KB 54ms
32ms Image
image/svg+xml 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.customs-epay.com/images/logo/ccl_white.svg

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

1657bbfe80e2bbda76d5898e4ac87bbae780bc5efefcfca0646e0394174ad0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XXS-Protection: 1; mode=block
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3094

GET
H/1.1 200
OK jquery-3.6.0.min.js Show response
1.customs-epay.com/js/scripts/jquery/ 87 KB
31 KB 121ms
36ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/jquery/jquery-3.6.0.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 30908
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK bootstrap.min.js Show response
1.customs-epay.com/js/scripts/ 76 KB
23 KB 147ms
35ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/bootstrap.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

e5152c883385e8b17bb8502d11112397b17332dcfdf04ae61d99b08084aea60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 23063
Keep-Alive: timeout=5, max=98

GET
H2 200 dropin.min.js Show response
js.braintreegateway.com/web/dropin/1.32.1/js/ 465 KB
113 KB 329ms
92ms Script
application/javascript 18.66.192.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-73.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

28e0c23278b516040413db264c90929581a34de52e2296f2d73e3b2e9633e7fa

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:51:10 GMT
content-encoding: gzip
age: 7740
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 17:16:18 GMT
server: nginx
etag: W/"62f3e7e2-74573"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
x-amz-cf-pop: MUC50-P1
x-amz-cf-id: 7e9BAX9VbtOO2cm39dkM8Tlhxy-z0qbi5IitelL5dFIz6GMBQR04zA==
expires: Thu, 11 Aug 2022 19:51:10 GMT

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.85.1/js/ 42 KB
13 KB 292ms
55ms Script
application/javascript 18.66.192.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.1/js/client.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-73.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

5101a504830782796ab3a6a26a9ae62028124bad7e7b5f00b9eb45a76d8849d6

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 16:46:31 GMT
content-encoding: gzip
age: 18819
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
etag: W/"62ded20e-a839"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
x-amz-cf-pop: MUC50-P1
x-amz-cf-id: Dm5B5N3ZOVN0rjCXGqFVSkhid03z-cX7XjfDg7B30x284iVwJUrWVw==
expires: Thu, 11 Aug 2022 16:46:31 GMT

GET
H2 200 three-d-secure.min.js Show response
js.braintreegateway.com/web/3.85.1/js/ 60 KB
16 KB 329ms
92ms Script
application/javascript 18.66.192.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.1/js/three-d-secure.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-73.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

59b0a24d0ee7c0d64c8f07e6d1e19a3f5e0b7ad87d3f8d728d184bfa26583cc3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 21:24:00 GMT
content-encoding: gzip
age: 2171
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 17:16:17 GMT
server: nginx
etag: W/"62f3e7e1-eef5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
cache-control: max-age=86400
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
x-amz-cf-pop: MUC50-P1
x-amz-cf-id: KsfOSVzCziyrImz4MMo1u8MFMBDgDnsA5n5EXIqXnmtFDlE0gIOodw==
expires: Thu, 11 Aug 2022 21:24:00 GMT

GET
H/1.1 200
OK data-collector.min.js Show response
1.customs-epay.com/js/scripts/braintree/ 32 KB
11 KB 167ms
33ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/braintree/data-collector.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

dfb494c4e0364293f33dbeef360acbdd8d625306f8dae005576b7b0fe9926c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 10709
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK vendors.min.js Show response
1.customs-epay.com/vendors/js/ 373 KB
108 KB 189ms
41ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/js/vendors.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

dee500a67a4d5563c317f1766d0f3c0fe16d285a3aeb992a01a33259a191ca6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK jquery.validate.min.js Show response
1.customs-epay.com/vendors/js/forms/validation/ 24 KB
8 KB 170ms
35ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/js/forms/validation/jquery.validate.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

a6555b1c4340cf60287bc2659ede68d30bef2c8dd72174bc2f75054fb885fdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 7821
Keep-Alive: timeout=5, max=93

GET
H/1.1 200
OK prism.min.js Show response
1.customs-epay.com/vendors/js/ui/ 39 KB
14 KB 159ms
33ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/js/ui/prism.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

2630e9af8c0ac989f392285b07aaa1873634289b1e279154990d0551bcffff5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 14311
Keep-Alive: timeout=5, max=92

GET
H/1.1 200
OK flatpickr.min.js Show response
1.customs-epay.com/vendors/js/pickers/flatpickr/ 47 KB
14 KB 154ms
34ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/vendors/js/pickers/flatpickr/flatpickr.min.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

16756baee908cf5b24577c3a54f87bb28daf55f5f445c8de76db9bd82b54b202

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 13710
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK app-menu.js Show response
1.customs-epay.com/js/core/ 208 KB
12 KB 126ms
35ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/core/app-menu.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

10536556a0f08ee63428310413e2db94f2023d857559dd393ce8c2bc6f8cbd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 11403
Keep-Alive: timeout=5, max=91

GET
H/1.1 200
OK app.js Show response
1.customs-epay.com/js/core/ 37 KB
9 KB 122ms
33ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/core/app.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

