urlscan.io logo urlscan.io
SecurityTrails logo

www.payments.babylonstoren.com Open in urlscan Pro
35.246.68.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.payments.babylonstoren.com/
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 37 HTTP transactions. The main IP is 35.246.68.38, located in London, United Kingdom and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.payments.babylonstoren.com.
TLS certificate: Issued by E5 on July 31st 2024. Valid for: 3 months.
This is the only time www.payments.babylonstoren.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 35.246.68.38 396982 (GOOGLE-CL...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 172.65.236.181 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.219.229 13335 (CLOUDFLAR...)
1 2a06:98c1:320... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.66 15169 (GOOGLE)
1 172.65.198.159 13335 (CLOUDFLAR...)
1 142.250.74.196 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 172.65.232.43 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 172.65.240.166 13335 (CLOUDFLAR...)
3 157.240.0.6 32934 (FACEBOOK)
8 2a03:2880:f17... 32934 (FACEBOOK)
37 17
11    35.246.68.38 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.68.246.35.bc.googleusercontent.com
www.payments.babylonstoren.com
1    2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
1    172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hubspot.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsadspixel.net
1    2a06:98c1:3200::90:3 (United States)

ASN13335 (CLOUDFLARENET, US)
api-eu1.hubapi.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.65.198.159 (United States)

ASN13335 (CLOUDFLARENET, US)
cta-eu1.hubspot.com
1    142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net
www.google.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.co.uk
1    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
perf-eu1.hsforms.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
8    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 babylonstoren.com
www.payments.babylonstoren.com
352 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
7 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
86 KB
3 hubspot.com
js-eu1.hubspot.com — Cisco Umbrella Rank: 43542
cta-eu1.hubspot.com — Cisco Umbrella Rank: 43086
track-eu1.hubspot.com — Cisco Umbrella Rank: 28501
27 KB
2 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 25412
2 KB
1 hsforms.com
perf-eu1.hsforms.com — Cisco Umbrella Rank: 44346
1 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 4354
64 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
91 KB
1 hubapi.com
api-eu1.hubapi.com — Cisco Umbrella Rank: 41639
1 KB
1 hsadspixel.net
js-eu1.hsadspixel.net — Cisco Umbrella Rank: 40376
4 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 27842
19 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 28245
25 KB
37 14
Domain Requested by
11 www.payments.babylonstoren.com www.payments.babylonstoren.com
8 www.facebook.com
5 connect.facebook.net js-eu1.hsadspixel.net
connect.facebook.net
1 track-eu1.hubspot.com
1 perf-eu1.hsforms.com www.payments.babylonstoren.com
1 www.google.co.uk www.payments.babylonstoren.com
1 www.google.com www.payments.babylonstoren.com
1 cta-eu1.hubspot.com js-eu1.hubspot.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com js-eu1.hsadspixel.net
1 api-eu1.hubapi.com js-eu1.hsadspixel.net
1 js-eu1.hsadspixel.net js.hs-scripts.com
1 js-eu1.hs-banner.com js.hs-scripts.com
1 js-eu1.hs-analytics.net js.hs-scripts.com
1 js-eu1.hubspot.com js.hs-scripts.com
1 js-eu1.hs-scripts.com www.payments.babylonstoren.com
1 js.hs-scripts.com 1 redirects
37 17

This site contains no links.

Subject Issuer Validity Valid
payments.babylonstoren.com
E5		 2024-07-31 -
2024-10-29		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
hsadspixel.net
E6		 2024-06-14 -
2024-09-12		 3 months crt.sh
hubapi.com
E6		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.co.uk
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
hsforms.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-10 -
2024-08-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.payments.babylonstoren.com/
Frame ID: 5C49363A04452DED30F512BF1E3BA94D
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payments Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

