payments.freedompay.com Open in urlscan Pro
64.74.156.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fplynx.com/ff796cc8-cff7-430e-9bf0-77c431c576ee
Effective URL:
https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Submission: On February 13 via manual (February 13th 2024, 7:25:57 am UTC) from DE — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 66 HTTP transactions. The main IP is 64.74.156.49, located in United States and belongs to FREEDOM-PHL-AS, US. The main domain is payments.freedompay.com. The Cisco Umbrella rank of the primary domain is 589316.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 4th 2023. Valid for: a year.

This is the only time payments.freedompay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.74.156.36 64.74.156.36	12178 (INTERNAP-...) (INTERNAP-2BLK)
14	64.74.156.49 64.74.156.49	35872 (FREEDOM-P...) (FREEDOM-PHL-AS)
13	64.74.156.34 64.74.156.34	35872 (FREEDOM-P...) (FREEDOM-PHL-AS)
4	2a00:1450:401... 2a00:1450:4013:c06::5c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	2606:4700::c6... 2606:4700::c6d9:fbfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
66	7

1 64.74.156.36 (United States) 1 redirects

ASN12178 (INTERNAP-2BLK, US)

fplynx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 64.74.156.49 (United States)

ASN35872 (FREEDOM-PHL-AS, US)

payments.freedompay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 64.74.156.34 (United States)

ASN35872 (FREEDOM-PHL-AS, US)

hpc.freedompay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c06::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
centinelapi.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
writer.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	freedompay.com payments.freedompay.com — Cisco Umbrella Rank: 589316 hpc.freedompay.com — Cisco Umbrella Rank: 74615	1 MB
18	google.com pay.google.com — Cisco Umbrella Rank: 2648 play.google.com — Cisco Umbrella Rank: 34	423 KB
14	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 24929 centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 22659 geo.cardinalcommerce.com — Cisco Umbrella Rank: 22927 writer.cardinalcommerce.com — Cisco Umbrella Rank: 24154	210 KB
5	gstatic.com www.gstatic.com	103 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	31 KB
1	fplynx.com 1 redirects fplynx.com	155 B
66	6

	Domain	Requested by
14	play.google.com	www.gstatic.com
14	payments.freedompay.com	payments.freedompay.com
13	hpc.freedompay.com	payments.freedompay.com hpc.freedompay.com
5	geo.cardinalcommerce.com	geo.cardinalcommerce.com cdnjs.cloudflare.com
5	songbird.cardinalcommerce.com	hpc.freedompay.com songbird.cardinalcommerce.com
5	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	hpc.freedompay.com pay.google.com payments.freedompay.com www.gstatic.com
2	writer.cardinalcommerce.com	songbird.cardinalcommerce.com
2	cdnjs.cloudflare.com	geo.cardinalcommerce.com
2	centinelapi.cardinalcommerce.com	songbird.cardinalcommerce.com
1	fplynx.com	1 redirects
66	11

This site contains no links.

Subject Issuer	Validity	Valid
*.freedompay.com Go Daddy Secure Certificate Authority - G2	`2023-05-04` - `2024-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-03-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Frame ID: 04D8CBE0E3FBDC5285F3041818780CA2
Requests: 23 HTTP requests in this frame

Frame: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
Frame ID: C32ECBEE996442135210CEA2BB5B6EC2
Requests: 6 HTTP requests in this frame

Frame: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
Frame ID: 65D8F2506A7BB13DE25BB3B11092C21F
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=
Frame ID: 4B25E6D36FA982F4A0B567C6A6547F3B
Requests: 14 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird
Frame ID: 5B56660DC2BA1DA16E949ED76872E140
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BERWI WS Grand Berlin Ecomm Payment Page

Page URL History Show full URLs

https://fplynx.com/ff796cc8-cff7-430e-9bf0-77c431c576ee HTTP 302
https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

11
Subdomains

7
IPs

3
Countries

2252 kB
Transfer

3755 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fplynx.com/ff796cc8-cff7-430e-9bf0-77c431c576ee HTTP 302
https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Payment Show response
payments.freedompay.com/Checkout/
Redirect Chain

https://fplynx.com/ff796cc8-cff7-430e-9bf0-77c431c576ee
https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d

106 KB
106 KB

519ms
206ms

Document
text/html

64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ff13426a84984a5d0d9f3bc0d66aa460cb0ee8b4911f4bbf6ca7d8a94f1f4d4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 108589
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 07:25:51 GMT
Expires: 0
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

date: Tue, 13 Feb 2024 07:25:51 GMT
location: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET

GET
H/1.1 200
OK Simple
payments.freedompay.com/Checkout/Styles/ 64 KB
64 KB 374ms
189ms Stylesheet
text/css 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/Styles/Simple?v=PujHJYeupsN63xwpYWt1tpLJ7PjoRKqHiC8284JRGoQ1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e8b3331d2d6f409ca4e6bfc87050b6a804da4e6e94dcdf34101ba3616a23d96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/css; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 65555
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK jquery Show response
payments.freedompay.com/Checkout/bundles/ 83 KB
83 KB 374ms
190ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 84814
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK jqueryui Show response
payments.freedompay.com/Checkout/bundles/ 234 KB
235 KB 378ms
192ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/jqueryui?v=nmuMA-O4C0zphhL2ApoyudBi4v4VCXr0cCFlFmBK2eU1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 239752
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK jqueryval Show response
payments.freedompay.com/Checkout/bundles/ 44 KB
44 KB 380ms
193ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/jqueryval?v=l6TDTuZE9RVgXTlVOAc4C2uaFEcshao9OcBFLOqMGeo1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 44682
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK jqueryajax Show response
payments.freedompay.com/Checkout/bundles/ 3 KB
3 KB 289ms
100ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/jqueryajax?v=OogFi3g5HLuGIHAgSqPk_6zluJg3HjxNAuUL0uNC8a81
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 3077
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK v-mask Show response
payments.freedompay.com/Checkout/bundles/ 6 KB
7 KB 368ms
97ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/v-mask?v=UJ5DseB4YY3hNO1XBnbpfPQrIjJQEQm85uEsmtwuhHQ1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 6548
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK system Show response
payments.freedompay.com/Checkout/bundles/ 103 KB
104 KB 482ms
193ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/system?v=KaCyNOgWjAX4ggj2RU5eIxi5B-YKDvNg_CRUz7gJGW81
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 339840ea04713fb4edf27dcb6dae955f7e904a75e00ea912920b1f96c536d397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 105795
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK hpp Show response
payments.freedompay.com/Checkout/bundles/ 27 KB
27 KB 194ms
97ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/hpp?v=-ltgMXvQPGAezm9YN2ERPqJ-PDVYbd6sudX4X_-e6Oc1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fbff6b7eaf64a1ff20536552b93e1901226e6b365d23ff06a34beee43151d8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 27445
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK pay Show response
payments.freedompay.com/Checkout/bundles/hpp/ 134 KB
135 KB 293ms
98ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/hpp/pay?v=8LLt2ykxeYNHHHJbMswCwNghB5RdvCn2rMlw1V8sq-k1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dcf9aa77429edd435e7f53f057bbe8b1cb1138c3449fa2dfb6613d6bea02c682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:51 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 137374
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

GET
H/1.1 200
OK hpc_min.js Show response
hpc.freedompay.com/api/v1.5//cdn/ 83 KB
83 KB 519ms
197ms Script
text/javascript 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.26884
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e85f80ee3b632df01da191cbaf729b8d21d9dff1269de9bf8e99f219d19f98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Tue, 13 Feb 2024 07:25:52 GMT
Cache-Control: public, max-age=172800
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 85036
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Model Show response
payments.freedompay.com/Checkout/System/ 3 KB
3 KB 99ms
98ms XHR
application/json 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/System/Model?cultureCode=en-US
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 746b52aed3f35781b706745f629af9e7555bebbdc7a18fc1c139fd594e828ff1

Request headers

Accept: */*
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Cache-Control: private,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 3189
Expires: 0

GET
H/1.1 200
OK v-mask Show response
payments.freedompay.com/Checkout/bundles/ 6 KB
7 KB 97ms
97ms Script
text/javascript 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/bundles/v-mask?v=UJ5DseB4YY3hNO1XBnbpfPQrIjJQEQm85uEsmtwuhHQ1
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:52 GMT
Last-Modified: Tue, 13 Feb 2024 07:25:52 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 6548
Expires: Wed, 12 Feb 2025 07:25:52 GMT,0

POST
H/1.1 200
OK HostedPaymentControls Show response
payments.freedompay.com/Checkout/ 1 KB
2 KB 249ms
249ms XHR
text/html 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/HostedPaymentControls
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 196843753ced2012eba61c14ad3507017bc373cbb6b1bd1ecf88d9be9dcc232a

Request headers

Accept: */*
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Session-Key: eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 1073
Expires: 0

POST
H/1.1 200
OK HostedPaymentControls Show response
payments.freedompay.com/Checkout/ 1 KB
2 KB 223ms
223ms XHR
text/html 64.74.156.49
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.freedompay.com/Checkout/HostedPaymentControls
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.49 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 38fe39e85d66f7d9cffafa828b097eb6f6a2070c53d3672c37523e058731ebf1

Request headers

Accept: */*
Referer: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Session-Key: eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private,no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Content-Length: 1025
Expires: 0

GET
H/1.1 200
OK controls Show response
hpc.freedompay.com/api/v1.5/ Frame C32E 3 KB
4 KB 178ms
177ms Document
text/html 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw

Requested by

Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

82551503c5a1f6426f347ce0fa72ed79036c7cf76f9b4e4f3f55b3a60f97a71e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com https://play.google.com; default-src 'none'; font-src https: 'self'; frame-src https://pay.google.com 'self' https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'

Request headers

Referer: https://payments.freedompay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 3536
Content-Security-Policy: connect-src 'self' https://google.com/pay https://www.google.com/pay https://pay.google.com https://play.google.com; default-src 'none'; font-src https: 'self'; frame-src https://pay.google.com 'self' https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 07:25:53 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H/1.1 200
OK controls Show response
hpc.freedompay.com/api/v1.5/ Frame 65D8 47 KB
47 KB 295ms
132ms Document
text/html 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg

Requested by

Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

9bee882341decfc51b288d55464fbce5520b30b876e12268b795eedb9422ccc5

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'

Request headers

Referer: https://payments.freedompay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 48159
Content-Security-Policy: connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Feb 2024 07:25:53 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H/1.1 200
OK default_min.css
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame C32E 8 KB
9 KB 127ms
102ms Stylesheet
text/css 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55e53960e8c1ca0bc34a292b0e78d53a11dec422f9321456f904378316b0a3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Content-Length: 8632
Expires: -1

GET
H/1.1 200
OK default_min.js Show response
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame C32E 233 KB
234 KB 230ms
103ms Script
text/javascript 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c70b34f91e9cfd862c3247a46a4a2f964e3680a6e41f8141c27d18a1ef6f27b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Content-Length: 238993
Expires: -1

GET
H/1.1 200
OK messages_en-US.js Show response
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame C32E 4 KB
4 KB 233ms
104ms Script
text/javascript 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/messages_en-US.js?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Ik1HWm5hT1pJOHZITnR4angiLCJ0YWciOiIxcnRCWVV1NWlsckdQWm5XNTZZdnlRIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.eOnu2D0yKuPVOFthzjADqFcxMN_x7mirF6mEmKveEh7bAWxOUmnM6kvAgxDA0FalKF1tDBWcEyErYXneYyGybA.Dz5zyUDqDvG5mwLpV8j_0g.qhiyYWsrDim1TZhtk6JkxrfkeLXGWGsOREAA42JXoGtI7s9eUzxTWyLEBophdxY0Slwyc_3TPM-qwh1StrnvP20n-bYMRBBsHeMeEhtIocPV5tdU8QQlqg70KyUUJopy5H4ku_XEg1oLgVFS1fZ5sue_pvzveos5X_qlTJ5ZetGDm0WSAj9gFx3SNB61BTeT_G8ElJW7NEko7OEyChEcBrj-q3GyB1PHwTcjUdcZIpO-AAkMuM3UMUb_5WMyoEb1cxYPNjfqHGdcDZ7UOOl1--2FuuzECs0TNXwchq-Q8SBGECHGgIU0wS-P25MQSArPJOIw4M2OvU_A6qKhU-z9wt9yc9NmpW9LmmGn2WLMBK5sozJf3JU_6dQ6-mHCbSifQSWKy2Dc1RwAMky0gkkKerhCKmBarUldKKmftWq_iyweP4Y7fL-_IYsNv3tVh3rI-RwjWCI0AsAeK4izpiAiOgJb2dQJkr09iJ5zZGBrqeBLNN0BBYGnF64LJHIknHknjajA1FlVULu1yBIwYdwY0w.Il1PeoHDDXpbZDY3iTYfGoHSEl5dTd1k0sbv8U7C0bw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Last-Modified: Wed, 10 Jan 2024 23:47:22 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Content-Length: 3594
Expires: -1

GET
H/1.1 200
OK default_min.css
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame 65D8 8 KB
9 KB 152ms
99ms Stylesheet
text/css 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55e53960e8c1ca0bc34a292b0e78d53a11dec422f9321456f904378316b0a3c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Content-Length: 8632
Expires: -1

GET
H/1.1 200
OK default_min.js Show response
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame 65D8 233 KB
234 KB 250ms
196ms Script
text/javascript 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c70b34f91e9cfd862c3247a46a4a2f964e3680a6e41f8141c27d18a1ef6f27b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Content-Length: 238993
Expires: -1

GET
H/1.1 200
OK messages_en-US.js Show response
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame 65D8 4 KB
4 KB 160ms
105ms Script
text/javascript 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/messages_en-US.js?v=24.1.0-release0001.10458
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:53 GMT
Last-Modified: Wed, 10 Jan 2024 23:47:22 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Content-Length: 3594
Expires: -1

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame C32E 117 KB
36 KB 130ms
67ms Script
application/javascript 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=24.1.0-release0001.10458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45cc7ccf4486a2477e5ec8e26f7f5e0c72bc67cd6b5e0721f06486eb1ac13811