48dd1a4a25c24176c1fd58af401f7fbda6cccbc78781f73701d2c999d9873491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 8748
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK customizer.js Show response
1.customs-epay.com/js/scripts/ 9 KB
2 KB 105ms
33ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/customizer.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

bd76c3c84fedf9055d5f42d83330e993e4433eb5a88114f471eed3bf28674c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 1927
Keep-Alive: timeout=5, max=90

GET
H/1.1 200
OK braintree-threeDsecure-payment-info.js Show response
1.customs-epay.com/js/scripts/pages/ 9 KB
3 KB 101ms
32ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/pages/braintree-threeDsecure-payment-info.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

e5b14779e2b906a3af740cae92717197126946f320d2112b458331f876f7b70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 2308
Keep-Alive: timeout=5, max=93

GET
H/1.1 200
OK custom.js Show response
1.customs-epay.com/js/scripts/ 4 KB
2 KB 88ms
32ms Script
application/javascript 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to

Full URL

https://1.customs-epay.com/js/scripts/custom.js

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

b12edb946d5f0afedb272f233c600cf8e635ade668ccd839525264a3fececc0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/pD?et=Mjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 28 Jul 2022 10:27:46 GMT
Server: Apache
Date: Wed, 10 Aug 2022 22:00:11 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
X-XXS-Protection: 1; mode=block
Content-Length: 1349
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK gb.svg
1.customs-epay.com/fonts/flag-icon-css/flags/4x3/ 1005 B
1 KB 35ms
32ms Image
image/svg+xml 217.196.239.230
HSO-GROUP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.customs-epay.com/fonts/flag-icon-css/flags/4x3/gb.svg

Requested by

Host: 1.customs-epay.com
URL: https://1.customs-epay.com/vendors/css/vendors.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

217.196.239.230 Wallington, United Kingdom, ASN39326 (HSO-GROUP, GB),

Reverse DNS

radius_2_06.ccllhr.net

Software

Apache /

Resource Hash

f1ca737ab6b301f59b2a5cd5eb2a5d0ac23da1899a850dbcd1a5ba199b927f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/vendors/css/vendors.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XXS-Protection: 1; mode=block
Server: Apache
Date: Wed, 10 Aug 2022 22:00:10 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Last-Modified: Thu, 28 Jul 2022 10:27:47 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1005

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 672394133a60c9777aee30b5d938d99c7dc2f2b64d1d06c5ed035a09b9ec230c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 585351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 03:24:20 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 31 KB
31 KB 175ms
85ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;1,400;1,500;1,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 01:27:01 GMT
x-content-type-options: nosniff
age: 592390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31760
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 01:27:01 GMT

OPTIONS
H/1.1 200
OK graphql
payments.braintree-api.com/ Frame 0
0 293ms
44ms Preflight 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://1.customs-epay.com
access-control-max-age: 1800
date: Wed, 10 Aug 2022 22:00:11 GMT
paypal-debug-id: c2dcda1a6c584
server: nginx
transfer-encoding: chunked

POST
H/1.1 200
OK graphql Show response
payments.braintree-api.com/ 2 KB
2 KB 431ms
431ms XHR
application/json 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

352253c69dc2ea8e161032865a54da7f4c23784dae7f045976e3cdf49512ea1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NjAyNTUyMTAsImp0aSI6Ijc0NDhlY2NmLTY1NjktNDNlYi04OWFlLTE1NzY1YzkyMWE4ZiIsInN1YiI6IjZzeW16cmNmbXBzcmN4bnEiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjZzeW16cmNmbXBzcmN4bnEiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoiZHdheW5lY2NsbGhyY29tIn19.Ou-AOidbox3C4i8kb9RHMnpVKose4UNIizt16KLt9-XPllXAMz1BA5X4FSCUQRsyBFYPYZGYsd6GcRDDmiSonQ
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 10 Aug 2022 22:00:11 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
server: nginx
X-Frame-Options: DENY
vary: Braintree-Version, Accept-Encoding
Content-Type: application/json
access-control-allow-origin: https://1.customs-epay.com
Cache-Control: no-cache, no-store
braintree-version: 2016-10-07
paypal-debug-id: a4cd5c0b86824
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1431

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 183ms
40ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 187ms
42ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 187ms
42ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 42ms
42ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 44ms
43ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 43ms
43ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dropin.min.css
assets.braintreegateway.com/web/dropin/1.32.1/css/ 21 KB
4 KB 204ms
42ms Stylesheet
text/css 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/dropin/1.32.1/css/dropin.min.css

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

7a8acb2ec6ff7947b7ed2606870c7bbdddd3c02ae7800064797524de0cae44d3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
etag: W/"62ded210-5356"
age: 58199
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 17:25:36 GMT
server: nginx
date: Wed, 10 Aug 2022 05:50:13 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: oUNprYwnu3402TQ8CE6sV7eQnMB8Ow5ISIy9ZcqWe-5Ab2hiThvgGg==
expires: Thu, 11 Aug 2022 05:50:13 GMT