28 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

615 kB
Transfer

1636 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://js.hs-scripts.com/3470075.js HTTP 307
  • https://js-eu1.hs-scripts.com/3470075.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.payments.babylonstoren.com/ 		2 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5259eca3e1b854c7fef3d6281b2eb754262aa7c256c468ed0dca21d6821920e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jul 2024 22:13:51 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
app.css
www.payments.babylonstoren.com/assets/css/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/css/app.css
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
531b4916f1c93513e7dcd8cea88a528504eda4364d314c82aaa251831105c83b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 May 2024 09:49:56 GMT
Server
nginx/1.14.2
ETag
W/"663b4ac4-9ba1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
card.css
www.payments.babylonstoren.com/assets/card/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/card/card.css
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
8f8ffc173eeeb88844f2d5695ce99694f13b58828d06b80050f70641646858bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-722c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
bootstrap.min.css
www.payments.babylonstoren.com/assets/css/ 		152 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/css/bootstrap.min.css
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-2606e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
3470075.js
js-eu1.hs-scripts.com/
Redirect Chain
  • https://js.hs-scripts.com/3470075.js
  • https://js-eu1.hs-scripts.com/3470075.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/3470075.js
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
H2
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc2dad08d8da1205435433af983f0f6685b3d3dee1f998626b767aa35d92f366
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
05125a4b-0e5b-47ba-a4fc-ac45a121e95e
cf-polished
origSize=1995
age
855
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
05125a4b-0e5b-47ba-a4fc-ac45a121e95e
cf-bgj
minify
last-modified
Wed, 31 Jul 2024 21:59:36 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://babylonstoren.com
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-576d445cf9-fm8t5
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
8ac0f027ad8dc1dd-DUB

Redirect headers

date
Wed, 31 Jul 2024 22:13:51 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0cee3133-933f-47f6-8c3a-815b4b9e00df
x-envoy-upstream-service-time
5
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0cee3133-933f-47f6-8c3a-815b4b9e00df
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
location
https://js-eu1.hs-scripts.com/3470075.js
access-control-allow-origin
https://www.payments.babylonstoren.com
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-85b74c4c74-zzl5w
cache-control
public, max-age=90
cf-ray
8ac0f025dd00cd10-LHR
expires
Wed, 31 Jul 2024 22:15:21 GMT
logo.svg
www.payments.babylonstoren.com/assets/img/ 		47 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.payments.babylonstoren.com/assets/img/logo.svg
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
d892f0109672132505687dd9d31ff804411367d3defc0e4aefdc16af2fee134a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-bc76"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
jquery-3.3.1.min.js
www.payments.babylonstoren.com/assets/js/ 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/js/jquery-3.3.1.min.js
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-1538f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
card.js
www.payments.babylonstoren.com/assets/card/ 		97 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/card/card.js
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
35ac14b406e734dd5284678f852f285c83fbacf29c109f1c9cc4521849ff17bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-18385"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
bootstrap.js
www.payments.babylonstoren.com/assets/js/ 		129 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/js/bootstrap.js
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-20235"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
app.js
www.payments.babylonstoren.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/js/app.js
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
637548b791dc739d162d046702f99ec74b33bb61d98ea6e98565b97a07a67f06
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
W/"60c1f3b0-15f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
CormorantGaramond-Regular.woff2
www.payments.babylonstoren.com/assets/fonts/CormorantGaramond/ 		182 KB
182 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/fonts/CormorantGaramond/CormorantGaramond-Regular.woff2
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/assets/css/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5e7d2887b6d6455cb435999a4db9ff84a0e03bbc552bf3f21e4656475477a0a9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/assets/css/app.css
Origin
https://www.payments.babylonstoren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:51 GMT
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
"60c1f3b0-2d8a8"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
186536
web-interactives-embed.js
js-eu1.hubspot.com/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3470075.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
720b43e5950b3ef9c934b9253a76353a916cc4399cc2d17bdc5a508ce2569d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
Origin
https://www.payments.babylonstoren.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1294/bundles/project.js&cfRay=8ac0f028beeabdcf-DUB
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"ca106ef78092107b8d4a40131d641c01"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1294/bundles/project.js
date
Wed, 31 Jul 2024 22:13:52 GMT
x-amz-version-id
GMZ9HyPHjtzB9hq9Kp4nuMbTlOz7NvmB
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 56a77d6c9e6b49fa4179a99507a9582e.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
cf8f98d7-9fa9-4e85-9933-fcc91958b496
x-cache
Miss from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
409
x-evy-trace-route-configuration
listener_https/all
x-request-id
cf8f98d7-9fa9-4e85-9933-fcc91958b496
last-modified
Mon, 29 Jul 2024 11:16:10 UTC
server
cloudflare
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lAm3kVOeLR1LrYz6KH1gO0jotsGvz8rg5iiwKULl9hX8i9GbnJLpjmZ7AZFUejmmfJPQSzncPT%2BU4HbBlYu%2BA2fi42qFb9jx4lLmkKhRyWZzahCckShejal31N5xujqaVOarg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray
8ac0f028beeabdcf-DUB
x-amz-cf-id
iQPXghiaTOZr8XoAlkTMA7HTI37qrwRxdFASl8_tbrT9IDaWWvzfvg==
3470075.js
js-eu1.hs-analytics.net/analytics/1722462900000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1722462900000/3470075.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3470075.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43677e437fc1b421573129e2798f11cc4878c9983489cacf4f2e498718f2370f