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AwTwQdyuoUJJo8Btqh-SnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AwTwQdyuoUJJo8Btqh-SnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiJujafOadWwCCyZcSwIAp8E2hQ"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 13 Feb 2024 07:25:54 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4B25 19 KB
8 KB 224ms
223ms Document
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a4c21cd9b4a18f88e2875221d1ec58701aef55fa93743baddcc95a4941d5d7b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1l1gRdKOzTaNB168Goa2QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hpc.freedompay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1l1gRdKOzTaNB168Goa2QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiIejafOadWwCD6YdvcsIAOBvNzc"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 dark_gpay.svg
www.gstatic.com/instantbuy/svg/ Frame C32E 2 KB
1 KB 36ms
7ms Image
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark_gpay.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding: br
x-content-type-options: nosniff
date: Fri, 09 Feb 2024 23:10:52 GMT
age: 288902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 871
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="instantbuy-eng"
vary: Accept-Encoding
report-to: {"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 23:10:52 GMT

GET
H/1.1 200
OK security_code.svg
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame 65D8 27 KB
27 KB 99ms
99ms Image
image/svg+xml 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/security_code.svg
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: no-cache
Content-Length: 27537
Expires: -1

GET
H/1.1 200
OK padlock.svg
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame 65D8 6 KB
7 KB 101ms
100ms Image
image/svg+xml 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/padlock.svg
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a9325ce7092be3c81e8b5ccf49db9bd84061c73133bda6972fa6288c2e35cafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=24.1.0-release0001.10458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: no-cache
Content-Length: 6651
Expires: -1

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 81ms
37ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.26884

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.freedompay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1735
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kq%2BvXATauGqTjSHCKVKzZ38OcT59tv0bTQSW1u7u8zIPYiJHVl9N0QaREZt5B%2FXp3a8x6ooQHZ%2B%2FzhKTrJoRfSRd4Be%2BMeQatd2NdqxW9S4EG%2BHW5X2b3nMQkgjfjB%2FqgnfAKxI%2FB5nLAClmeoou1hIaiscV8i3w%2BXh3"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 854b570ebcf171af-FRA
expires: Tue, 13 Feb 2024 11:25:54 GMT

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
153 KB 174ms
153ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payments.freedompay.com/
Origin: https://payments.freedompay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhOqjdzq6%2FXthdKlqtiAS%2BO9s4%2FBLfTiMOKuYixZzUbmxoj%2FHgPEwO60Z7qV6uz%2B6z%2BgZbb5Si1XinMNHc6C1U8K0nsu%2Fi%2FIuyaceLASLlZ9vHRGuvXe82l8H%2FqyrisD6DGY50w7%2BHfeTsrLOuO5AnJMf%2FOjzk0eCC1w"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 854b570f19149a0b-FRA
expires: Sun, 11 Aug 2024 07:25:54 GMT

OPTIONS
H/1.1 200
OK update
hpc.freedompay.com/api/v1.5/consumer/auth/ Frame 0
0 385ms
104ms Preflight 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/consumer/auth/update
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://payments.freedompay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type
Access-Control-Allow-Origin: https://payments.freedompay.com
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 13 Feb 2024 07:25:54 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

POST
H/1.1 200
OK update Show response
hpc.freedompay.com/api/v1.5/consumer/auth/ 0
273 B 112ms
112ms XHR
text/plain 64.74.156.34
FREEDOM-PHL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hpc.freedompay.com/api/v1.5/consumer/auth/update
Requested by: Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=1.0.0.26884
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.156.34 , United States, ASN35872 (FREEDOM-PHL-AS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payments.freedompay.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6InRBbF82X0c5b2k4U3Awdk0iLCJ0YWciOiJSQi1TY2xQVTRZWGlGRFVVVzU2WmZBIiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.VevhezFKPXUECuuy9Eb1LziDa3thHYI6Rd6NpBTua62UJm2PpzfYKHAoqJ7urks4PfvOwKLQbz8KL-STZyAQJg.LaSLQeXy3AsVlPORJjMnLQ.CIEc4cvgfNpgGjlLZsi7KNR0gNVe-qlIpwdppER184IS3_v5Q6X3tMoOcF_7Mc3P8-J4yLzSXGiWaudTZH1y4wO_-4Wpq6zw_sS-1pFtQRB51ZEwB80RA6FEI8D0VM0i60qSjmpYST2yiW3r2loPqrdDHrZX_UAvrf5fP-EGKIGH5gi9gCqBYJvwOsvKluTbeR3IFyxqOAK6ml6AlJdt7JT7-MxRUSt9r8uLzif0vZTntpwrqfkJKfSmtEx-n-I4sf0lvDPVGwURXqnsNNN3A-1aZMXv-x55jnHA5crdRpF9V3r47kQo_PYVgPdK0dx6OMv9jhr5C-Mtar_j1paDdoSsSdStRPw_2-zFq10wCUK00HY0XJGr8WGcpCBGWY3330zv88sRdOAYWkNbVePO1_NW_Ti39MbCEq9QYDGC99GWULkv2MGFs_mtKFbH6bpzou3zKBVf1yJGFhCR5CiA8Ito1iidg92j1zzI6837mxsuWaA78sQiaaITGckhpfiA.zRpIqUFvNrDQ6KJtimbfsWD1b8SXwKWHgW0LDUzw9jg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 13 Feb 2024 07:25:54 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: https://payments.freedompay.com
Cache-Control: no-cache
Content-Length: 0
Expires: -1