GET
H2 200 checkout.min.js Show response
www.paypalobjects.com/api/ 862 KB
189 KB 140ms
29ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.min.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
paypal-debug-id: 189e9096f1aee
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 192776
x-served-by: cache-sjc10027-SJC, cache-lcy19249-LCY
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
traceparent: 00-0000000000000000000189e9096f1aee-82553a7f16d120d4-01
x-timer: S1660168812.076329,VS0,VE0
etag: W/"6266d4b0-d7987"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 29

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 358ms
248ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=1.customs-epay.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Oalv7wgMsi+7BaAMPP/Eb4c/vH5eY7r0lA19uj8hkDGkTcO2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Oalv7wgMsi+7BaAMPP/Eb4c/vH5eY7r0lA19uj8hkDGkTcO2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT, HIT
paypal-debug-id: f902730d2a466
server-timing: "traceparent;desc="00-0000000000000000000f902730d2a466-f5b1ee1ade457c23-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7357-LHR, cache-lcy19240-LCY
traceparent: 00-0000000000000000000f902730d2a466-4a05acdfa2506d79-01
x-timer: S1660168812.324983,VS0,VE216
x-frame-options: SAMEORIGIN
date: Wed, 10 Aug 2022 22:00:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1, 1

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 42ms
42ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 173ms
63ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1725
access-control-allow-methods: GET, POST
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLYnYKFW9uXC0C%2FYSReH6SvUTmFSjYUWnS53cbZI99OQIi0E8p%2FDXlOVI0vkzxtqOBoqNJtQPCl4grxSgW7a%2B6M8T9yPLyTXxtdYcr66IcjFOxH6TLFRQGEzRNMr9foVu9WJnT2LpafH%2FwekxZSf7oiEXKVKrU%2Bi3mQf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 02:00:12 GMT
cache-control: public, max-age=14400
cf-ray: 738c00c5482b233d-ZRH
cf-bgj: minify

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 43ms
43ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.83.0/html/ Frame 8867 10 KB
4 KB 200ms
42ms Document
text/html 52.222.214.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.83.0/html/dispatch-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-74.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02c93fedf284ce5c2974f42ab35ad15754852d1dbc94d2d9032df250d2ad7f20

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 63510
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 04:21:42 GMT
etag: W/"62ded20d-261a"
expires: Thu, 11 Aug 2022 04:21:42 GMT
last-modified: Mon, 25 Jul 2022 17:25:33 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-id: -vLHQEXIORpSokCbCOAReaR32JDXiB7Xw8audEhh-AEto3HG6MGmqA==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 41ms
41ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 41ms
41ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 43ms
42ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 41ms
41ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 button Show response
www.paypal.com/smart/ Frame 0356 63 KB
14 KB 333ms
290ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6d53ef12419ef5078b694d9fb9d1d7e76aaaee46e74ee0ec985158913a16d88

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Wed, 10 Aug 2022 22:00:12 GMT
dc: ccg11-origin-www-1.paypal.com
p3p: true
paypal-debug-id: f2990777711a8
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2990777711a8-fc82e514f8277595-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-lhr7377-LHR, cache-lcy19240-LCY
x-timer: S1660168812.324994,VS0,VE258
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame ED50 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame ED50 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 9D65 126 KB
34 KB 50ms
48ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
age: 65875
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 03:42:17 GMT
etag: W/"62ded20e-1f7d4"
expires: Thu, 11 Aug 2022 03:42:17 GMT
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-id: 24mBOmTUqGYtrs2f-ZaMlHJ97F8Oj6WuGzdbyIyVCFz5WBuFD7zmgQ==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 7D44 126 KB
34 KB 91ms
89ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
age: 65875
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 03:42:17 GMT
etag: W/"62ded20e-1f7d4"
expires: Thu, 11 Aug 2022 03:42:17 GMT
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-id: LJwx3Iyx3bmPjUkFdeIkCzezitWY6ertVfTeVPfv0J8XCdVHRV2f4w==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame AC5D 126 KB
34 KB 103ms
102ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
age: 65875
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 03:42:17 GMT
etag: W/"62ded20e-1f7d4"
expires: Thu, 11 Aug 2022 03:42:17 GMT
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-id: YSMRvaKBt6B3SwSYXIsITbmVc8fTreXl2VItNYq8zrlbgXBdrP8BWw==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 3C5D 126 KB
34 KB 129ms
128ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
age: 65875
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 03:42:17 GMT
etag: W/"62ded20e-1f7d4"
expires: Thu, 11 Aug 2022 03:42:17 GMT
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-id: BoLDKLXmpTJszny5vMmzVl14rAhoZ-xuWCAyetTNQAyHRzXqyuLlWA==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame C9AC 126 KB
34 KB 137ms
136ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
age: 65875
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 10 Aug 2022 03:42:17 GMT
etag: W/"62ded20e-1f7d4"
expires: Thu, 11 Aug 2022 03:42:17 GMT
last-modified: Mon, 25 Jul 2022 17:25:34 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-id: wEpQSggkqFEeJSlhR46ZxM2X1u5VQ-XBywN-16Eb-2ocXDBgkCUVjQ==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1008 B
2 KB 265ms
265ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e57deb7b20b0aff1dbfaeea96813ec82f97e3336302edd654e4f414ef2ef1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://1.customs-epay.com/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f6560381d12ef
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7338-LHR, cache-lcy19274-LCY
traceparent: 00-0000000000000000000f6560381d12ef-bd3939d5965ed762-01
x-timer: S1660168813.598800,VS0,VE209
etag: W/W/"3f0-4/5BKzHW1eGup2QcIFNxO0s/S98"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1.customs-epay.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 266ms
209ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://1.customs-epay.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 10 Aug 2022 22:00:12 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f29907717ccd3
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f29907717ccd3-3f4f64ea46d5dc12-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-lhr7353-LHR, cache-lcy19274-LCY
x-timer: S1660168812.361058,VS0,VE180

