urlscan.io logo urlscan.io
SecurityTrails logo

payments.freedompay.com Open in urlscan Pro
64.74.156.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fplynx.com/5ad8ecf7-ce6b-4e5c-b0f1-f1572be935f5
Effective URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Submission: On December 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 39 HTTP transactions. The main IP is 64.74.156.49, located in Phoenixville, United States and belongs to INTERNAP-2BLK, US. The main domain is payments.freedompay.com. The Cisco Umbrella rank of the primary domain is 583551.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 2nd 2022. Valid for: a year.
This is the only time payments.freedompay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.74.156.36 12178 (INTERNAP-...)
12 64.74.156.49 12178 (INTERNAP-...)
8 64.74.156.34 12178 (INTERNAP-...)
1 151.101.66.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
14 2606:4700::c6... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
39 7
1    64.74.156.36 (Phoenixville, United States)

ASN12178 (INTERNAP-2BLK, US)
fplynx.com
12    64.74.156.49 (Phoenixville, United States)

ASN12178 (INTERNAP-2BLK, US)
payments.freedompay.com
8    64.74.156.34 (Phoenixville, United States)

ASN12178 (INTERNAP-2BLK, US)
hpc.freedompay.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
14    2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)
songbird.cardinalcommerce.com
centinelapi.cardinalcommerce.com
geo.cardinalcommerce.com
writer.cardinalcommerce.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
20 freedompay.com
payments.freedompay.com — Cisco Umbrella Rank: 583551
hpc.freedompay.com — Cisco Umbrella Rank: 124287
1 MB
14 cardinalcommerce.com
songbird.cardinalcommerce.com — Cisco Umbrella Rank: 24447
centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 21703
geo.cardinalcommerce.com — Cisco Umbrella Rank: 22110
writer.cardinalcommerce.com — Cisco Umbrella Rank: 23682
166 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
31 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 245
615 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 402
14 KB
1 fplynx.com
fplynx.com
155 B
39 6
Domain Requested by
12 payments.freedompay.com payments.freedompay.com
8 hpc.freedompay.com payments.freedompay.com
hpc.freedompay.com
5 geo.cardinalcommerce.com geo.cardinalcommerce.com
cdnjs.cloudflare.com
5 songbird.cardinalcommerce.com hpc.freedompay.com
songbird.cardinalcommerce.com
2 writer.cardinalcommerce.com payments.freedompay.com
2 cdnjs.cloudflare.com geo.cardinalcommerce.com
2 centinelapi.cardinalcommerce.com payments.freedompay.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com payments.freedompay.com
1 fplynx.com 1 redirects
39 10

This site contains no links.

Subject Issuer Validity Valid
*.freedompay.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.cardinalcommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-04-05 -
2023-04-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 3 frames:

Primary Page: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Frame ID: 61F36CD798058F24817E8C6E424B8BC9
Requests: 22 HTTP requests in this frame

Frame: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Frame ID: A995EFEF5057A6EE62653310535D8A2C
Requests: 8 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Frame ID: 4D07329A24EB194AC44FAFC7B622750A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holiday Inn Express East Midland Payment Page

Page URL History Show full URLs

  1. https://fplynx.com/5ad8ecf7-ce6b-4e5c-b0f1-f1572be935f5 HTTP 302
    https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

29 %
IPv6

6
Domains

10
Subdomains

7
IPs

1
Countries

1393 kB
Transfer

2030 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fplynx.com/5ad8ecf7-ce6b-4e5c-b0f1-f1572be935f5 HTTP 302
    https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Payment
payments.freedompay.com/Checkout/
Redirect Chain
  • https://fplynx.com/5ad8ecf7-ce6b-4e5c-b0f1-f1572be935f5
  • https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
130 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
539982e71f45374152c8f7e9d842e21f99335c4bce1798557d4c6018dbde332f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
132997
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Dec 2022 18:47:30 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