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
Y35HC832GD9ENC8R
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
13d71032-5c1d-4c0e-891c-28903dd84e6e
x-envoy-upstream-service-time
26
x-amz-id-2
Mk4sfFkUHajxTpk5rWB3nBQm8JZ/PXxbg4LI8+QN6UsRLVDqja2i3rcIjLoECq1UxGPIlX6Ma13DF4NlEq3E6g==
x-evy-trace-listener
listener_https
x-request-id
13d71032-5c1d-4c0e-891c-28903dd84e6e
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 29 Jul 2024 20:15:34 GMT
server
cloudflare
etag
W/"f5b2c48e5ef4be831d176476fb54ae79"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-5cc6cdbf4d-2t9gr
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8ac0f028afdfbe0f-DUB
expires
Wed, 31 Jul 2024 22:18:52 GMT
3470075.js
js-eu1.hs-banner.com/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/3470075.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3470075.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428dc9374ac9040ad72239783c340ea0a3bf9c7e27d23764cee9da3ad73b58ac

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
x-amz-version-id
hQRPNOz5MS8gyzQct_iL7PS6BkMzVj0y
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
KNNJ3647JDH12ZXC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
8cddd534-f4e0-4b84-9a9a-7b354df0c8eb
x-envoy-upstream-service-time
38
x-amz-id-2
HDDFYQ88fhjPme+/pZ5UAyyKycoWVYkpwLcXGm+gH+S4+x2PewEhY0JakY0BaiyAN17AyJlViRg=
x-evy-trace-listener
listener_https
x-request-id
8cddd534-f4e0-4b84-9a9a-7b354df0c8eb
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 26 Jul 2024 17:19:43 GMT
server
cloudflare
etag
W/"73aa88f6f2ff7172024197e34b2c45d1"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://landing.babylonstoren.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-5cc6cdbf4d-46bll
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8ac0f028ac13be0c-DUB
expires
Wed, 31 Jul 2024 22:18:52 GMT
fb.js
js-eu1.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3470075.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
x-amz-version-id
kl1dxvjzkssE.fV_O4PhpuAJA5n_6jGg
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 337ce1d1833905a0473cbaec913a354c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA60-P6
age
114
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.571/bundles/pixels-release.js&cfRay=8ac0ed5fcc27bf52-DUB
x-cache
Hit from cloudfront
x-hubspot-correlation-id
88d98a35-1b32-49ca-885f-9c6be7934e82
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
88d98a35-1b32-49ca-885f-9c6be7934e82
last-modified
Fri, 19 Jul 2024 20:16:33 UTC
server
cloudflare
etag
W/"5d8f21e5e9508f10da257acb3360bbbd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray
8ac0f028bfc7be1e-DUB
x-amz-cf-id
eodvjIbWpXWdGlXsmQGdnCmXh39MZoecC9YGBFnmdBatqYNuj02H5w==
x-hs-target-asset
adsscriptloaderstatic/static-1.571/bundles/pixels-release.js
json
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		370 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3470075
Requested by
Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3200::90:3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e668508d511629c35f1f7ba9dac1837b3ee0a375bff7b42415e56dad2153a02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c02ec5f0-96ee-4d84-ad2b-23d61f4f39b7
x-envoy-upstream-service-time
2
content-length
196
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c02ec5f0-96ee-4d84-ad2b-23d61f4f39b7
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.payments.babylonstoren.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-576d445cf9-4724b
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNSjRIoppoH1gk0jF1EpBOLr29WtAyofbCfjyedcHsahmua8JBQzC6ImFO2RDptafJ8tIEsKqoAkJ9M1RhfY0xPQyowmmuVRJhwJZesVBbyJK5Uoq4Tt4KCyo0lJBzih%2F1dfn3FtmgTacX2JHAMEtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ac0f029c8d6955e-DUB
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-331911189
Requested by
Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c0898bf29cfc56bebe44204eeeb5729c6a615abcc0b3e4523d1a17fdb901fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92730