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
161 KB 287ms
187ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P42UiNUY7bFv6yklQfNjLjAGM5QjnKuchE6hBcs4Ko0ewPlGSY9qgHcO9ABYQZ6Z4spiPYrqtLfJogFHYW6mFEGL74j4XcOLxYylD97FfwH5JfZdY2jrIgSqApux0dXDMj6pwUljJwSCd5%2B5MHJyeoQ5yPgambF2TxLM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15552000
cf-ray: 738c00c65e410208-ZRH
expires: Mon, 06 Feb 2023 22:00:12 GMT

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ Frame 9D65 0
292 B 43ms
43ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.braintreegateway.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 43ms
43ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.braintreegateway.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

GET
H2 200 ts
t.paypal.com/ 42 B
838 B 308ms
186ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=CCL%20-%20ePay&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1660168812559&g=0&completeurl=https%3A%2F%2F1.customs-epay.com%2FpD%3Fet%3DMjc2OTU4MTNiYTVmMzg2OTgzNzUzZDZhZmQ2MjM2YTI%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1.customs-epay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 721c7ab819a78
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-lhr7328-LHR, cache-lcy19244-LCY
pragma: no-cache
traceparent: 00-0000000000000000000721c7ab819a78-64c9092db38359f5-01
x-timer: S1660168813.695200,VS0,VE157
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 22:00:12 GMT

GET
H2 200 checkout.min.js Show response
www.paypalobjects.com/api/ Frame 0356 862 KB
188 KB 34ms
34ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
paypal-debug-id: 189e9096f1aee
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 192776
x-served-by: cache-sjc10027-SJC, cache-lcy19249-LCY
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
traceparent: 00-0000000000000000000189e9096f1aee-82553a7f16d120d4-01
x-timer: S1660168813.625609,VS0,VE0
etag: W/"6266d4b0-d7987"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
x-cache-hits: 1, 30

GET
H2 200 button.js Show response
www.paypalobjects.com/api/xo/ Frame 0356 435 KB
76 KB 34ms
34ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/xo/button.js?date=2022-7-10

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 74ea1c43381b1
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 77971
x-served-by: cache-sjc10079-SJC, cache-lcy19249-LCY
last-modified: Tue, 15 Feb 2022 20:45:55 GMT
x-timer: S1660168813.625566,VS0,VE0
etag: W/"620c1103-6cd65"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
x-cache-hits: 1, 81533

GET
DATA 200
OK truncated
/ Frame 0356 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0356 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 graphql Show response
www.paypal.com/ Frame 0356 2 KB
2 KB 271ms
271ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/graphql?GetNativeEligibility

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-7-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2342738e944a6e1766a51396acf98f83e024f55212edce41fc33f12ee95d4569

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GnksKqEnAjnn4GEMdXoXxKVTQ7zmXJIB+NMNVjn6MC1wUMeh' 'self' 'unsafe-inline' 'unsafe-eval' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1
accept-language: en-GB,en;q=0.9
x-app-name: smart-payment-buttons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GnksKqEnAjnn4GEMdXoXxKVTQ7zmXJIB+NMNVjn6MC1wUMeh' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f6560380d498e
date: Wed, 10 Aug 2022 22:00:12 GMT
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7360-LHR, cache-lcy19240-LCY
traceparent: 00-0000000000000000000f6560380d498e-bab981e7de5c2480-01
x-timer: S1660168813.752594,VS0,VE243
x-frame-options: SAMEORIGIN
etag: W/W/"66c-i9/+ujf0/mAaBOlSv4Upj2gGE/A"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 42ms
42ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 42ms
42ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:12 GMT
Server: nginx

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 0356 1013 B
1 KB 201ms
201ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c50a94b648b0edb59f7ced84b614ebb3a28660c6201ad746c03e3e6d60aecc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/json