date
Mon, 05 Dec 2022 18:47:30 GMT
location
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
Simple
payments.freedompay.com/Checkout/Content/Theme/ 		63 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/Content/Theme/Simple?v=HS5kQ3zz8ciEaDlTUlqrXBtHi4hhmtsts-5RqUuQJeo1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fdce483fa083e1844e7ffc637dc6d6902a98aa5d1fa1bca25fef0c35d9a4acdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
64077
Expires
Tue, 05 Dec 2023 18:47:31 GMT
jquery
payments.freedompay.com/Checkout/bundles/ 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
84814
Expires
Tue, 05 Dec 2023 18:47:31 GMT
jqueryui
payments.freedompay.com/Checkout/bundles/ 		234 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryui?v=nmuMA-O4C0zphhL2ApoyudBi4v4VCXr0cCFlFmBK2eU1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
239752
Expires
Tue, 05 Dec 2023 18:47:31 GMT
jqueryval
payments.freedompay.com/Checkout/bundles/ 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryval?v=l6TDTuZE9RVgXTlVOAc4C2uaFEcshao9OcBFLOqMGeo1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
44682
Expires
Tue, 05 Dec 2023 18:47:31 GMT
jqueryajax
payments.freedompay.com/Checkout/bundles/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/jqueryajax?v=OogFi3g5HLuGIHAgSqPk_6zluJg3HjxNAuUL0uNC8a81
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
3077
Expires
Tue, 05 Dec 2023 18:47:31 GMT
v-mask
payments.freedompay.com/Checkout/bundles/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/v-mask?v=UJ5DseB4YY3hNO1XBnbpfPQrIjJQEQm85uEsmtwuhHQ1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
6548
Expires
Tue, 05 Dec 2023 18:47:31 GMT
system
payments.freedompay.com/Checkout/bundles/ 		100 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/system?v=SV9aIwfpb4bUb-7AEHxNtLBQop9WDs6treFolJ215S01
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
85e584d9d1514f7eee3f119de3536bef83af4d7c01e0d908b18d1d8d6b6cf476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
102755
Expires
Tue, 05 Dec 2023 18:47:31 GMT
hpp
payments.freedompay.com/Checkout/bundles/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/hpp?v=8qOkSTo3amd0xjCNNkrn_0RcIM0mOs2GT_IO5BEESzo1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
09d6739f4913774c8086676c37a588d1e6e7577d8588255fd215d4bd1a4253b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
26203
Expires
Tue, 05 Dec 2023 18:47:31 GMT
pay
payments.freedompay.com/Checkout/bundles/hpp/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/bundles/hpp/pay?v=UbqxDl2VH31gP6aAZZvr2Lbs2FsaZkN8dC1j71tX59c1
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c782d26406eda40c0482b4a29bff482cc06fd1dcb6697f66506a4c722b93747b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:30 GMT
Last-Modified
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
95986
Expires
Tue, 05 Dec 2023 18:47:31 GMT
hpc_min.js
hpc.freedompay.com/api/v1.5//cdn/ 		67 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=22.47.0.1084
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c22bf545cce353477db6127156bbe5d2bfd00eb843033ac16d11950538ee5d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=172800
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1224868507"
Content-Length
69071
Model
payments.freedompay.com/Checkout/System/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/System/Model?cultureCode=en-US
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0ff60587db45c4b0519cc8b0474d4264ae160f2153702720e2ff776e6fd7442b

Request headers

Accept
*/*
X-NewRelic-ID
VQcHUFFSARACVVNVBwUOXg==
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:31 GMT
X-AspNetMvc-Version
5.2
X-NewRelic-App-Data
PxQGUFZSDwIJR1NTBQYHUl0JFB9AMQYAZBBZDEtZV0ZaCldOfDdwTTdPRBUDDntcXhATDVtdUhRLfFlXBwpBTgBMCE4IFgQCAlELVQRNHlNIFFNUBFAJBwMFWQBVCVNQVwEUHwQHDxFVPw==
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
private
Content-Length
2743
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
via
1.1 varnish
date
Mon, 05 Dec 2022 18:47:31 GMT
x-amz-request-id
D8NH80TKT037AGSC
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
+rzX8XXfteTItJslo5NqLZuGZflfDbBCc/fADbVJFx4lfw/gMb0rJEw38AjUNSEm04k9cj7uMm4=
x-served-by
cache-hhn4055-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1670266052.782284,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5197
73a43e44de
bam.nr-data.net/1/ 		49 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/73a43e44de?a=21270498&v=1216.487a282&to=NgADZUZQWkFQU0NZXg9KLGd3HndaVFNcX0QVJg5fQENbXl1VRR9hABwMVFpF&rst=1986&ck=1&ref=https://payments.freedompay.com/Checkout/Payment&ap=51&be=1126&fe=1947&dc=1945&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1670266049808,%22n%22:0,%22f%22:548,%22dn%22:549,%22dne%22:562,%22c%22:562,%22s%22:646,%22ce%22:819,%22rq%22:819,%22rp%22:1041,%22rpe%22:1295,%22dl%22:1043,%22di%22:1944,%22ds%22:1944,%22de%22:1946,%22dc%22:1946,%22l%22:1946,%22le%22:1947%7D,%22navigation%22:%7B%7D%7D&fp=1948&fcp=1948&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:31 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
774ef3680a219072-FRA
HostedPaymentControls
payments.freedompay.com/Checkout/ 		989 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.freedompay.com/Checkout/HostedPaymentControls
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.49 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e125512ee45911cb769d20c55905b56b70fbba2238b00a1139809fde81719edd