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 4B25 157 KB
56 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhTXDE11cRpHwN_nkfE1tJ2jb8-ww/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fhpc.freedompay.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32dcf89bd266c00f7bd15dc12b9b98a5b4bb7715f5a7fc4bfeb75d369059119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56880
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 04:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 17:53:57 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4B25 2 KB
2 KB 117ms
117ms Other
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 4B25 74 KB
27 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhTXDE11cRpHwN_nkfE1tJ2jb8-ww/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27736
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 17:53:57 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4B25 1 MB
377 KB 67ms
66ms XHR
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ab60e966498f54963496e8fbc547e60685acbd1abfe245e1a4fde76d8c6bd61

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-T_0R1YQqmUzsPHWmKEx44A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-T_0R1YQqmUzsPHWmKEx44A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ3VKn8EaBMQ-9TNYY4BYiIejafOadWwCF76_W80EAOG7N4A"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 13 Feb 2024 07:25:54 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 4B25 10 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4131
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 17:53:57 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 4B25 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 17:53:57 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 102ms
58ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 101ms
59ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 95ms
54ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 94ms
53ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 93ms
52ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 90ms
55ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4B25 131 B
156 B 89ms
54ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:54 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Feb 2024 07:25:54 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 137ms
14ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 136ms
15ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 135ms
16ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 134ms
16ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
22ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 138ms
23ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 13 Feb 2024 07:25:54 GMT
expires: Tue, 13 Feb 2024 07:25:54 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 12.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 23 KB
10 KB 123ms
122ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/12.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payments.freedompay.com/
Origin: https://payments.freedompay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 9688
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2P2jPJ0XxwV0EK2RGel9J7hOq7yAWTz4VfTFIouctrzpVH%2BJFgpRyL1hT0r9Rvc7YXIGBeqfw49pbbRB0%2Bk8G%2FrM53WDlElphEvt62NN0n8snmJ4tma6Og6VfR187zMgQiv6TN7pMgfzAAbotkSKnWPOqpeJMDgVuFJ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 854b57123b8c9a0b-FRA
expires: Sun, 11 Aug 2024 07:25:55 GMT

OPTIONS
H2 200 Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 0
0 142ms
127ms Preflight 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://payments.freedompay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: content-type, x-cardinal-tid
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://payments.freedompay.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 854b57132c489a0b-FRA
content-length: 0
date: Tue, 13 Feb 2024 07:25:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCHExQO5%2FEE61yds%2B0iEXZVOsYFCOcs2Kl0JthrlK1mDNEWzmusu9UpMGQAW5r3X9pl2%2FxiVLiEAamDTz3dCvy8B7uDi4ut0s91yUBhJG7jiIm4aaDQs2x%2Bc0BZatbme%2FFP5wBwbUImqHjP1f4SxJ%2FHTo%2BsZj65wxzaFsmFE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H2 200 Init Show response
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 2 KB
2 KB 191ms
191ms XHR
text/plain 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4b598b30505a4fca65c39311d149a37d2de7a575d5466a015a8a3fabc75db6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payments.freedompay.com/
X-Cardinal-Tid: Tid-ecd17e34-70b4-4009-9bd2-3aef95886c99
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwV2oB14jsefQO4m7va2bwPOFiYKNai%2FTS5YwLqKRIrkQPzC71cWTqOwyCsInI4Lyr6Xu%2Bq0I69Yo4WWpeGzPsVTHWQhL4YgVYVURsPHMqR55J3nTYZPlu%2Bll6P5QSbai0WQ0so%2FFzYy%2FSx35xaOeihKupDirJqYoMirkuSg"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://payments.freedompay.com
access-control-expose-headers: Access-Control-Allow-Origin
cf-ray: 854b5713fcd49a0b-FRA