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f656038d1dc13
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7355-LHR, cache-lcy19240-LCY
traceparent: 00-0000000000000000000f656038d1dc13-b99414ce6f408b0e-01
x-timer: S1660168813.784120,VS0,VE167
etag: W/W/"3f5-IuiNusSZbyKjAfje9yMdYcOPJ0M"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 12.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 23 KB
10 KB 186ms
186ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/12.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:12 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 10120
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y7MOjnDaP9bGzZGLQtwzYEwMco5pddYeEh5kft4H97s6vIPtoZv2V4%2BCgRN7RvwXTikof1AAzRqb%2BlPQ73Y4XwNUKVsEcNDhqjOly7sP%2F0WKIxhu6dANmVG35P6IsBdMeg1ciJoEjRvZigfCe1o1wXzuYpgdsVy07SK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 738c00c8492c0208-ZRH
expires: Mon, 06 Feb 2023 22:00:12 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0356 1 KB
2 KB 581ms
581ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2022-7-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3794e76b03054ec49ceccf1e2f0b5cca584a575f8c06e2d3cb132d70fdb2086b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&locale.x=en_GB&funding.disallowed=venmo%2Citau%2Ccard%2Cideal%2Celv%2Cbancontact%2Cgiropay%2Csofort%2Ceps%2Cmybank%2Cp24%2Czimpler%2Cblik%2Cmaxima%2Cboleto%2Coxxo%2Cmercadopago%2Ccredit&domain=1.customs-epay.com&sessionID=uid_b88ca5bc19_mji6mda6mti&buttonSessionID=uid_aa320cc783_mji6mda6mti&renderedButtons=paypal&storageID=uid_d10aeab600_mji6mda6mti&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=c7777033c6&version=min&xcomponent=1
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f656038e8e71a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7336-LHR, cache-lcy19240-LCY
traceparent: 00-0000000000000000000f656038e8e71a-9fa349c62bb0da32-01
x-timer: S1660168813.838588,VS0,VE552
etag: W/W/"400-T5SgLC9aFqP9ThfVNxgvn/8bYTU"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 Init Show response
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 2 KB
2 KB 253ms
253ms XHR
text/plain 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ec1a7de005fe68f6cb445a0b60d23c5861169808fdf6c4e797cb5d77db4d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
X-Cardinal-Tid: Tid-40f4be79-2141-4690-8356-93bd713f3562
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKZ73Qg5wOa3sIAgBQHSxZYirxKx5CNLFA%2Fa5nGAiDv5S4HlrImQg%2F4Bc%2FVvMxuNXCaD5X4YzkgHlhRaF7usO2KsHXLUC7s%2FmRLtnPJtLc9%2FfO6nJ%2BxkbaeHIsaVBZy6qgv49mHcqACy%2BsgrFlwVi2nWT7evcvcrr3Q59INk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://1.customs-epay.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
strict-transport-security: max-age=15552000
cf-ray: 738c00ca9d130208-ZRH

OPTIONS
H2 200 Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 0
0 186ms
172ms Preflight 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-cardinal-tid
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-origin: https://1.customs-epay.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 738c00c98b630208-ZRH
content-length: 0
date: Wed, 10 Aug 2022 22:00:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bpsz2DtWLN8aNfZgplkwS5sdDq2rS2JxDaGQncTxV3ieD4cZ1crOUtLG7cywD%2BbiSEUdaprpds4%2BSt%2BdzFGyacgrvrdQFS8fHRZhWSdmUyOfZ0Gs%2Fy4MYCzaxJVQ%2BY6N09zsyy3QPSJp6RpEeCChi4sogcSrzzShzb920PkR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 11.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 26 KB
11 KB 189ms
189ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/11.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 10912
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BpzN3nqWrpTqy1oa7hWNkm0T6XuXVVWFJi%2F%2BI4TY78GdoHryZxH2BAZ1k2ixCldShu9BtaJw7bezJBOxJoF8s9aLUJ4P4Q7FabzRvqpn1j9pc5GBxkmM1prAhGcw0sDAhaFUBVKVTHLIyLXKyOf4%2BgN3Zjho84kvAVA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 738c00cc3f980208-ZRH
expires: Mon, 06 Feb 2023 22:00:13 GMT

GET
H2 200 Render Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 06CB 4 KB
2 KB 199ms
185ms Document
text/html 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51076c70ec427c4089567e11e7d10a9747f61fca073ec106998372e282323c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 738c00cc59ce233d-ZRH
content-encoding: gzip
content-language: en-GB
content-length: 1241
content-type: text/html;charset=ISO-8859-1
date: Wed, 10 Aug 2022 22:00:13 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JnVk4fXeYQfSHQ9s27KKw267StLcQNGN1p2PnfnU6QEEfEYG3yvyNAp89pVcnZTo9IYLR4rI6WNIa2HKuA2XEq64kuIRqfhMzJFiPQcW08jnbn47dLScfnlpCJpx0mdcM%2FcN75DrKAN6KO1LZju076Fx8%2FHPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: accept-encoding

GET
H2 200 3.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 24 KB
10 KB 184ms
184ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/3.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1.customs-epay.com/
Origin: https://1.customs-epay.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 9871
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUiUfdBdlkHilt59n9oECBekyrEj%2BQEAU3%2B3g8s03SgZnzkNO2jqlC6pnOSKeRJ8itu%2FoKmyK8NqiWkvQ68BvRZSu49X0TtlNOsov3tGw8XJVJUTFps7eA%2B%2BJ7yDrNpbX0aibyOsGgx1bgJ%2FzXDpHfl5ok264xHOKhjA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 738c00cd79420208-ZRH
expires: Mon, 06 Feb 2023 22:00:13 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 06CB 87 KB
28 KB 149ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2520183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os7xYH%2BfomYIrmKYzX0nhYlICOA0lMHO6SUVLQlfqdBG%2F%2BH5yvIoFfsfuFOJ5T5ESsWN2ZyXFBcXlWuRMsYesdmwcvEc0UlHjuJSfa6wrLZswYwbIjEYAGncjiMgLOVd4wmfFYM8gfa6UlLupjJ0GxYg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 738c00ce2f160204-ZRH
expires: Mon, 31 Jul 2023 22:00:13 GMT