Request headers

Accept
*/*
X-NewRelic-ID
VQcHUFFSARACVVNVBwUOXg==
Referer
https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 18:47:31 GMT
X-AspNetMvc-Version
5.2
X-NewRelic-App-Data
PxQGUFZSDwIJR1NTBQYHUl0JFB9AMQYAZBBZDEtZV0ZaCldOfDdwTSxZRBUDB2hSSQkEDENyWAgQQ1lfESUMDEQQVw5UXUYddABNIl4PRxALWkRDSlMWAxxUT1IPBwRQVAQaHlNKQVNSV11bXQtQV1BXXwIDUgNASFBWDRUGZQ==
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Session-Key
eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Cache-Control
private
Content-Length
989
controls
hpc.freedompay.com/api/v1.5/ Frame A995 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/bundles/jquery?v=U8QVYo3GPKYOZs4-1AuiVBsnn8yIS6jNkF7kuNNXDLU1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f8975862948bcbd3029b4e499d40d4ecbfc340c9f3edc0641bfacb5c55240523
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'

Request headers

Referer
https://payments.freedompay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
8840
Content-Security-Policy
connect-src 'self'; default-src 'none'; font-src https: 'self'; img-src https: 'self'; script-src https: 'self' 'unsafe-inline'; style-src https: 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Dec 2022 18:47:31 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-65794699"
X-AspNet-Version
4.0.30319
X-OneAgent-JS-Injection
true
X-Powered-By
ASP.NET
X-ruxit-JS-Agent
true
ruxitagentjs_ICA27NQVfjqrux_10253221019152312.js
hpc.freedompay.com/api/ Frame A995 		320 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/ruxitagentjs_ICA27NQVfjqrux_10253221019152312.js
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3dffd2d26bf74e24c88dca59054829070ffc31cc8fc7bc27e64b19dbd1eeaa71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Mon, 05 Dec 2022 18:47:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Length
119698
Expires
Tue, 05 Dec 2023 18:47:32 GMT
default_min.css
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame A995 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=22.47.0-release0023.1618
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0f6ed3ff3242eb56f5a74ffefe5d380d17aa0d133d5fe35db19fdd0c44667035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 18:47:32 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/css; charset=utf-8
Cache-Control
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-2107172470"
Content-Length
7715
Expires
-1
messages_en-US.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame A995 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/messages_en-US.js?v=22.47.0-release0023.1618
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9b26809803d6a45f6b997956dbf7267fd834cde7af04dbcf06410084810aeb30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 18:47:32 GMT
Last-Modified
Wed, 30 Nov 2022 12:07:50 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-459646343"
Content-Length
2960
Expires
-1
default_min.js
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame A995 		156 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.js?v=22.47.0-release0023.1618
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f79512c3e906ca2aca448c432af8c879dce8e233cad9a6e8a268cefdb4cc3fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 18:47:32 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="650962880"
Content-Length
160233
Expires
-1
security_code.svg
hpc.freedompay.com/api/v1.5/cdn/internal/ Frame A995 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hpc.freedompay.com/api/v1.5/cdn/internal/security_code.svg