GET
H2 200 11.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 26 KB
11 KB 133ms
133ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/11.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payments.freedompay.com/
Origin: https://payments.freedompay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 10265
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC7il2lMA7int0w%2FIBnjcdn2GRXx%2BKk7T4W1EB6o0nk13CmZ9qeElB0MyywkP06sExre25B%2F4Rs9%2B1ztEWE2RYnr1%2F4Y00by1a1bLhdpmx%2B0SCZCyBY6SPH4m9Vb1qJ3nQtxqdtt8roCNZQc%2BBhoLQ6Y7HBTnvaDU0RA"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 854b57152dcc9a0b-FRA
expires: Sun, 11 Aug 2024 07:25:55 GMT

POST
H2 200 Render Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 5B56 2 KB
2 KB 182ms
143ms Document
text/html 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec42dfd466b5b588f0b5e3b0c7b3e5a10fd5ed66304a5d595896eb1bb8277d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://payments.freedompay.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://payments.freedompay.com
access-control-expose-headers: Access-Control-Allow-Origin
cf-cache-status: DYNAMIC
cf-ray: 854b57158bbf71af-FRA
content-encoding: gzip
content-language: de-DE
content-length: 955
content-type: text/html;charset=UTF-8
date: Tue, 13 Feb 2024 07:25:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvdfbuHhDvERzw%2FcZe%2BV4bUrCdoLLUUBJbdWZ%2F7VIjnQSXVHUPd7vhztAQ7J%2BkIgnhvN4adl4V%2BotYOfN%2FPHEdELmou9349e%2BgUnkotKqd29i%2F1%2FyXSCxli62kPp9kFrBYAnhPyoghaSngNTvEfdny4TrcDL5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers, Accept-Encoding

GET
H2 200 3.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 24 KB
9 KB 133ms
133ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/3.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://payments.freedompay.com/
Origin: https://payments.freedompay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 9295
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: "0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGT6jaoJ7SQuc3%2FvSA9BGWIYlY%2FrVaMnpw7kBbdHz6wKZlPJO3Y%2BdAy9wSIpkggjdgecyLujWxfNjFevm5Aoht6iL9tLcX26MYYOKKWzH5PTY9JtXyXpge043f5iMTHJK7Hfgv2j9svsAKxAQJ2%2Fk1cXOJe3MrQXVDIF"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
accept-ranges: bytes
cf-ray: 854b57160ef09a0b-FRA
expires: Sun, 11 Aug 2024 07:25:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 5B56 87 KB
28 KB 35ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1738684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGO8BRbGQL2lsOJ8KKs8Dhsrfogu3Oz3%2FO%2BlSXYzVOGdXTTPLW%2F1aCBRYD%2BsR1t1lmvtnbfzkZ6xpwAXKvHRV%2FDCm6OaKqwj8VyP1TV%2BlzhW%2BLtRNG%2FPAxCgTdW6L2NPbaaBDdn7CjQCWfqbSyfCfk%2Fh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 854b57169ac13617-FRA
expires: Sun, 02 Feb 2025 07:25:55 GMT

GET
H2 200 json3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame 5B56 8 KB
3 KB 41ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 398953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3209
last-modified: Mon, 04 May 2020 16:11:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec9-1fd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FDAsFlmGWk%2FxCCST3koZmPqaS6IoyvYVn5c%2Bvs6TtGFvqHBCD5wswB020K8YY1Teq6ZN1UEl%2FHUFS9%2F9uHc3K%2BeQykNc5xPQK3N1RxRXbSFzVwJvNPVSnBdS%2BfNTp9BbxmbtpCvXmPHbcu9G5oT8EPV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 854b57169ac23617-FRA
expires: Sun, 02 Feb 2025 07:25:55 GMT

GET
H2 200 6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 5B56 34 KB
13 KB 34ms
33ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1471302
p3p: CP="This site does not have a p3p policy."
content-length: 13047
last-modified: Tue, 09 Jan 2024 22:22:50 GMT
server: cloudflare
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DS%2FguIpZ3EhX0u3JqJSpZrIPMmuZmBAXFpBH%2BfaegrnlOz7XC7UX5TS%2FNMYZzX1rsNvGzpwYsPeCkL8XviaaO7LlBxYTJGV%2F2YQ1Um5wZ6UimunoNGCoDKOAcEWxo5cMVjgT9V1AmxYBf76BtG1N1qp5Nol67Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 854b57167ccb71af-FRA
expires: Thu, 14 Mar 2024 07:25:55 GMT

GET
H2 200 profiler.min-9b15af370acf9a49c263d6ce6eb98aad.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 5B56 12 KB
4 KB 31ms
30ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/profiler.min-9b15af370acf9a49c263d6ce6eb98aad.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e9feb1d841e6203ec015683d93cbb37565b5e1b777c2ecc73e1bf2e1634feba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 959828
p3p: CP="This site does not have a p3p policy."
cf-bgj: minify
last-modified: Tue, 09 Jan 2024 22:23:00 GMT
server: cloudflare
etag: W/"9b15af370acf9a49c263d6ce6eb98aad"
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95tbSxdEoncMQXE22GpReefwuHvOa1hNDY9GBpCiawHjFEbHZRQxAfpQZ5fvNlZW%2BiRSc97NO8NEc0rzXli4Lf6tmm%2Fe2gRT4taRNhTuj53p0d64GPthwXsVmMRvYr95PC%2FzNfGRr9YrkzLA%2BGi7s7tzyKjL1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 854b57167ccc71af-FRA
expires: Thu, 14 Mar 2024 07:25:55 GMT