GET
H2 200 json3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame 06CB 8 KB
3 KB 156ms
60ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 93042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3209
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec9-1fd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uRgztoo9oUAcnfaJD48v4mf69KFmpIIF8VEnN3BGe6jcBL6EDlvyXfXEp%2Bu99uRc2H4Da7%2FpaCAEA7d5VICPl4%2BuPVlOS6nMu%2BqSCXcV2GMTmYMpVrewDUiKZxoh3K6pecRtIKbhQ3%2B7RiiJ%2BBMEbe5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 738c00ce2f180204-ZRH
expires: Mon, 31 Jul 2023 22:00:13 GMT

GET
H2 200 6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 06CB 34 KB
14 KB 73ms
72ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1739
p3p: CP="This site does not have a p3p policy."
content-length: 13530
last-modified: Thu, 16 Sep 2021 14:24:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rUJHkXuLg8t%2BLcxF%2FiBsRA0c9bDImB0P70zYBvQgFGDxmY6HSK26%2B29uBlKjGACQ2n85ChW3Oro81geWKj4Dh%2BHDugE9oKY%2Fd3p3NuVmEAD5ovjeLW5GtStiusoDlEYXFjqsRmEouNtRclGuBuY1qfBZnYLJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 738c00cd8b70233d-ZRH
expires: Thu, 11 Aug 2022 02:00:13 GMT

GET
H2 200 profiler.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 06CB 12 KB
5 KB 64ms
63ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/profiler.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1462
p3p: CP="This site does not have a p3p policy."
content-length: 5284
last-modified: Mon, 27 Dec 2021 19:02:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=th2pugDJg8VBss4zEkgvU4m9JMM1dpS9ssbzNoE62Bb9sJhxSIvBPW7L9jnvJ1LOzv9mFyY0eXyneNb9HAbepVWNXkAcCJddxvCzZM10C8Q49Ljf3k6L1vjMxLHObLc4dkMvO8jXV1FAbYLN0EHiI%2FMFiU%2FxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 738c00cd8b72233d-ZRH
expires: Thu, 11 Aug 2022 02:00:13 GMT

GET
H2 200 acsprofiler.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 06CB 4 KB
2 KB 60ms
59ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/acsprofiler.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 22:00:13 GMT
content-encoding: gzip
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2909
p3p: CP="This site does not have a p3p policy."
content-length: 2078
last-modified: Thu, 14 Jul 2022 14:51:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH5QYnUAh1602RzXNuibcLSZR%2BnL815%2FMOXpES1Nx13AZlmfqSQ%2F6oEsUYGRELG2pzgue%2FLNxFN7kHueY6JVLPVJCgevKJLEE%2F5wNGTlvmkjrVBcmdIkdcZbo6yQo6x6grbylL1gCdDYu0xlbHjeFAkU%2BpgfBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 738c00cd8b74233d-ZRH
expires: Thu, 11 Aug 2022 02:00:13 GMT

POST
H2 200 SaveBrowserData Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 06CB 0
902 B 197ms
197ms XHR
text/plain 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/SaveBrowserData

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=623b4485c703cb2d99dbad7f&tmEventType=PAYMENT&referenceId=1_d30ceb10-f738-47ba-bedf-502c2ba06153&geolocation=false&origin=Songbird
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 738c00cf3de9233d-ZRH
date: Wed, 10 Aug 2022 22:00:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJQ6B8QJzKM4IPdETd9mBMSU6ZQEfEAMlImQApSlU7Ijs7xMCDRcpaok5SVD%2B%2FeM5RPbdMHWl6u1yt4OpFx5lH7mk0fVbpK8uS5vjPsTwH3nCPfGmwofdl%2BXzQf%2FgjqNFSpdG9Wk7tpR1dRudSAFfh9WbFuvRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
access-control-allow-origin: https://geo.cardinalcommerce.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
strict-transport-security: max-age=15552000
content-type: text/plain
content-length: 0

OPTIONS
H2 200 log
writer.cardinalcommerce.com/prod/ Frame 0
0 398ms
390ms Preflight
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 738c00d08e570208-ZRH
content-length: 0
content-type: application/json
date: Wed, 10 Aug 2022 22:00:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ4rWd2IO8eDpDQrpqs8K%2BMWjc7QWZFdTHFGNYB1QatlnebtQ4ij3WCb6oDudhxUvxNZ4%2BKdH416TiDJmBKApzBEk45ddjSVsMR8hPqfcIvJ0JcWX7ZSG44VBeA6rnLDFR%2Fo%2B3QsM27%2FSwi%2BYOhXy%2BPIewUMQFi7%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 4842376441adfff51e41110458fe337a.cloudfront.net (CloudFront)
x-amz-apigw-id: WquRSFl6IAMFnXA=
x-amz-cf-id: QNNRf9LNUwQvn_AE9qeP-gQu7OTYoqr6cH91YB46t4NHZ6uNVZNVdQ==
x-amz-cf-pop: TXL50-P4
x-amzn-requestid: ecb7e388-a928-442d-9ca4-3740fcc55cb1
x-cache: Miss from cloudfront