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=22.47.0-release0023.1618
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hpc.freedompay.com/api/v1.5/cdn/internal/default_min.css?v=22.47.0-release0023.1618
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 05 Dec 2022 18:47:32 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/svg+xml; charset=utf-8
Cache-Control
no-cache
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1039809106"
Content-Length
27537
Expires
-1
songbird.js
songbird.cardinalcommerce.com/edge/v1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/v1.5//cdn/hpc_min.js?t=22.47.0.1084
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.freedompay.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326
x-powered-by
ASP.NET
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=as3njPfIkUY6z4GAoM4%2BcKv48x3b5xm8qXdR9%2FnZSdJE%2FWD4FxwRzM1g6VahjM2l3llL5oWyEf95%2Br1CpMij6hUY5NVNv6hBqtab09v5PUQIy7EBKRFFcPAJM65ldvCqVjT4bKDHR01c0PFN5eWoYZ9dQS8XzTVO35Yl"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
774ef36f5c6f9c01-FRA
expires
Mon, 05 Dec 2022 22:47:33 GMT
1.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		388 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26842
cf-polished
origSize=397453
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ue%2FcyErP964Ob3noze0hfbYzRXGUixz1RJllSiKCqqdoJwEUizTxNjpp76UzT4sn6YEC41CRBwjCQj9FUUkZMSuWhbSUvQpjuoz5p7sHdWMbAoI8yEmmIXWEmXo4zy4PT3WxUrWJAkdF3h8Jk%2FixKjgLninaW%2B1D6NOa"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
774ef36fbadfbb7d-FRA
expires
Sat, 03 Jun 2023 18:47:33 GMT
12.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/12.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4162dc2055e7aaa1ffbb17aaf27c80b18deeabb669d4e6850541213632b1cb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26841
cf-polished
origSize=23843
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgSNm8RQiC41rnVxGK1pDDDxc9bt8Cz1NEchdUc551tYJarQDRtNPDaAjOkDVyOyL%2BJGeos06XYpL5U4SjL65B%2Bnva7jOHCClYYo3jXnpf7JJfsAxVSIcnM6nP5xHqpUGiqA%2FJEi2k4r0quTWnrn91A5JbsolkpTIW7x"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
774ef3708c67bb7d-FRA
expires
Sat, 03 Jun 2023 18:47:33 GMT
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54c99dbe172f66c4d51b8faf119b9a3f488fdea9aef66620985377179d76fc2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
X-Cardinal-Tid
Tid-147f275c-36f4-4425-a6c1-5012a5996485
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbhw0qoCMTUMWEz9g9RAz1JsXymS3hEUajBkSN4d2NOfevqL1udzWsf0eHSgv%2BTogSzpmsUrZnrRxj%2F52vjzX2LDvZNmk0AuOUk4NEROf5lZn3Mjv2Yc63gj2LhiLwa0ZkuxwHu97ZN7vxukd2ZBPAjJC9ufI95pigWE07v3"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://payments.freedompay.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cf-ray
774ef371ef71bb7d-FRA
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cardinal-tid
Access-Control-Request-Method
POST
Origin
https://payments.freedompay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-cardinal-tid
access-control-allow-methods
GET,POST,HEAD,OPTIONS
access-control-allow-origin
https://payments.freedompay.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
cf-ray
774ef370fd50bb7d-FRA
content-length
0
date
Mon, 05 Dec 2022 18:47:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3ulrrdF%2F8TFJoPSiiuSlTxrwpfPrNsw17abUyWEdXYK9oSvjsNRZZrVTr2l6vOD1Xp5bhTbsLLcKNcvxj%2Fkv2eoAZOk%2BMFmBlf5MSr0H7xPyp92tv%2BEbShzOYEgoBibm%2FnOWR6%2FdiMb1IeCsodglnQGPg%2BQ%2FKuTRjabDKOr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