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 21:30:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 22:13:52 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/331911189/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/331911189/?random=1722464032577&cv=11&fst=1722464032577&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874476617za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&hn=www.googleadservices.com&frm=0&tiba=Payments%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1706778915.1722464033&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-331911189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
c3c125304076fe03ecb5de52b1a063e9e2683571112b8f74244830ea6df2057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 22:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
combinedConfigs
cta-eu1.hubspot.com/web-interactives/public/v1/embed/ 		95 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-eu1.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3470075&currentUrl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F
Requested by
Host: js-eu1.hubspot.com
URL: https://js-eu1.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
75247eb6-f149-4651-9f1e-38304b25c43a
content-encoding
br
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
75247eb6-f149-4651-9f1e-38304b25c43a
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.payments.babylonstoren.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNmOLTTFBtWd9hrKsZCS%2Fw20I4pCgzUbuTwk3oTP6T5mVsxlJ4wAgJu1z9f8eDrMnSHWoTjBjq5IL7dNbYNtnKIBvri6M7w4JrLWttU59PMaimh2XexF4ty4CriF7LdlD9cMroA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8ac0f02c7a6d1b91-DUB
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-6f6ff6474c-fk4hg
/
www.google.com/pagead/1p-user-list/331911189/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/331911189/?random=1722464032577&cv=11&fst=1722463200000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874476617za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&hn=www.googleadservices.com&frm=0&tiba=Payments%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1706778915.1722464033&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLHG8o8lJ6a66URdiwQLG-fPhNEYrvTA&random=3140112143&rmt_tld=0&ipr=y
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 22:13:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/331911189/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/331911189/?random=1722464032577&cv=11&fst=1722463200000&bg=ffffff&guid=ON&async=1&gtm=45be47v0v874476617za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&hn=www.googleadservices.com&frm=0&tiba=Payments%20Portal&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1706778915.1722464033&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLHG8o8lJ6a66URdiwQLG-fPhNEYrvTA&random=3140112143&rmt_tld=1&ipr=y
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 22:13:52 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counters.gif
perf-eu1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.payments.babylonstoren.com
URL: https://www.payments.babylonstoren.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
59cf44ba-9619-4235-9706-4dc74d32ed07
x-envoy-upstream-service-time
4
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
59cf44ba-9619-4235-9706-4dc74d32ed07
Last-Modified
Wed, 31 Jul 2024 22:13:52 GMT
Server
cloudflare
vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-6f6ff6474c-dbgfp
access-control-expose-headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
Accept-Ranges
bytes
x-robots-tag
none
CF-RAY
8ac0f02d9a67bdc2-DUB
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
tndpDkmKzWYKwuLb0+r5wQbSXznQ6DBwNJvvKrXDnri07DSaxsKsh30SmPcTP5C1Xp8YBLiX3nOiRFxWkOnSlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-gb&bfp=2838755592&v=1.1&a=3470075&pu=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&t=Payments+Portal&cts=1722464032966&vi=4d623b3900349f12b154b9244bcafc9d&nc=true&u=216065673.4d623b3900349f12b154b9244bcafc9d.1722464032964.1722464032964.1722464032964.1&b=216065673.1.1722464032964&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:13:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d9539eda-a6a8-47fd-bdc2-82d01026977a
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