POST
H2 200 log Show response
writer.cardinalcommerce.com/prod/ 15 B
624 B 512ms
512ms XHR
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Requested by: Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://1.customs-epay.com/
X-Cardinal-Tid: Tid-40f4be79-2141-4690-8356-93bd713f3562
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 10 Aug 2022 22:00:15 GMT
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: TXL50-P4
x-amzn-requestid: 0ce36294-5f56-41c9-8a0e-e69ef63d6dba
x-cache: Miss from cloudfront
x-amz-apigw-id: WquRWGEmIAMFeAQ=
content-length: 15
server: cloudflare
x-amzn-trace-id: Root=1-62f42a6e-4aff9f181ebb78f43e442138;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgEGzB%2FrM7ziwGdb6zaCuX7qhFRiMCs5vIkx5Z4QsACiq0U1I3Nya06g%2FDy2puCU8uLYpnp4ajah1tFYLGRRCa3kSTdWdsSI7EcO5zl4yhIMFZMsyAsW3QPr8E4Y2kUK0OiK9LxnS1RQPEkYMh1LrHGdhmLdUQq3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 738c00d2fa5f0208-ZRH
x-amz-cf-id: 6cYwSwzr3iYYT2Qp8rzjGBnzFjeQjpYNfra3lzq7rhpMh-S49LxzoA==

POST
H/1.1 200
OK 6symzrcfmpsrcxnq Show response
client-analytics.braintreegateway.com/ 0
283 B 43ms
43ms XHR
text/plain 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.32.1/js/dropin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1.customs-epay.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 10 Aug 2022 22:00:14 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 6symzrcfmpsrcxnq
client-analytics.braintreegateway.com/ Frame 0
0 41ms
41ms Preflight 52.58.254.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/6symzrcfmpsrcxnq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.254.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-254-76.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1.customs-epay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://1.customs-epay.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 10 Aug 2022 22:00:14 GMT
Server: nginx

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1.customs-epay.com/	1970-01-20 05:09:36	Name: XSRF-TOKEN Value: eyJpdiI6ImYvV3V5SXdXeGFWelVPcnh4QnhtK2c9PSIsInZhbHVlIjoiTkhJS2IyWHhIVHc2WHFmWmhtNUFWZGdFZzFwM2xQUlo4dDM5T0orbWxaUkxFM1VSS3Q3a0FyYXF4THNDOFBKQndwTXhLSW03aEFWTWV2UjFTaWk3VHYyNnYvbnZPcHE5Q0hKWlh5OTdmWUhFVnZkV0wvSlhteURVVERpV2dhckUiLCJtYWMiOiIzMjgyMGUyZGY1MjJkZDFiZTZhZjBmMGYwMzBmZjIxOWQyYTc5Mjg3NTEwZDk0Nzk4MmNmNmUzMjU3YWY4ZTFiIn0%3D
1.customs-epay.com/	1970-01-20 05:09:36	Name: epay_session Value: eyJpdiI6IjUzdFRLT1pWYWtvUFBRblArWGxQaHc9PSIsInZhbHVlIjoicWE5UnEzdWlpNW9GM2ZBRUh1bGVqc1VBMzNHUGYzazlVdjV2VnhDSXMrc1FNVUlzcjJ6T20xc0ZNS1JmSXI4MFROZ2ROTFVKQTBEeWdlak8vRE4zbXU3U2RFQVd5c0lqSEpBa0lXd2dsOExtNU0zaTdiaEtUVG1sREdpTU9GaFoiLCJtYWMiOiJlNWI2Yjc0NTE5NWQwYjNmNjgwMmI4MTljMWQ1MWQ2ZDVkOTRlYTk4YjZlMGYzYjFmNzBlZDNmMGZhYzBjNWMxIn0%3D
.paypal.com/	1970-01-20 05:10:00	Name: LANG Value: en_GB%3BGB
.paypal.com/	1970-01-20 05:09:30	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 13:55:04	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 14:45:28	Name: ts_c Value: vr%3D89c5b77e1820ad006fdd57b5fe4be61d%26vt%3D89c5b77e1820ad006fdd57b5fe4be61c
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AdA5FzDfWZRZRkuWVp6Ky4bt6IV1d4zSl.nUZ5ByTuCE%2BdmGTLT3ypifRzsoD7dxfHT0XShtOlmmI
.paypal.com/	1970-01-20 05:13:48	Name: tsrce Value: loggernodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2MDE2ODgxMzMxNiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 14:45:28	Name: ts Value: vreXpYrS%3D1754863213%26vteXpYrS%3D1660170613%26vr%3D89c5b77e1820ad006fdd57b5fe4be61d%26vt%3D89c5b77e1820ad006fdd57b5fe4be61c%26vtyp%3Dnew
.cardinalcommerce.com/	1969-12-31 23:59:59	Name: __cfruid Value: 86c5013972d2ea41d4549d1f860a27a506968616-1660168814