11.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/11.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26841
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmY6DhVWFYd7XnOBp36Z1JNG1CtD%2BfeMDYCyFzn7CtsVJvzcxBh%2BgjmPpkairkx7J3%2FV%2BWe3yJ7LPIc83xiCzsLXcgf%2Bw8wtWBmt5TCo7Q3bz6oIh3ltYjTqOjWWf8Hv0KKKPZo%2BGuRLMM98TuRrbZ%2ByXPnTlRzpP59j"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
774ef3731a21bb7d-FRA
expires
Sat, 03 Jun 2023 18:47:33 GMT
Render
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 4D07 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db7c37a20f97cdafdd1db6aa1e36a51958806e70f3b73022d8dada6c8858ac4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://payments.freedompay.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://payments.freedompay.com
access-control-expose-headers
Access-Control-Allow-Origin
cf-cache-status
DYNAMIC
cf-ray
774ef3739ecb9c01-FRA
content-encoding
gzip
content-language
de-DE
content-length
1202
content-type
text/html;charset=ISO-8859-1
date
Mon, 05 Dec 2022 18:47:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This site does not have a p3p policy."
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgX47AZd%2BxdyVb7KNv3gzrgHHA4ADp0FM9tCwgJXHnhrIzG8xILWOE1IVMuIVZIPxqPQg9eYwB3bp5FtKglZIfICpcbDuRjKROHWP10QwmKjr9g5%2B%2FOjT2RJ2qT5IPE2gy%2FSsEyorw4R6KsvZse%2BKCmaWA3%2Feg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
3.597f4104d311c33d4189.songbird.js
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/3.597f4104d311c33d4189.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://payments.freedompay.com/
Origin
https://payments.freedompay.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26841
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOqeZOp76RGD%2FZqXYo%2FppIcMbqnZA1QviMhrrECaoF%2BFTFlRiOz80jtn03mbGbRMxiRXcp%2FuOYhGhor7w1%2BIb8hiYRSIHOxzKYibxWmjBXHDHNJ8%2B3aTlDH0baoQCedVCv5rdB6m11qil9zHn6saY4Mw0CY9pSH4M46P"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=15552000
cf-ray
774ef3738b23bb7d-FRA
expires
Sat, 03 Jun 2023 18:47:33 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 4D07 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2145975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSkOHPUSPPmroXHhBcQasqojEU4vDQ04TffwH8SAn9LO2vN0vqLg63ZTuSgLfqCq57kBb9M5FmQNhqUk1jWUr1roGpGon1Vf%2FSUJJCZHfVTwte7pdlnfm0eqgcy4FNFlA03igDVSGX2WmGpQIJ8coKaX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774ef3755ec09196-FRA
expires
Sat, 25 Nov 2023 18:47:33 GMT
json3.min.js
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame 4D07 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
503738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3209
last-modified
Mon, 04 May 2020 16:11:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec9-1fd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMQEGuv8xeLo5bz5nuSDqNitXDWdEJkjXTBAUPIgAC1SO1e%2BSvHwQ3aZ0xC3UK3YbNZ3LrpVJ65PLyXyDnf%2F%2FEut9A63MDbDQkxmd3hImPDjsYyrNM6yL56ZaFn4FAaDB9ATPhBGrmilssO%2FcnYaqZWs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774ef3755ec39196-FRA
expires
Sat, 25 Nov 2023 18:47:33 GMT
6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 4D07 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6917
p3p
CP="This site does not have a p3p policy."
content-length
13047
last-modified
Wed, 26 Oct 2022 19:21:14 GMT
server
cloudflare
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFCcPyE6osxmEHUGvdLsmuWTBiW9fJS1TjuK7%2Fl7UiGcZxRaC%2BRnVonFF2PbF80dvGgS7GoBMiFtdYxeKHwxMCkQkMofh0hqB5xtsfvUo31n9vw7jnxrQ7IJUlpmockjNt9ZMveB3Ed72fNEd4mg%2BYOKwMMDVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