3
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d9539eda-a6a8-47fd-bdc2-82d01026977a
last-modified
Wed, 31 Jul 2024 22:13:53 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLDSd%2FSZ%2FuWC6o61uzIROlBZ%2FpmtqNP%2FxrjKHkgUA6AXKaHhOusaCTDA%2BS6LIjOmMijExVbVceaPxtP0X%2FCebbIPXGbzocmribgNeC8XHEcPXzSWJeIy5HrJoi7RfuIxcnY1HhJaUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-6c6cdbccc5-zf6w7
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8ac0f02eba8bbe25-DUB
x-robots-tag
none
favicon-32x32.png
www.payments.babylonstoren.com/assets/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.payments.babylonstoren.com/assets/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
35.246.68.38 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.68.246.35.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
a4a0ce567880e76bfe4b16fd039ac68ece4757c5218253ba1c809221a095f004
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:13:52 GMT
Last-Modified
Thu, 10 Jun 2021 11:12:48 GMT
Server
nginx/1.14.2
ETag
"60c1f3b0-7db"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2011
1633907103529404
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1633907103529404?v=2.9.162&r=stable&domain=www.payments.babylonstoren.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b50f5578017a9f7f94ded4c59143282f35935d5350235eb38a50e42d17944352
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
25
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=64, mss=1297, tbw=64215, tp=-1, tpl=-1, uplat=71, ullat=0
pragma
public
x-fb-debug
ZsZ/TgjA9DVybQt/5H6s3vMn7/A2K1XzaYuwzt7+SyeZ1t1C8/s4xdpq8XjxKCQqVzAjT4zyYEH+ile76nhHxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
119010052188696
connect.facebook.net/signals/config/ 		36 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/119010052188696?v=2.9.162&r=stable&domain=www.payments.babylonstoren.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C223%2C157%2C113%2C129%2C117%2C146%2C141
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
276b3e486db2bd86ac0a74afdd178c5d05c6c88d681495d94ec13c3883315a05
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=68, ullat=0
pragma
public
x-fb-debug
CLKXTb5pnZPMGc6CUp1sdusiFKJxuqKGG94qnL+VHowfi7fWvzGCSgP5RxBN3CbmXgM9bjFGMOrvFOT+xfw3jQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1668075673257034
connect.facebook.net/signals/config/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1668075673257034?v=2.9.162&r=stable&domain=www.payments.babylonstoren.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C223%2C157%2C113%2C129%2C117%2C146%2C141%2C128%2C130%2C121
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
b416f8e9cc8e506783c9cd3cba4daeddbca7d43f29552bcde71c4337641a3af2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=30, mss=1232, tbw=12777, tp=17, tpl=0, uplat=51, ullat=0
pragma
public
x-fb-debug
FzdRBJLLSHRJ05x64F3KA4VVoCNmGqOqSfoicTSZsePIpNR51mHQoF0j4GM9RAySWgCIGer7Umsf5EeJc0rkWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
829867327491383
connect.facebook.net/signals/config/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/829867327491383?v=2.9.162&r=stable&domain=www.payments.babylonstoren.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C223%2C157%2C113%2C129%2C117%2C146%2C141%2C128%2C130%2C121
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
468787a24276aa2e4bc7b2c688510790527c64002d00a4934446de0427c1f50c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
16
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=32, mss=1232, tbw=15913, tp=21, tpl=0, uplat=71, ullat=0
pragma
public
x-fb-debug
FZa6+gsa/PPSXqUAFGgfonz1e6sYbqMdNpImD8jMBA3taYqSgmbKkRLTiZi6oIO4CmOKpNQBObFTvTeFhIwC3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1633907103529404&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033611&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1633907103529404&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033611&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397926690370214371", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=7261, tp=-1, tpl=-1, uplat=161, ullat=0
pragma
no-cache
x-fb-debug