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.customs-epay.com
assets.braintreegateway.com
cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
checkout.paypal.com
client-analytics.braintreegateway.com
fonts.googleapis.com
fonts.gstatic.com
geo.cardinalcommerce.com
js.braintreegateway.com
payments.braintree-api.com
songbird.cardinalcommerce.com
t.paypal.com
writer.cardinalcommerce.com
www.paypal.com
www.paypalobjects.com
151.101.193.21
151.101.2.133
151.101.65.35
18.66.192.73
18.66.97.40
217.196.239.230
2606:4700::6811:180e
2606:4700::c6d9:fbfb
2a00:1450:4001:812::200a
2a00:1450:4001:830::2003
52.222.214.74
52.29.159.59
52.58.254.76
02c93fedf284ce5c2974f42ab35ad15754852d1dbc94d2d9032df250d2ad7f20
0717a5d563f878d443a0d49661ab10f9dff5d67490bf2e5821d679981e75ee77
10536556a0f08ee63428310413e2db94f2023d857559dd393ce8c2bc6f8cbd02
13ae042538e57b4b35eb8ab3089d889035008154e06c05be2d3f31c509f03eda
13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77
13ec1a7de005fe68f6cb445a0b60d23c5861169808fdf6c4e797cb5d77db4d29
1657bbfe80e2bbda76d5898e4ac87bbae780bc5efefcfca0646e0394174ad0fc
16756baee908cf5b24577c3a54f87bb28daf55f5f445c8de76db9bd82b54b202
2342738e944a6e1766a51396acf98f83e024f55212edce41fc33f12ee95d4569
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2630e9af8c0ac989f392285b07aaa1873634289b1e279154990d0551bcffff5f
28e0c23278b516040413db264c90929581a34de52e2296f2d73e3b2e9633e7fa
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
352253c69dc2ea8e161032865a54da7f4c23784dae7f045976e3cdf49512ea1f
3794e76b03054ec49ceccf1e2f0b5cca584a575f8c06e2d3cb132d70fdb2086b
48dd1a4a25c24176c1fd58af401f7fbda6cccbc78781f73701d2c999d9873491
49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8
4e83e2da0fe25d39b28118a9fb64e3f512a1846cd0afbf39e3d4bd786c4c10d6
5101a504830782796ab3a6a26a9ae62028124bad7e7b5f00b9eb45a76d8849d6
59b0a24d0ee7c0d64c8f07e6d1e19a3f5e0b7ad87d3f8d728d184bfa26583cc3
5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a
5d72fa5225a251313d359b5e195b0c788bd26b0cd0749886dee420ac46ba86f1
6504ed11843b0563494c7a7a54fac4306f4975fa569a987afd85791bce33eee8
672394133a60c9777aee30b5d938d99c7dc2f2b64d1d06c5ed035a09b9ec230c
6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7a8acb2ec6ff7947b7ed2606870c7bbdddd3c02ae7800064797524de0cae44d3
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99
9e57deb7b20b0aff1dbfaeea96813ec82f97e3336302edd654e4f414ef2ef1f4
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a51076c70ec427c4089567e11e7d10a9747f61fca073ec106998372e282323c2
a6555b1c4340cf60287bc2659ede68d30bef2c8dd72174bc2f75054fb885fdef
a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b12edb946d5f0afedb272f233c600cf8e635ade668ccd839525264a3fececc0e
bd76c3c84fedf9055d5f42d83330e993e4433eb5a88114f471eed3bf28674c19
c50a94b648b0edb59f7ced84b614ebb3a28660c6201ad746c03e3e6d60aecc73
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
d412e37ad91838a27d9db29a2c39f6baf75e1ca71f41566d61b114c0aa8b7886
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
dee500a67a4d5563c317f1766d0f3c0fe16d285a3aeb992a01a33259a191ca6e
dfb494c4e0364293f33dbeef360acbdd8d625306f8dae005576b7b0fe9926c27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5152c883385e8b17bb8502d11112397b17332dcfdf04ae61d99b08084aea60f
e5b14779e2b906a3af740cae92717197126946f320d2112b458331f876f7b70c
e68bf9d64b83df35e027df5521b6a9ffb3ad9f46d03fa80b3ad74373d0048829
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
f1ca737ab6b301f59b2a5cd5eb2a5d0ac23da1899a850dbcd1a5ba199b927f46
f6d53ef12419ef5078b694d9fb9d1d7e76aaaee46e74ee0ec985158913a16d88
f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

1.customs-epay.com Open in urlscan Pro 217.196.239.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

31 %IPv6

9 Domains

16 Subdomains

14 IPs

3 Countries

1465 kBTransfer

5834 kBSize

11 Cookies

2 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1.customs-epay.com Open in urlscan Pro
217.196.239.230 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

31 %
IPv6

9
Domains

16
Subdomains

14
IPs

3
Countries

1465 kB
Transfer

5834 kB
Size

11
Cookies

80 HTTP transactions
5 data transactions