GET
H2 200 acsprofiler.min-778cef0df8df664fcb2495b12cc3e6ea.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 5B56 4 KB
2 KB 37ms
36ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/acsprofiler.min-778cef0df8df664fcb2495b12cc3e6ea.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883044c771e73c1ec7eb13890f838d2574243667a0ee7c777601173695842e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 359543
p3p: CP="This site does not have a p3p policy."
cf-bgj: minify
last-modified: Tue, 09 Jan 2024 22:23:02 GMT
server: cloudflare
etag: W/"778cef0df8df664fcb2495b12cc3e6ea"
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJoIWSRmipjD3UPVZZQvnVzH3SEQLiZ299mmNxPfcc%2B9mua7bYK30g5w5NpWaPr8%2FHsduyhlcuVqhInPMQM9cyVrLWcGAcW9LqfwiwVrrl9bostkdhk%2BkdiLIyedetzo0jq0HSnVSvdM4G2LD26RWdKnKjuduQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 854b57167ccd71af-FRA
expires: Thu, 14 Mar 2024 07:25:55 GMT

POST
H2 200 SaveBrowserData Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 5B56 0
863 B 140ms
140ms XHR
text/plain 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/SaveBrowserData

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6599ef00c73e4f3cb4ffb89b&tmEventType=PAYMENT&referenceId=0_664cbe4d-5234-4fd1-8d99-be988b2f30e2&geolocation=false&origin=Songbird
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Feb 2024 07:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
adrum_1: n:cardinalcommerce-prod_93ff2f8d-3ce1-43f8-8827-3466b84b528c
p3p: CP="This site does not have a p3p policy."
content-length: 0
server: cloudflare
adrum_0: g:ce3bdaf0-1803-4411-9912-417f56d36fa4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Bpef20tQtz0cJqXzfw26tVnYGFX8Le0ETusF3dBQl83W4OrXZNNhEnu15O5I5MRNwldZLtyxKiXvZrebWV%2BtWQOIERQZD421wQ7G1sk9VuFHT043IJVVGrAOV5eWO4kcoULV5VyCLxA%2F9Bp03mGhKSKmrtpRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://geo.cardinalcommerce.com
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
cf-ray: 854b57174dad71af-FRA

OPTIONS
H2 200 log
writer.cardinalcommerce.com/prod/ Frame 0
0 147ms
129ms Preflight
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cardinal-tid
Access-Control-Request-Method: POST
Origin: https://payments.freedompay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 854b571858889a0b-FRA
content-length: 0
content-type: application/json
date: Tue, 13 Feb 2024 07:25:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwG1tZONbbIlPNODEHZPIfAw47njAkFvasJ8r8uZI1mbxmg%2BFOg2zLpmUF425SMO7u6Dldtcc11NblpY4rMhp3KgpQwhJROX%2B9C8%2FtR%2BpYAN05AJtkxRQxZt9Q4v4qv7zvbAZmwAGmEOD0Mjr8pVfjdAJ%2BtYH9nV6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
x-amz-apigw-id: TEDsqGk2oAMEYIA=
x-amz-cf-id: 6Ij4_rMy0PA5m382_KU7ZXMrF6LP9S1LyB9ARBFFXU2XQ_m1LjNVvQ==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: 767c5b98-8bcc-480f-8143-9489449a126c
x-amzn-trace-id: Root=1-65cb1983-1ff80f5a3616fe725f4dcca7
x-cache: Miss from cloudfront

POST
H2 200 log Show response
writer.cardinalcommerce.com/prod/ 15 B
536 B 204ms
203ms XHR
application/json 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Requested by: Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://payments.freedompay.com/
X-Cardinal-Tid: Tid-ecd17e34-70b4-4009-9bd2-3aef95886c99
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 13 Feb 2024 07:25:56 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: af761aaa-33ef-43a0-98d9-2b8f6ee0bcfe
x-cache: Miss from cloudfront
x-amz-apigw-id: TEDssEHToAMEnkA=
content-length: 15
server: cloudflare
x-amzn-trace-id: Root=1-65cb1984-5691ef0b033dcaac076d9f0f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjS7MJk5WzfO0ENekXF%2BoQNkYUBtYDLo43EPH7YeI9axv41VkLeaBr%2B0BSVTJ8aCYYhAuO7RgZ7teH63lI4rjUy4geZLkQntE9LUrMGgesHXgTIX6nW79JKO6Qj0ISx1UYLZpIZu%2BoNivx9nnXSuCzYLHJooVsrV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 854b5719291d9a0b-FRA
x-amz-cf-id: NvTziWCgB3NIEyT1K0GvXhe-QfYmcITT038X46dHDqzyf1sbKYMIOg==