774ef3752a0c9c01-FRA
expires
Mon, 05 Dec 2022 22:47:33 GMT
profiler.min.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 4D07 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/profiler.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6361
p3p
CP="This site does not have a p3p policy."
content-length
5158
last-modified
Wed, 26 Oct 2022 19:21:30 GMT
server
cloudflare
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGQioLkODV%2BpmdzzrC9D9AX8WUhg6Aqba4tfCCKviyw%2BE1x5BGJDaSOko3ewaR5ip6avu2vCV4ZcN6c0AWBVlxtyD%2FvzXSKxnWWzRoJMuBwAJlru3B65U6zX6CN%2FkxcSRnikqwN4Qa5fjNII8%2F1T5w9I4PyRIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
774ef3752a0f9c01-FRA
expires
Mon, 05 Dec 2022 22:47:33 GMT
acsprofiler.min.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 4D07 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/acsprofiler.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:47:33 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6158
p3p
CP="This site does not have a p3p policy."
content-length
2051
last-modified
Wed, 26 Oct 2022 19:21:34 GMT
server
cloudflare
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKOAJgHjZvyHN5ZPKKHpT7UeT6y4kUVVJ8sKYGbuxlJTlLFVE1M0CrLE%2FDsdQpQNY%2Blz%2BLvG8PRopJUlt4l9BNxdqzVXtSosEqY2OYgAbgq%2BAXWIju8xnMpESyN2QQsdm5rHmG%2BSn0JEYCtTSCcOjO2VWq3Y1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
774ef3752a129c01-FRA
expires
Mon, 05 Dec 2022 22:47:33 GMT
SaveBrowserData
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 4D07 		0
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/SaveBrowserData
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=6327ed28f5ce6b4551a383c4&tmEventType=PAYMENT&referenceId=0_71b9c048-cc69-45de-9f13-32c017b5d101&geolocation=false&origin=Songbird
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Dec 2022 18:47:34 GMT
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
adrum_1
n:cardinalcommerce-prod_93ff2f8d-3ce1-43f8-8827-3466b84b528c
p3p
CP="This site does not have a p3p policy."
adrum_2
i:4192963
content-length
0
adrum_4
d:20
server
cloudflare
adrum_0
g:3863f1bb-299c-41b2-8ab9-d58e6fa54e95
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6h87gNnypHYOdB2VQkvZjCAly5cgk8wpZl0ofXpzYfnvm8VX%2BMw3Wmdlz7cX0tBUTfios2n4yDnrryArMyK0P39h2yJdKLRK8DhLfTa6fTgTaHiU41oyN0jVpPkfaT8UTtvHbYYQMITNovhaXVt66rsnk2wUsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://geo.cardinalcommerce.com
access-control-expose-headers
Access-Control-Allow-Origin
adrum_3
e:14
access-control-allow-credentials
true
cf-ray
774ef3762c889c01-FRA
rb_bf82417uyl
hpc.freedompay.com/api/ Frame A995 		121 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hpc.freedompay.com/api/rb_bf82417uyl?type=js3&sn=v_4_srv_6_sn_20E1F97FE8886F3620AE5EB697446CD3_perc_100000_ol_0_mul_1_app-3A9fe5ef22e2f96991_1_rcs-3Acss_0&svrid=6&flavor=post&vi=MKOOLIMKFQUCVFUCROFMFTGUVBWPVVMO-0&modifiedSince=1670232071416&rf=https%3A%2F%2Fhpc.freedompay.com%2Fapi%2Fv1.5%2Fcontrols%3FsessionKey%3DeyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o&bp=3&app=9fe5ef22e2f96991&crc=4262416866&en=5wma5kib&end=1
Requested by
Host: hpc.freedompay.com
URL: https://hpc.freedompay.com/api/ruxitagentjs_ICA27NQVfjqrux_10253221019152312.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.74.156.34 Phoenixville, United States, ASN12178 (INTERNAP-2BLK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cf343e5dc61794fbb62561dd7e4b6664b91b2861c2f6a4f1b0ad362dcdd96c82