jw0xOici8ymlHMoJ1SJS+n7zR5IJ5ZumoemK5kisLZGcw4RGpRCrj6VPZJQc/OWoaCRmoIfCS+BCPeDKnUBtfg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397926690370214371"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=119010052188696&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033613&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&hmd=81368246261e4ec5eaccfb14&it=1722464033177&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=119010052188696&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033613&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&hmd=81368246261e4ec5eaccfb14&it=1722464033177&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xe413774daeba2a27","source_keys":["1","2"]},{"key_piece":"0x8e85cfcdfdb97ff9","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:6288385897848732","24:1752328838171682","24:1813060802077546","7830:6288385897848732","7830:1752328838171682","7830:1813060802077546","10853:6288385897848732","10853:1752328838171682","10853:1813060802077546","41:6288385897848732","41:1752328838171682","41:1813060802077546","8046:6288385897848732","8046:1752328838171682","8046:1813060802077546"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 31 Jul 2024 22:13:53 GMT
x-fb-server-load
24
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397926692055205005", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=8135, tp=-1, tpl=-1, uplat=163, ullat=1
pragma
no-cache
x-fb-debug
W+nWfpQNcinY8TQhSNfLDORutdJwGsKnDsCp/NOnklMUJu3XUgvtv6wh87BN9+9n5GM8CSAUnRbh4x4bYuYuIw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397926692055205005"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1668075673257034&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033613&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1668075673257034&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033613&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 22:13:53 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397926690886280584", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=9530, tp=-1, tpl=-1, uplat=163, ullat=0
pragma
no-cache
x-fb-debug
deaK2U5avQBfUgQXULoJGqhXDnx3OALsaA04bO3hxtaESU8Dv8tgjHgqP7BMFOhzlIZZWTbTwRZSoZosyOS2/g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397926690886280584"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=829867327491383&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033614&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=3362, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 22:13:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=829867327491383&ev=PageView&dl=https%3A%2F%2Fwww.payments.babylonstoren.com%2F&rl=&if=false&ts=1722464033614&sw=1600&sh=1200&ud[external_id]=4d623b3900349f12b154b9244bcafc9d&v=2.9.162&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1722464033610.234794883101444720&cs_est=true&ler=empty&cdl=API_unavailable&it=1722464033177&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.payments.babylonstoren.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0e8852cc5141f172","source_keys":["1","2"]},{"key_piece":"0xec16d54d1f3e4f9e","source_keys":["1","2"]}],"aggregatable_values":{"1":1},"filters":{"2":["24:9834413713295747","24:9811730712233394","7830:9834413713295747","7830:9811730712233394","10853:9834413713295747","10853:9811730712233394","41:9834413713295747","41:9811730712233394","8046:9834413713295747","8046:9811730712233394"]},"debug_reporting":true,"debug_key":"1"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 31 Jul 2024 22:13:53 GMT
x-fb-server-load
20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397926691173618734", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=3508, tp=-1, tpl=-1, uplat=99, ullat=0
pragma
no-cache
x-fb-debug
Sg6QqTXPc+B/2ff5v5zEGfaRtXDNndaiGirHo/TzMYYAFlltJIF4td8ivxRF3oBzCzIJs4KEdGzCQld6/yWsQA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397926691173618734"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| card function| Payment function| Card object| bootstrap object| _hsp boolean| PIXELS_RAN object| enabledEventSettings object| _hsq boolean| _hspb_ran boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| fbq function| _fbq