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 22:47:00	Name: NID Value: 511=phPCr-i66iNqFHwmhSq02Aq2XQDdwAq4gZ3be-wHn_Tmdz38iUWdI6ZwgnEmjSedq3RLAheIRS-xolOgNnXJbZtwv8s2uaemI6YdB0FvmVUAwEXZqNrMaGlfi8hlHdVe8AJkRbqwGPP76hmM294AvDkFHD-mDsBUkUfy4yNT6y0
			.cardinalcommerce.com/	1969-12-31 23:59:59	Name: __cfruid Value: 92e014effa2428c511061617164176090472526b-1707809155

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://payments.freedompay.com/Checkout/Payment?transid=bd4011c4-e93a-4a84-99af-8ddf8066f45d Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
fplynx.com
geo.cardinalcommerce.com
hpc.freedompay.com
pay.google.com
payments.freedompay.com
play.google.com
songbird.cardinalcommerce.com
writer.cardinalcommerce.com
www.gstatic.com
2606:4700::6811:190e
2606:4700::c6d9:fbfb
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4013:c06::5c
64.74.156.34
64.74.156.36
64.74.156.49
14fe511d9b68bb5b9c3620dded26c824bd19a4aee2c89b40b123adbc3fc69afb
18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151
196843753ced2012eba61c14ad3507017bc373cbb6b1bd1ecf88d9be9dcc232a
1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1
1e85f80ee3b632df01da191cbaf729b8d21d9dff1269de9bf8e99f219d19f98f
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a
2ec42dfd466b5b588f0b5e3b0c7b3e5a10fd5ed66304a5d595896eb1bb8277d8
339840ea04713fb4edf27dcb6dae955f7e904a75e00ea912920b1f96c536d397
38fe39e85d66f7d9cffafa828b097eb6f6a2070c53d3672c37523e058731ebf1
391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf
3a4c21cd9b4a18f88e2875221d1ec58701aef55fa93743baddcc95a4941d5d7b
45cc7ccf4486a2477e5ec8e26f7f5e0c72bc67cd6b5e0721f06486eb1ac13811
49f44b77dcf6c6d78e309bdea55a83ff9fcd20f461aa08c11416126d1b3663c8
4e9feb1d841e6203ec015683d93cbb37565b5e1b777c2ecc73e1bf2e1634feba
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55e53960e8c1ca0bc34a292b0e78d53a11dec422f9321456f904378316b0a3c3
5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a
62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7
6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce
746b52aed3f35781b706745f629af9e7555bebbdc7a18fc1c139fd594e828ff1
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
82551503c5a1f6426f347ce0fa72ed79036c7cf76f9b4e4f3f55b3a60f97a71e
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
883044c771e73c1ec7eb13890f838d2574243667a0ee7c777601173695842e92
8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47
9ab60e966498f54963496e8fbc547e60685acbd1abfe245e1a4fde76d8c6bd61
9bee882341decfc51b288d55464fbce5520b30b876e12268b795eedb9422ccc5
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a9325ce7092be3c81e8b5ccf49db9bd84061c73133bda6972fa6288c2e35cafc
b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061
b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7
c70b34f91e9cfd862c3247a46a4a2f964e3680a6e41f8141c27d18a1ef6f27b2
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dcf9aa77429edd435e7f53f057bbe8b1cb1138c3449fa2dfb6613d6bea02c682
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b3331d2d6f409ca4e6bfc87050b6a804da4e6e94dcdf34101ba3616a23d96e
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
f32dcf89bd266c00f7bd15dc12b9b98a5b4bb7715f5a7fc4bfeb75d369059119
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f4b598b30505a4fca65c39311d149a37d2de7a575d5466a015a8a3fabc75db6a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbff6b7eaf64a1ff20536552b93e1901226e6b365d23ff06a34beee43151d8b2
ff13426a84984a5d0d9f3bc0d66aa460cb0ee8b4911f4bbf6ca7d8a94f1f4d4c

payments.freedompay.com Open in urlscan Pro 64.74.156.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

63 %IPv6

6 Domains

11 Subdomains

7 IPs

3 Countries

2252 kBTransfer

3755 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payments.freedompay.com Open in urlscan Pro
64.74.156.49 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

11
Subdomains

7
IPs

3
Countries

2252 kB
Transfer

3755 kB
Size

2
Cookies

66 HTTP transactions
0 data transactions