Request headers

Referer
https://hpc.freedompay.com/api/v1.5/controls?sessionKey=eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 05 Dec 2022 18:47:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
121
Content-Type
text/plain; charset=utf-8
log
writer.cardinalcommerce.com/prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://writer.cardinalcommerce.com/prod/log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cardinal-tid
Access-Control-Request-Method
POST
Origin
https://payments.freedompay.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
774ef377dc1abb7d-FRA
content-length
0
content-type
application/json
date
Mon, 05 Dec 2022 18:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLJt45TxawGPoaD%2Ff58mFKfDqRkBxshbQIrs3VsbwWWu2qKlWMIIfkDkdzj66pt8FH2BEpUD5Elvo309JYdB9MWnYJuEFkB3xAhyq4VWiPkv007PQ7fRwqonI6866IZQgc8yPPfXujRTIsEPpztp%2BDWCW0Cpa8OhCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-apigw-id
cr5vEEl1IAMF_Mg=
x-amz-cf-id
8pc6L85bpxkCkxoY2o_chiTcXo6ucEzO3ZN6nYz8dtbHUYOrLB7PRg==
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
9d902bdc-7e76-4d90-b4ed-263a77b3451f
x-amzn-trace-id
Root=1-638e3cc6-6202db0e4365e5b45614e79d
x-cache
Miss from cloudfront
log
writer.cardinalcommerce.com/prod/ 		15 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://writer.cardinalcommerce.com/prod/log
Requested by
Host: payments.freedompay.com
URL: https://payments.freedompay.com/Checkout/Payment?transid=a324029c-a7a2-45b8-a4b3-7c17a92b09b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://payments.freedompay.com/
X-Cardinal-Tid
Tid-147f275c-36f4-4425-a6c1-5012a5996485
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 05 Dec 2022 18:47:35 GMT
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
da78d4b4-663b-46ff-b842-a1b6255edc0f
x-cache
Miss from cloudfront
x-amz-apigw-id
cr5vHHwAoAMFdrg=
content-length
15
server
cloudflare
x-amzn-trace-id
Root=1-638e3cc6-7564626b5b360028165f5ab5
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXA1i8VovNfpKLcMf9ZJOaRLZdObyEjgTMDugzxdO8PTHVyF0mr1BpQejn9yf75cR7yMahsHbpsfZJcZVBB%2F3IEdNYF6MDcR6X3vmI7FTE9cUOUtBQYWho%2Fke7KZDGWwN%2BrBy%2BASFhCzlspGJIKV71%2B2qmhJ7boOug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
774ef379e87cbb7d-FRA
x-amz-cf-id
-wnfTika7qunE5Hq4WaDeS89a4YszToYRv3D-mO2XAluN8WU1kKKnQ==
rb_bf82417uyl
hpc.freedompay.com/api/ Frame A995 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hpc.freedompay.com
URL
https://hpc.freedompay.com/api/rb_bf82417uyl?type=js3&sn=v_4_srv_6_sn_20E1F97FE8886F3620AE5EB697446CD3_perc_100000_ol_0_mul_1_app-3A9fe5ef22e2f96991_1_rcs-3Acss_0&svrid=6&flavor=post&vi=MKOOLIMKFQUCVFUCROFMFTGUVBWPVVMO-0&modifiedSince=1670232071416&rf=https%3A%2F%2Fhpc.freedompay.com%2Fapi%2Fv1.5%2Fcontrols%3FsessionKey%3DeyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6Inprc2I4RzgzVGdoc0dIQkEiLCJ0YWciOiJaY3RyR3dYNXpJVVNaT29BRG5CNDd3IiwiZW5jIjoiQTI1NkNCQy1IUzUxMiIsInppcCI6IkRFRiJ9.HO8Kq0LVybtnfUVXtSnjTnbiup1Rn9OzaeAVzkMTxdMDTPvoIO3UEaKbkN2quWCv1Ie8nTllUm_GqINLqjy7VA.9CZPg8WcFzrXReU-U1pYPg.QYvbyfydKdJeiSHsdBPpw6yjrf4T1jsIL7sFeGq_f5ghOKfKWLi-2xolrtlbxCq9I-rKfUzkuzB5Ip0sLRAeIJx93Qkc7ZuHuaJOPZvb4KY4dSmY10v1GcyYgb7XkfD30y0tsbAdL3FyuL_WldzYbwZ1xEceZGAscadSpg-R0st1nU1xyqT5xlxiKdHMLK0HHlrbhacxmFhOY_9G3Cm6e-kOSVunW9IPUU7w2LiE0nm7Au-k6L-broUXw-4-HkcAfigMlrns-2EmgUqzqSFxTph47UkBd_Lzep20ytPvp5DHzHhSaFfAOIRxTzWI9st8Zop4RD8xZQF4PppxE62kOIFXM7NJLQVXTIuYSRW4NOAxIMUbLl0WGCXCJaYNlGTO1Vl0CUnY52XOCMc8PwNMHNT7VT_-eNCRbIaPaUxVyQiRxRrN5h8clEvp1yWrhfA-mdnkts3Z8_Q4vApjFo9OEzbLULbMUItyyAtv8Oi5wsppSFbjbVW2ATD1eSvmf9QY.emwgHXfDQfvdhprXnyRx_Uk-wilMWQLIXWKFt9t0_8o&bp=3&app=9fe5ef22e2f96991&crc=3093514493&en=5wma5kib&end=1

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| NREUM object| newrelic function| __nr_require function| $ function| jQuery function| isUndefinedOrEmpty function| isUndefined function| logToConsole function| isInternetExplorer function| luhnChk object| ea object| VueMask object| FreedomPay function| Vue object| utilities string| securityClassesEnabled string| securityClassesDisabled function| HandleResponse function| HandleErrorMessage function| pageInit function| IsFocusOnAddressPanel function| GetAccessToken function| songbirdLoader object| Cardinal function| setImmediate function| clearImmediate