11 Cookies

Domain/Path Name / Value
.babylonstoren.com/ Name: _gcl_au
Value: 1.1.1706778915.1722464033
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hsforms.com/ Name: __cf_bm
Value: i3dn38jVWPXGDTzNxJPaoQmrWHpvP_xNIpOKGhE6wA4-1722464032-1.0.1.1-D8.Ku.tdMVMTlyFGx9mRvnuq6VT2jgYJNLXOsTaUSC30Uw4aRUxu2z6MadZ6iuxUR8zm9UjXbMZZZCBWf5HXWQ
.hsforms.com/ Name: _cfuvid
Value: TUpyHGlMIAEBzUpHI08ZvUw8zO74vycR0JoaJljL8Gc-1722464032936-0.0.1.1-604800000
.babylonstoren.com/ Name: __hstc
Value: 216065673.4d623b3900349f12b154b9244bcafc9d.1722464032964.1722464032964.1722464032964.1
.babylonstoren.com/ Name: hubspotutk
Value: 4d623b3900349f12b154b9244bcafc9d
.babylonstoren.com/ Name: __hssrc
Value: 1
.babylonstoren.com/ Name: __hssc
Value: 216065673.1.1722464032964
.hubspot.com/ Name: __cf_bm
Value: C4aXjEIDwZzxbusP5Uq_Y7MHyhVH_nrIclh7M4DTD4I-1722464033-1.0.1.1-SzQ17kZ_mmiecyUNjOqY9IFZCUx0dkiYipd.dEzqh9h1i79bdVnh77xnov2KzijBvQ8JuxQya_SdpIlGkaDfLw
.hubspot.com/ Name: _cfuvid
Value: s5baddkTyr09_mpUwTo2LNnf7O_ZA3uKgQoGenLTnLY-1722464033152-0.0.1.1-604800000
.babylonstoren.com/ Name: _fbp
Value: fb.1.1722464033610.234794883101444720

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-eu1.hubapi.com
connect.facebook.net
cta-eu1.hubspot.com
googleads.g.doubleclick.net
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hubspot.com
js.hs-scripts.com
perf-eu1.hsforms.com
track-eu1.hubspot.com
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.payments.babylonstoren.com
142.250.186.67
142.250.74.196
157.240.0.6
172.65.198.159
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
216.58.206.66
2606:4700::6810:8bd1
2a00:1450:4001:801::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3200::90:3
35.246.68.38
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
276b3e486db2bd86ac0a74afdd178c5d05c6c88d681495d94ec13c3883315a05
35ac14b406e734dd5284678f852f285c83fbacf29c109f1c9cc4521849ff17bf
428dc9374ac9040ad72239783c340ea0a3bf9c7e27d23764cee9da3ad73b58ac
43677e437fc1b421573129e2798f11cc4878c9983489cacf4f2e498718f2370f
468787a24276aa2e4bc7b2c688510790527c64002d00a4934446de0427c1f50c
5259eca3e1b854c7fef3d6281b2eb754262aa7c256c468ed0dca21d6821920e0
531b4916f1c93513e7dcd8cea88a528504eda4364d314c82aaa251831105c83b
5c0898bf29cfc56bebe44204eeeb5729c6a615abcc0b3e4523d1a17fdb901fbe
5e7d2887b6d6455cb435999a4db9ff84a0e03bbc552bf3f21e4656475477a0a9
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
637548b791dc739d162d046702f99ec74b33bb61d98ea6e98565b97a07a67f06
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
720b43e5950b3ef9c934b9253a76353a916cc4399cc2d17bdc5a508ce2569d74
8f8ffc173eeeb88844f2d5695ce99694f13b58828d06b80050f70641646858bc
a4a0ce567880e76bfe4b16fd039ac68ece4757c5218253ba1c809221a095f004
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b416f8e9cc8e506783c9cd3cba4daeddbca7d43f29552bcde71c4337641a3af2
b50f5578017a9f7f94ded4c59143282f35935d5350235eb38a50e42d17944352
c3c125304076fe03ecb5de52b1a063e9e2683571112b8f74244830ea6df2057a
d892f0109672132505687dd9d31ff804411367d3defc0e4aefdc16af2fee134a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dea7d93054c054d6908de184845b8db289207bb4928bbdd07d0ad8d52ec0708f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e668508d511629c35f1f7ba9dac1837b3ee0a375bff7b42415e56dad2153a02d
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
fc2dad08d8da1205435433af983f0f6685b3d3dee1f998626b767aa35d92f366