10 Cookies

Domain/Path Name / Value
payments.freedompay.com/ Name: ASP.NET_SessionId
Value: qwdysyadsne5etproxdo1aqf
.freedompay.com/ Name: dtCookie
Value: v_4_srv_6_sn_20E1F97FE8886F3620AE5EB697446CD3_perc_100000_ol_0_mul_1_app-3A9fe5ef22e2f96991_1_rcs-3Acss_0
.nr-data.net/ Name: JSESSIONID
Value: 7246f0a318c867d6
.freedompay.com/ Name: rxVisitor
Value: 167026605234925HJ8V90S4CBJ8CEGRSF2D0OOJJ43HGM
.freedompay.com/ Name: dtLatC
Value: 1
.freedompay.com/ Name: dtSa
Value: -
.freedompay.com/ Name: rxvt
Value: 1670267852923|1670266052351
.freedompay.com/ Name: dtPC
Value: 6$466052347_447h-vMKOOLIMKFQUCVFUCROFMFTGUVBWPVVMO-0e0
.cardinalcommerce.com/ Name: __cf_bm
Value: 70jLvnvWVOEdrZQtG7kULH5GoHOfJLRTFAD7RLZprnQ-1670266053-0-Aeq0Cp52zgZzJGjo3q44JoeE6LCTPWvr6HoUgTrGDQL5ypcrG39Fj1rFsFezzmB4EYfE0KXJEdwQ4qrxM0aYT0Y=
.cardinalcommerce.com/ Name: __cfruid
Value: 6b3fb9f242e0e91627e0871f460f6a8680f38f4e-1670266053

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
fplynx.com
geo.cardinalcommerce.com
hpc.freedompay.com
js-agent.newrelic.com
payments.freedompay.com
songbird.cardinalcommerce.com
writer.cardinalcommerce.com
hpc.freedompay.com
151.101.66.137
162.247.241.14
2606:4700::6811:180e
2606:4700::c6d9:fbfa
64.74.156.34
64.74.156.36
64.74.156.49
09d6739f4913774c8086676c37a588d1e6e7577d8588255fd215d4bd1a4253b2
0f6ed3ff3242eb56f5a74ffefe5d380d17aa0d133d5fe35db19fdd0c44667035
0ff60587db45c4b0519cc8b0474d4264ae160f2153702720e2ff776e6fd7442b
13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77
1be37ac5cda9ae63fcb1404b594a1dedb02b7348c76a599c226959186856b5e1
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a
391fa88a0d969feadbccc39716a0546df5c3f821f6ad7c6ca321dbac828dbadf
3dffd2d26bf74e24c88dca59054829070ffc31cc8fc7bc27e64b19dbd1eeaa71
539982e71f45374152c8f7e9d842e21f99335c4bce1798557d4c6018dbde332f
5db7c37a20f97cdafdd1db6aa1e36a51958806e70f3b73022d8dada6c8858ac4
62963f85c44d7144430c1b7a66fbc726d339c79f14313209b32d6c3fa0de50a7
6879c93ab49e4e79ea4286c937326c4fbeef281b7da982e6046cbac4d882fbce
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
85e584d9d1514f7eee3f119de3536bef83af4d7c01e0d908b18d1d8d6b6cf476
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99
9b26809803d6a45f6b997956dbf7267fd834cde7af04dbcf06410084810aeb30
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
b471fa9d131696d86e0c3be1deed0cdaa0c1b9efdd9a39c3d5b511fdd880f061
c22bf545cce353477db6127156bbe5d2bfd00eb843033ac16d11950538ee5d5d
c38b8ed7dbb34d765effeef37cc2c4e22f54cfa34a5fa09e58ac3fdaaa0d8bf7
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
c782d26406eda40c0482b4a29bff482cc06fd1dcb6697f66506a4c722b93747b
cf343e5dc61794fbb62561dd7e4b6664b91b2861c2f6a4f1b0ad362dcdd96c82
d4162dc2055e7aaa1ffbb17aaf27c80b18deeabb669d4e6850541213632b1cb5
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e125512ee45911cb769d20c55905b56b70fbba2238b00a1139809fde81719edd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54c99dbe172f66c4d51b8faf119b9a3f488fdea9aef66620985377179d76fc2
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
f79512c3e906ca2aca448c432af8c879dce8e233cad9a6e8a268cefdb4cc3fb5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8975862948bcbd3029b4e499d40d4ecbfc340c9f3edc0641bfacb5c55240523
fdce483fa083e1844e7ffc637dc6d6902a98aa5d1fa1bca25fef0c35d9a4acdd